Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Architect All Questions

View all questions & answers for the Professional Cloud Architect exam
Go to Exam

Exam Professional Cloud Architect topic 1 question 53 discussion

Actual exam question from Google's Professional Cloud Architect
Question #: 53
Topic #: 1
[All Professional Cloud Architect Questions]

You are deploying an application on App Engine that needs to integrate with an on-premises database. For security purposes, your on-premises database must not be accessible through the public internet. What should you do?

  • A. Deploy your application on App Engine standard environment and use App Engine firewall rules to limit access to the open on-premises database.
  • B. Deploy your application on App Engine standard environment and use Cloud VPN to limit access to the on-premises database.
  • C. Deploy your application on App Engine flexible environment and use App Engine firewall rules to limit access to the on-premises database.
  • D. Deploy your application on App Engine flexible environment and use Cloud VPN to limit access to the on-premises database.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by KouShikyou at Oct. 9, 2019, 9:20 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
MyPractice
Highly Voted 4 years, 10 months ago
Agree with D - "When to choose the flexible environment" "Accesses the resources or services of your Google Cloud project that reside in the Compute Engine network." https://cloud.google.com/appengine/docs/the-appengine-environments
upvoted 52 times
AWS56
4 years, 10 months ago
Why not B ? https://cloud.google.com/appengine/docs/flexible/python/using-third-party-databases
upvoted 7 times
areza
3 years, 5 months ago
because app engine standard cant connect to on-prem db
upvoted 28 times
VSMu
1 year, 9 months ago
Where does it say appengine cannot connect to on-prem db? With CloudVPN, it shoudl connect as per this https://cloud.google.com/appengine/docs/flexible/storage-options#on_premises Also going with D will require app to be containerized. That is not listed in the requirement.
upvoted 6 times
Cloudcrawler
1 year, 3 months ago
This is the link for Standard Env https://cloud.google.com/appengine/docs/standard/storage-options Both standard and Flexible can connect to a VPC with Serverless VPC connector. Once it connects to a VPC, connecting to onprem is same for any service.
upvoted 4 times
jrisl1991
1 year, 1 month ago
I just had the same confusion. Serverless VPC Connector is something relatively newer than this question on the exam, so probably it's safer to assume that a VPC connection is not supported (at least directly) by App Engine Standard. Besides, this would add extra overhead, and would also increase the costs for the solution. Most of these questions haven't been updated or repurposed according to newer products and services. For this particular question, using a Serverless VPC Connector would add unnecessary complexity and the solution would become more expensive. I swore to god it was B lol, but after a few hours of reading the documentation, I changed my mind and switched to option D. You might want to do the same.
upvoted 4 times
...
...
Load full discussion...
...
...
elaineshi
2 years, 5 months ago
Isn't the question said "not public internet access"?
upvoted 1 times
mnsait
6 months, 1 week ago
Yes, that phrase in the question bothers me too. However, when I check this: https://cloud.google.com/appengine/docs/flexible/storage-options#:~:text=On%20premises,-If%20you%20have&text=Because%20App%20Engine%20and%20Compute,database%20server's%20internal%20IP%20address. it says "If you have existing on-premises databases that you want to make accessible to your App Engine app, you can either configure your internal network and firewall to give the database a public IP address or connect using a VPN." So I think the question should have skipped the words "not public internet access" if they want us to choose VPN.
upvoted 1 times
...
...
haroldbenites
2 years, 11 months ago
In a forum mentions that GCE and CAP flex are designed for connect to VPC . With GAP standard is needed a proxy . https://stackoverflow.com/questions/47537204/how-to-connect-app-engine-and-on-premise-server-through-vpn
upvoted 5 times
...
...
...
jcmoranp
Highly Voted 5 years ago
Right is D: https://stackoverflow.com/questions/37137914/is-it-possible-to-use-google-app-engine-with-google-cloud-vpn
upvoted 18 times
amxexam
2 years, 6 months ago
Question is can we restrict acess with VP N ?
upvoted 5 times
moiradavis
2 years, 4 months ago
The stackoverflow reference if older that the answer (6 years) I think that has changed.
upvoted 1 times
...
...
...
Ekramy_Elnaggar
Most Recent 2 days, 18 hours ago
Selected Answer: D
The flexible environment gives you more control over the networking configuration of your application. This is crucial for setting up a secure connection to your on-premises database.
upvoted 1 times
...
yocixim836
1 week, 3 days ago
Selected Answer: B
https://cloud.google.com/appengine/docs/standard/storage-options#on_premises
upvoted 2 times
...
dpttpd
1 month ago
Selected Answer: B
https://cloud.google.com/appengine/docs/standard/storage-options#on_premises
upvoted 2 times
...
raghupothula
1 month, 4 weeks ago
B and C are not appropriate and wherein in App Engine flex resources reside in VPC NEtwo https://cloud.google.com/appengine/docs/the-appengine-environments#app-engine-environments D
upvoted 1 times
...
maxdanny
2 months, 2 weeks ago
Selected Answer: D
App Engine flexible environment provides more flexibility and supports VPC (Virtual Private Cloud) connectivity, which allows you to set up a Cloud VPN connection. The VPN can be used to securely connect your App Engine application to the on-premises database without exposing it to the public internet.
upvoted 2 times
...
joecloud12
3 months, 2 weeks ago
Selected Answer: B
flexible is more expensive. standard will suffice
upvoted 1 times
...
janji456
3 months, 3 weeks ago
D et up a VPN connection between your on-premises network and Google Cloud. This establishes a secure tunnel for communication. Your App Engine
upvoted 1 times
...
neha_pallod
4 months, 2 weeks ago
Selected Answer: B
right answer is B
upvoted 1 times
...
nhatne
4 months, 3 weeks ago
Selected Answer: D
"your on-premises database must not be accessible through the public internet" => definitely C
upvoted 1 times
nhatne
4 months, 3 weeks ago
sorry was a typo, It's D
upvoted 1 times
Toothpick
3 months, 4 weeks ago
B and D both use public internet, ie, VPN. So B is the easier option as per https://cloud.google.com/appengine/docs/standard/connecting-vpc
upvoted 1 times
...
...
...
gustangelo
5 months, 3 weeks ago
Selected Answer: B
The documentation mentions that App Engine Standard can connect to on-prem database using VPN. Link of the documentation: https://cloud.google.com/appengine/docs/standard/storage-options
upvoted 4 times
...
pico
6 months, 2 weeks ago
Selected Answer: B
now you can use option B
upvoted 3 times
...
valgorodetsky
6 months, 2 weeks ago
Selected Answer: B
you can use a Serverless VPC Connector to connect App Engine Standard Environment to an on-premise resource via Cloud VPN
upvoted 3 times
...
Diwz
7 months, 2 weeks ago
Selected Answer: D
https://cloud.google.com/appengine/docs/flexible/flexible-for-standard-users Standard environment tend to be stateless web applications . Flexi is better for intergrating with on premise database
upvoted 4 times
...
didek1986
10 months ago
Selected Answer: B
It is B
upvoted 3 times
...
Teckexam
10 months ago
Selected Answer: B
B. As per documentation https://cloud.google.com/appengine/docs/flexible/storage-options. Clearly App Engine standard can connect to on prem database.
upvoted 3 times
sidiosidi
6 months, 3 weeks ago
correct, the link is https://cloud.google.com/appengine/docs/standard/connecting-vpc
upvoted 1 times
...
glb2
8 months ago
I believe that above link treats about Flexible env. - even URL contains "flexible" part.
upvoted 2 times
glb2
8 months ago
Ok, for Standard is exactly the same statement.
upvoted 1 times
...
...
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel