Exam Professional Cloud Architect topic 11 question 7 discussion

It's B. B must be done. For a health check on http (port 80) you don't need to configure nothing in the server (it makes a get o something similar).

Correct answer is B https://cloud.google.com/monitoring/uptime-checks/using-uptime-checks#monitoring_uptime_check_list_ips-console

D. Configure their legacy web servers to allow requests that contain the User-Agent HTTP header when the value matches GoogleStackdriverMonitoring-UptimeChecks (https://cloud.google.com/monitoring). Here's why: Google Cloud Monitoring uptime checks use a specific User-Agent (GoogleStackdriverMonitoring-UptimeChecks) to make health checks on services. If the legacy web servers are not configured to accept these requests or block certain User-Agent headers, they will reject the checks, causing them to be reported as unhealthy. By configuring the legacy web servers to allow traffic from uptime checks that include the proper User-Agent header, Dress4Win ensures that the uptime check traffic can reach the services, allowing Google Monitoring to report accurate health status.

D. Not B. “legacy”. So not in console.

Option D suggests configuring legacy web servers to allow requests with the specific User-Agent header. While this might seem appropriate, it's unnecessary and potentially risky. Modifying the servers' configuration introduces additional steps and potential security implications. Since the uptime checks are already reaching the web servers, the key is ensuring the load balancer doesn't interfere with them, not modifying the servers themselves.

IMPORTANT: Dress4Win is not anymore part of the officially listed case studies: https://cloud.google.com/certification/guides/professional-cloud-architect

It would be missing firewall rule that would be causing problem

B: If the resource you are checking isn't publicly available, you must configure the resource's firewall to permit incoming traffic from the uptime-check servers. See List uptime-check server IP addresses to download a list of the IP addresses.

It's B. Read: https://cloud.google.com/monitoring/uptime-checks

I don't understand why everyone's saying it's B. The question talks about "legacy services". They are not on GCP, are they? So setting up inbound rules on a firewall in GCP will have no effect.

I think B is ok, "Your use of uptime checks is affected by any firewalls protecting your service." from https://cloud.google.com/monitoring/uptime-checks

vote B

hey guys new Qs posted as of July 12th, 2021, All 21 new Qs in Question #152

B) (if the answer talk about firewall of legacy services ant not firewall on GCP) and D) are valid solutions. I prefer D) because with B) you have to modify firewall rules once per quarter as Ips can change (https://cloud.google.com/monitoring/uptime-checks/using-uptime-checks#get-ips).

B. In the Cloud Platform Console download the list of the uptime servers' IP addresses and create an inbound firewall rule

Answer is B

Answer is B