Google Cloud Associate Cloud Engineer — Question 156

Your company has embraced a hybrid cloud strategy where some of the applications are deployed on Google Cloud. A Virtual Private Network (VPN) tunnel connects your Virtual Private Cloud (VPC) in Google Cloud with your company's on-premises network. Multiple applications in Google Cloud need to connect to an on-premises database server, and you want to avoid having to change the IP configuration in all of your applications when the IP of the database changes.
What should you do?

Answer options

• A. Configure Cloud NAT for all subnets of your VPC to be used when egressing from the VM instances.
• B. Create a private zone on Cloud DNS, and configure the applications with the DNS name.
• C. Configure the IP of the database as custom metadata for each instance, and query the metadata server.
• D. Query the Compute Engine internal DNS from the applications to retrieve the IP of the database.

Correct answer: B

Explanation

The correct answer is B because creating a private zone on Cloud DNS allows you to assign a DNS name to the database, ensuring that applications can connect without needing to update IP addresses. Options A, C, and D do not address the need for a stable reference to the database's IP, as they involve either NAT configuration or querying methods that do not provide the same level of flexibility and ease of management.