Google Cloud Professional Cloud Network Engineer — Question 109

You are the network administrator responsible for hybrid connectivity at your organization. Your developer team wants to use Cloud SQL in the us-west1 region in your Shared VPC. You configured a Dedicated Interconnect connection and a Cloud Router in us-west1, and the connectivity between your Shared VPC and on-premises data center is working as expected. You just created the private services access connection required for Cloud SQL using the reserved IP address range and default settings. However, your developers cannot access the Cloud SQL instance from on-premises. You want to resolve the issue. What should you do?

Answer options

• A. 1. Modify the VPC Network Peering connection used for Cloud SQL, and enable the import and export of routes. 2. Create a custom route advertisement in your Cloud Router to advertise the Cloud SQL IP address range.
• B. 1. Change the VPC routing mode to global. 2. Create a custom route advertisement in your Cloud Router to advertise the Cloud SQL IP address range.
• C. 1. Create an additional Cloud Router in us-west2. 2. Create a new Border Gateway Protocol (BGP) peering connection to your on-premises data center. 3. Modify the VPC Network Peering connection used for Cloud SQL, and enable the import and export of routes.
• D. 1. Change the VPC routing mode to global. 2. Modify the VPC Network Peering connection used for Cloud SQL, and enable the import and export of routes.

Correct answer: A

Explanation

The correct answer is A because modifying the VPC Network Peering connection to enable route import and export allows the necessary routing for Cloud SQL, while creating a custom route advertisement ensures the Cloud SQL IP address range is properly communicated. The other options either include unnecessary steps, such as changing the routing mode, or suggest actions that do not directly address the connectivity issue to Cloud SQL.