Create a Data Studio dashboard that uses the related BigQuery tables as a source and give the BI team view access to the Data Studio dashboard.

Create a Service Account for the BI team and distribute a new private key to each member of the BI team.

Use Cloud Scheduler to schedule a batch Dataflow job to copy the data from BigQuery to the BI team's internal data warehouse.

Assign the IAM role of BigQuery User to a Google Group that contains the members of the BI team.

BigQuery

Cloud SQL

Cloud Spanner

Cloud Datastore

For each GCP product in the solution, review the pricing details on the products pricing page. Use the pricing calculator to total the monthly costs for each GCP product.

For each GCP product in the solution, review the pricing details on the products pricing page. Create a Google Sheet that summarizes the expected monthly costs for each product.

Provision the solution on GCP. Leave the solution provisioned for 1 week. Navigate to the Billing Report page in the Google Cloud Platform Console. Multiply the 1 week cost to determine the monthly costs.

Provision the solution on GCP. Leave the solution provisioned for 1 week. Use Stackdriver to determine the provisioned and used resource amounts. Multiply the 1 week cost to determine the monthly costs.

kubectl get deployments –output=pods

gcloud get pods –selector=”app=prod”

kubectl get pods -I “app=prod”

gcloud list gke-deployments -filter={pod }

Expose the application by using an external TCP Network Load Balancer.

Expose the application by using a TCP Proxy Load Balancer.

Expose the application by using an SSL Proxy Load Balancer.

Expose the application by using an internal TCP Network Load Balancer.

Provision preemptible Compute Engine instances.

Provision Compute Engine instances with GPUs attached.

Provision Compute Engine instances with local SSDs attached.

Provision Compute Engine instances with M1 machine type.

Enable Audit Logs for all APIs that are related to data storage.

Review the IAM permissions for any role that allows for data access.

Review the Identity-Aware Proxy settings for each resource.

Create a Data Loss Prevention job.

Grant the financial team the IAM role of ג€Billing Account Userג€ on the billing account linked to your credit card.

Set up BigQuery billing export and grant your financial department IAM access to query the data.

Create a ticket with Google Billing Support to ask them to send the invoice to your company.

Change the billing account of your projects to the billing account of your company.

Perform a rolling-action start-update with maxSurge set to 0 and maxUnavailable set to 1.

Perform a rolling-action start-update with maxSurge set to 1 and maxUnavailable set to 0.

Create a new managed instance group with an updated instance template. Add the group to the backend service for the load balancer. When all instances in the new managed instance group are healthy, delete the old managed instance group.

Create a new instance template with the new application version. Update the existing managed instance group with the new instance template. Delete the instances in the managed instance group to allow the managed instance group to recreate the instance using the new instance template.

Use Google Cloud Directory Sync (GCDS) to synchronize users into Cloud Identity.

Use the cloud Identity APIs and write a script to synchronize users to Cloud Identity.

Export users from Active Directory as a CSV and import them to Cloud Identity via the Admin Console.

Ask each employee to create a Google account using self signup. Require that each employee use their company email address and password.

Configure username and password by using gcloud configure set proxy/username and gcloud configure set proxy/ proxy/password commands.

Encode username and password in sha256 encoding, and save it to a text file. Use filename as a value in the gcloud configure set core/custom_ca_certs_file command.

Provide values for CLOUDSDK_USERNAME and CLOUDSDK_PASSWORD in the gcloud CLI tool configure file.

Set the CLOUDSDK_PROXY_USERNAME and CLOUDSDK_PROXY PASSWORD properties by using environment variables in your command line tool.

Attach a public IP to the instances and allow incoming connections from the internet on port 22 for SSH.

Use a third party tool to provide remote access to the instances.

Use the gcloud compute ssh command with the --tunnel-through-iap flag. Allow ingress traffic from the IP range 35.235.240.0/20 on port 22.

Create a bastion host with public internet access. Create the SSH tunnel to the instance through the bastion host.

Run gcloud configurations list followed by gcloud configurations activate .

Run gcloud config list followed by gcloud config activate.

Run gcloud config configurations list followed by gcloud config configurations activate.

Re-authenticate with the gcloud auth login command and select the correct configurations on login.

Move both projects under the same folder.

Grant the VM Service Account the role Storage Object Creator on corp-aggregate-reports-storage.

Create a Shared VPC network between both projects. Grant the VM Service Account the role Storage Object Creator on corp-iot-insights.

Make corp-aggregate-reports-storage public and create a folder with a pseudo-randomized suffix name. Share the folder with the IoT team.

Cloud SQL

Cloud Spanner

Cloud Firestore

Cloud Datastore

In the Google Cloud console, validate which SSH keys have been stored as project-wide keys.

Navigate to Identity-Aware Proxy and check the permissions for these resources.

Enable Audit logs on the 1AM & admin page for all resources, and validate the results.

Use the gcloud projects get-iam-policy command to view the current role assignments.

Run gcloud projects list to get the project ID, and then run gcloud services list --project .

Run gcloud init to set the current project to my-project, and then run gcloud services list --available.

Run gcloud info to view the account value, and then run gcloud services list --account .

Run gcloud projects describe to verify the project value, and then run gcloud services list --available.

Create a file in Cloud Storage per device and append new data to that file.

Create a file in Cloud Filestore per device and append new data to that file.

Ingest the data into Datastore. Store data in an entity group based on the device.

Ingest the data into Cloud Bigtable. Create a row key based on the event timestamp.

Use Cloud SQL database with cross-region replication to store game statistics in the EU, US, and APAC regions.

