Enabling App Engine Communication with On-Premises Database |
Question
Your company has a support ticketing solution that uses App Engine Standard.
The project that contains the App Engine application already has a Virtual Private Cloud (VPC) network fully connected to the company's on-premises environment through a Cloud VPN tunnel.
You want to enable the App Engine application to communicate with a database that is running in the company's on-premises environment.
What should you do?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
To enable an App Engine application to communicate with a database that is running in the company's on-premises environment, you can use private networking options available in Google Cloud Platform (GCP). The most appropriate solution depends on your specific requirements and constraints. Let's examine the options presented:
A. Configure private Google access for on-premises hosts only. Private Google Access provides private, internal access to Google Cloud services such as Cloud Storage, Cloud SQL, and BigQuery from your VPC network. This option is useful when you have VM instances running in your VPC network that need to access Google Cloud services, but do not have an external IP address. However, this option doesn't enable access from the App Engine application to the on-premises database.
B. Configure private Google access. This option allows VM instances in a VPC network to communicate with Google APIs and services using internal IP addresses rather than public IP addresses. However, similar to option A, this option doesn't enable access from the App Engine application to the on-premises database.
C. Configure private services access. Private services access provides private access from a VPC network to a Google API or a Google service endpoint. With Private services access, you can create an endpoint in your VPC network that points to a Google service. You can then configure your application to use this endpoint rather than the public endpoint. This option would enable the App Engine application to communicate with the database running in the company's on-premises environment through the Cloud VPN tunnel.
D. Configure serverless VPC access. Serverless VPC Access allows resources in an App Engine flexible environment to communicate with resources in a VPC network using internal IP addresses. However, this option is not applicable to an App Engine standard environment.
Therefore, the most appropriate option to enable the App Engine application to communicate with the database running in the company's on-premises environment is C. Configure private services access.
