GCP Professional Cloud Architect Practice Question
Your company is expanding its Google Cloud deployment to several regions. Each product team will keep its own project, but leadership wants to enforce a single RFC 1918 address space that allows private IP communication between virtual machines in any region, with centralized control of all firewall rules and routes. You must also avoid approaching the current hard cap on the number of VPC Network Peering links per network. Which design best meets these requirements?
Create a separate VPC in each region inside a single project and interconnect them with Cloud VPN tunnels configured for dynamic routing.
Give every product team its own auto-mode VPC and connect the VPCs with VPC Network Peering so that all internal subnets are reachable.
Create one custom-mode VPC in a dedicated host project, add regional subnets for every needed region, and attach each product team's project as a service project using Shared VPC.
Provision one custom-mode VPC per team project and connect them to a central hub VPC through Dedicated Cloud Interconnect attachments.
A single custom-mode Shared VPC hosted in a central project meets all stated goals. Because a VPC network is a global resource, subnets created in multiple regions share one private address space, and instances in those subnets can reach each other over Google's private backbone using internal IPs. Attaching the product teams' projects as service projects places their resources in the shared network while letting them keep separate billing and IAM boundaries. Central admins manage routes and firewall rules in the host project. This architecture uses no VPC peering links, so it cannot hit the peering-link quota.
The other options either create independent VPCs that must be interconnected with VPC Network Peering or Cloud VPN/Interconnect, adding operational overhead and consuming peering links or tunnel/quota, and they do not provide a single centrally managed network.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Shared VPC in Google Cloud?
Open an interactive chat with Bash
How does Google’s private backbone support regional communication in a Shared VPC?
Open an interactive chat with Bash
What is the advantage of avoiding VPC Network Peering links?
Open an interactive chat with Bash
What is a Shared VPC?
Open an interactive chat with Bash
How does RFC 1918 address space work in a Google Cloud VPC?
Open an interactive chat with Bash
What happens when you hit the VPC peering quota in Google Cloud?
Open an interactive chat with Bash
GCP Professional Cloud Architect
Designing and planning a cloud solution architecture
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .