You need to enable VPC Service Controls and allow changes to perimeters in existing environments without preventing access to resources. Which VPC Service Controls mode should you use?
Answer is (D).
In dry run mode, requests that violate the perimeter policy are not denied, only logged. Dry run mode is used to test perimeter configuration and to monitor usage of services without preventing access to resources.
https://cloud.google.com/vpc-service-controls/docs/dry-run-mode
Enforced mode is the default mode for service perimeters. When a service perimeter is enforced, requests that violate the perimeter policy, such as requests to restricted services from outside a perimeter, are denied.
Dry run service perimeters are used to test perimeter configuration and to monitor usage of services without preventing access to resources.
Answer : D
"D"
Only two modes for service perimeter (Enforced and Dry Run). So A and B are not applicable. C (enforced) is too strict and doesn't support the use case of still allowing access to resources. Therefore it's "D" (dry run).
https://cloud.google.com/vpc-service-controls/docs/service-perimeters#about-perimeters
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Tabayashi
Highly Voted 2 years agoXoxoo
Most Recent 7 months, 1 week ago[Removed]
9 months, 1 week agobruh_1
1 year agoAzureDP900
1 year, 5 months agoAwesomeGCP
1 year, 6 months agozellck
1 year, 7 months ago