TerramEarth manufactures heavy equipment for the mining and agricultural industries.
They currently have over 500 dealers and service centers in 100 countries.
Their mission is to build products that make their customers more productive.
Solution concept - There are 2 million TerramEarth vehicles in operation currently, and we see 20% yearly growth.
Vehicles collect telemetry data from many sensors during operation.
A small subset of critical data is transmitted from the vehicles in real time to facilitate fleet management.
The rest of the sensor data is collected, compressed, and uploaded daily when the vehicles return to home base.
Each vehicle usually generates 200 to 500 megabytes of data per day.
Existing technical environment - TerramEarth's vehicle data aggregation and analysis infrastructure resides in Google Cloud and serves clients from all around the world.
A growing amount of sensor data is captured from their two main manufacturing plants and sent to private data centers that contain their legacy inventory and logistics management systems.
The private data centers have multiple network interconnects configured to Google Cloud.
The web frontend for dealers and customers is running in Google Cloud and allows access to stock management and analytics.
Business requirements - Predict and detect vehicle malfunction and rapidly ship parts to dealerships for just-in-time repair where possible.
Decrease cloud operational costs and adapt to seasonality.
Increase speed and reliability of development workflow.
Allow remote developers to be productive without compromising code or data security.
Create a flexible and scalable platform for developers to create custom API services for dealers and partners.
Technical requirements - Create a new abstraction layer for HTTP API access to their legacy systems to enable a gradual move into the cloud without disrupting operations.
Modernize all CI/CD pipelines to allow developers to deploy container-based workloads in highly scalable environments.
Allow developers to run experiments without compromising security and governance requirements.
Create a self-service portal for internal and partner developers to create new projects, request resources for data analytics jobs, and centrally manage access to the API endpoints.
Use cloud-native solutions for keys and secrets management and optimize for identity-based access.
Improve and standardize tools necessary for application and network monitoring and troubleshooting.
Executive statement - Our competitive advantage has always been our focus on the customer, with our ability to provide excellent customer service and minimize vehicle downtimes.
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.B.
The given question mentions the scenario of TerramEarth, which manufactures heavy equipment for mining and agricultural industries. The company has over 500 dealers and service centers in 100 countries. The company has 2 million vehicles in operation currently, which generates a considerable amount of telemetry data. A subset of critical data is transmitted in real-time, while the rest of the data is collected, compressed, and uploaded daily. The company's technical environment resides in Google Cloud, and they want to modernize their CI/CD pipelines, create a flexible and scalable platform for developers, and decrease cloud operational costs.
The business requirements mentioned in the question are as follows:
The technical requirements mentioned in the question are as follows:
Based on the given scenario and requirements, the correct answer is (B) Make func_query Require authentication. Create a unique service account and associate it with func_display. Grant the service account invoker role for func_query. Create an id token in func_display and include the token to the request when invoking func_query.
This answer aligns with the technical requirements of allowing developers to run experiments without compromising security and governance requirements, creating a self-service portal, and optimizing identity-based access.
Explanation of each option:
A. Create a token and pass it in as an environment variable to func_display. When invoking func_query, include the token in the request. Pass the same token to func_query and reject the invocation if the tokens are different. This option does not address the technical requirements of modernizing CI/CD pipelines, creating a self-service portal, and using cloud-native solutions for keys and secrets management.
B. Make func_query Require authentication. Create a unique service account and associate it with func_display. Grant the service account invoker role for func_query. Create an id token in func_display and include the token to the request when invoking func_query. This option aligns with the technical requirements mentioned in the question, allowing developers to run experiments without compromising security and governance requirements, creating a self-service portal, and optimizing identity-based access.
C. Make func_query Require authentication and only accept internal traffic. Create those two functions in the same VP. This option only addresses the technical requirement of allowing func_query to only accept internal traffic. It does not address the other technical requirements mentioned in the question.
D. Create an ingress firewall rule for func_query to only allow traffic from func_display. This option only addresses network security and does not address the technical requirements of modernizing CI/CD pipelines, creating a self-service portal, and using cloud-native solutions for keys and secrets management.
E. Create those two functions in the same project and VP. This option only addresses the organizational structure and does not address the technical requirements mentioned in the question.
F. Make func_query only accept internal traffic. Create an ingress