Learn best practices for designing a secure Google Cloud network architecture for a 3-tier ecommerce application. Ensure strong security boundaries, isolation, and least privilege access for third-party vendors using VPCs, VPC peering, and Identity-Aware Proxy (IAP).
Table of Contents
Question
You work for an ecommerce company that stores sensitive customer data across multiple Google Cloud regions. The development team has built a new 3-tier application to process orders and must integrate the application into the production environment.
You must design the network architecture to ensure strong security boundaries and isolation for the new application, facilitate secure remote maintenance by authorized third-party vendors, and follow the principle of least privilege. What should you do?
A. Create separate VPC networks for each tier. Use VPC peering between application tiers and other required VPCs. Provide vendors with SSH keys and root access only to the instances within the VPC for maintenance purposes.
B. Create a single VPC network and create different subnets for each tier. Create a new Google project specifically for the third-party vendors and grant the network admin role to the vendors. Deploy a VPN appliance and rely on the vendors’ configurations to secure third-party access.
C. Create separate VPC networks for each tier. Use VPC peering between application tiers and other required VPCs. Enable Identity-Aware Proxy (IAP) for remote access to management resources, limiting access to authorized vendors.
D. Create a single VPC network and create different subnets for each tier. Create a new Google project specifically for the third-party vendors. Grant the vendors ownership of that project and the ability to modify the Shared VPC configuration.
Answer
C. Create separate VPC networks for each tier. Use VPC peering between application tiers and other required VPCs. Enable Identity-Aware Proxy (IAP) for remote access to management resources, limiting access to authorized vendors.
Explanation
- Creating separate VPC networks for each application tier provides strong security boundaries and isolation. This ensures that if one tier is compromised, the breach is contained within that VPC and doesn’t spread to other tiers.
- Using VPC peering allows the application tiers to securely communicate with each other and with other required VPCs, such as those for shared services or management. VPC peering keeps traffic private and doesn’t require traffic to traverse the public internet.
- Enabling Identity-Aware Proxy (IAP) for remote access to management resources is a secure way to facilitate remote maintenance by authorized third-party vendors. IAP allows you to control access to resources based on user identity and group membership, ensuring that only authorized vendors can access the necessary resources. This follows the principle of least privilege.
- Options A and B are incorrect because they don’t follow the principle of least privilege. Providing vendors with SSH keys and root access (Option A) or making them network admins (Option B) gives them too much access. Option D is incorrect because granting vendors project ownership and the ability to modify Shared VPC configurations also violates least privilege.
In summary, creating separate VPCs for each tier, using VPC peering for inter-tier and inter-VPC communication, and enabling IAP for secure, least privilege vendor access is the best approach for designing a secure network architecture for the 3-tier ecommerce application on Google Cloud.
Google Professional Cloud Security Engineer certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Google Professional Cloud Security Engineer exam and earn Google Professional Cloud Security Engineer certification.