Achieving Secure Resource Access between VPCs in GCP

Secure Resource Access between VPCs in GCP

Q: Your company is working with a partner to provide a solution for a customer.Both your company and the partner organization are using GCP.There are applications in the partner's network that need access to some resources in your company's VPC.There is no CIDR overlap between the VPCs.Which two solutions can you implement to achieve the desired results without compromising the security? (Choose two.)

Cloud VPNDedicated Interconnect

Prev Question Next Question

Question

Your company is working with a partner to provide a solution for a customer.

Both your company and the partner organization are using GCP.

There are applications in the partner's network that need access to some resources in your company's VPC.

There is no CIDR overlap between the VPCs.

Which two solutions can you implement to achieve the desired results without compromising the security? (Choose two.)

Answers

A. VPC peering

B. Shared VPC

C. Cloud VPN

D. Dedicated Interconnect

E. Cloud NAT.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

CD.

https://cloud.google.com/vpc/docs/vpc

Sure, I can explain the two solutions that can be implemented to achieve the desired results without compromising security:

VPC Peering: VPC peering is a networking feature that enables communication between two VPCs in the same region or across different regions connected via the Google Cloud Platform (GCP) network. VPC peering allows two VPC networks to communicate with each other privately using internal IP addresses, without exposing traffic to the public internet. This solution can be used when there is no overlapping CIDR ranges between the VPCs, and you want to establish a private connection between them.

In this case, VPC peering can be set up between your company's VPC and the partner's VPC to allow access to resources in your company's VPC. The traffic between the two VPCs will remain private and secure, and there will be no need for a gateway or a VPN. However, it's essential to note that VPC peering does not allow transitive peering, meaning if there are multiple VPCs that need to communicate with each other, each VPC must establish a peering connection with every other VPC.

Shared VPC: Shared VPC is another networking solution that allows multiple projects in a GCP organization to share a common VPC. Shared VPC allows resources from one project to access resources in another project's VPC, without compromising security. The shared VPC is owned and managed by a host project that can grant access to other projects to use the same VPC.

In this case, a shared VPC can be set up between your company's VPC and the partner's VPC, allowing applications in the partner's network to access resources in your company's VPC securely. This solution is useful when both parties require a high level of control over their respective resources but need to share resources between them. Additionally, shared VPC allows for central management of network resources, making it easier to implement policies and maintain network security.

In summary, VPC peering and Shared VPC are two solutions that can be implemented to achieve the desired results without compromising security, depending on the requirements and the level of control each party requires over their resources.

Prev Question Next Question