Google Cloud Professional Cloud DevOps Engineer — Question 152

You are configuring a CI pipeline. The build step for your CI pipeline integration testing requires access to APIs inside your private VPC network. Your security team requires that you do not expose API traffic publicly. You need to implement a solution that minimizes management overhead. What should you do?

Answer options

• A. Use Cloud Build private pools to connect to the private VPC.
• B. Use Spinnaker for Google Cloud to connect to the private VPC.
• C. Use Cloud Build as a pipeline runner. Configure Internal HTTP(S) Load Balancing for API access.
• D. Use Cloud Build as a pipeline runner. Configure External HTTP(S) Load Balancing with a Google Cloud Armor policy for API access.

Correct answer: A

Explanation

The correct answer is A because using Cloud Build private pools allows secure connectivity to the private VPC without exposing traffic. Options B and C either introduce unnecessary complexity or do not meet the requirement of not exposing API traffic publicly. Option D exposes traffic externally, which violates the security team's mandate.