Use Cloud Spanner to store user data mapped to the game statistics.

Use BigQuery to store game statistics with a Redis on Memorystore instance in the front to provide global consistency.

Store game statistics in a Bigtable database partitioned by username.

Configure Billing Data Export to BigQuery and visualize the data in Data Studio.

Visit the Cost Table page to get a CSV export and visualize it using Data Studio.

Fill all resources in the Pricing Calculator to get an estimate of the monthly cost.

Use the Reports view in the Cloud Billing Console to view the desired cost information.

Cloud Run for Anthos

Cloud Run

App Engine Standard

Cloud Functions.

Create a Cloud Function to create an instance template.

Create a snapshot schedule for the disk using the desired interval.

Create a cron job to create a new disk from the disk using gcloud.

Create a Cloud Task to create an image and export it to Cloud Storage.

Configure Cloud NAT for all subnets of your VPC to be used when egressing from the VM instances.

Create a private zone on Cloud DNS, and configure the applications with the DNS name.

Configure the IP of the database as custom metadata for each instance, and query the metadata server.

Query the Compute Engine internal DNS from the applications to retrieve the IP of the database.

1. Use nslookup to get the IP address for storage.googleapis.com.2. Negotiate with the security team to be able to give a public IP address to the servers.3. Only allow egress traffic from those servers to the IP addresses for storage.googleapis.com.

1. Using Cloud VPN, create a VPN tunnel to a Virtual Private Cloud (VPC) in Google Cloud Platform (GCP).2. In this VPC, create a Compute Engine instance and install the Squid proxy server on this instance.3. Configure your servers to use that instance as a proxy to access Cloud Storage.

1. Use Migrate for Compute Engine (formerly known as Velostrata) to migrate those servers to Compute Engine.2. Create an internal load balancer (ILB) that uses storage.googleapis.com as backend.3. Configure your new instances to use this ILB as proxy.

1. Using Cloud VPN or Interconnect, create a tunnel to a VPC in GCP.2. Use Cloud Router to create a custom route advertisement for 199.36.153.4/30. Announce that network to your on-premises network through the VPN tunnel.3. In your on-premises network, configure your DNS server to resolve *.googleapis.com as a CNAME to restricted.googleapis.com.

In the Google Cloud console, visualize the costs related to the projects in the Reports section.

In the Google Cloud console, visualize the costs related to the projects in the Cost breakdown section.

In the Google Cloud console, use the export functionality of the Cost table. Create a Looker Studiodashboard on top of the CSV export.

Configure Cloud Billing data export to BigOuery for the billing account. Create a Looker Studio dashboard on top of the BigOuery export.

Set up a budget alert on the project with an amount of 100 dollars, a threshold of 100%, and notification type of “email.”

Set up a budget alert on the billing account with an amount of 100 dollars, a threshold of 100%, and notification type of “email.”

Export the billing data to BigQuery. Create a Cloud Function that uses BigQuery to sum the egress network costs of the exported billing data for the Apache web server for the current month and sends an email if it is over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.

Use the Stackdriver Logging Agent to export the Apache web server logs to Stackdriver Logging. Create a Cloud Function that uses BigQuery to parse the HTTP response log data in Stackdriver for the current month and sends an email if the size of all HTTP responses, multiplied by current GCP egress prices, totals over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.

Deploy your application to a second Cloud Run service, and ask your customers to use the second Cloud Run service.

Ask your customers to retry access to your service with exponential backoff to mitigate any potential problems after the new revision is deployed.

Gradually roll out the new revision and split customer traffic between the revisions to allow rollback in case a problem occurs.

Send all customer traffic to the new revision, and roll back to a previous revision if you witness any problems in production.

Create a signed URL with a four-hour expiration and share the URL with the company.

Set object access to ‘public’ and use object lifecycle management to remove the object after four hours.

Configure the storage bucket as a static website and furnish the object’s URL to the company. Delete the object from the storage bucket after four hours.

Create a new Cloud Storage bucket specifically for the external company to access. Copy the object to that bucket. Delete the bucket after four hours have passed.

Create two configurations using gcloud config. Write a script that sets configurations as active, individually. For each configuration, use gcloud compute instances list to get a list of compute resources.

Create two configurations using gsutil config. Write a script that sets configurations as active, individually. For each configuration, use gsutil compute instances list to get a list of compute resources.

Go to Cloud Shell and export this information to Cloud Storage on a daily basis.

Go to GCP Console and export this information to Cloud SQL on a daily basis.

Rely on live migration to move the workload to a machine with more memory.

Use gcloud to add metadata to the VM. Set the key to required-memory-size and the value to 8 GB.

Stop the VM, change the machine type to n1-standard-8, and start the VM.

Stop the VM, increase the memory to 8 GB, and start the VM.

Use permissions in your role that use the ‘supported’ support level for role permissions. Set the role stage to ALPHA while testing the role permissions.

Use permissions in your role that use the ‘supported’ support level for role permissions. Set the role stage to BETA while testing the role permissions.

Use permissions in your role that use the ‘testing’ support level for role permissions. Set the role stage to ALPHA while testing the role permissions.

Use permissions in your role that use the ‘testing’ support level for role permissions. Set the role stage to BETA while testing the role permissions.

Select Google Kubernetes Engine. Use a single-node cluster with a small instance type.

Select Google Kubernetes Engine. Use a three-node cluster with micro instance types.

Select Compute Engine. Use preemptible VM instances of the appropriate standard machine type.

Select Compute Engine. Use VM instance types that support micro bursting.

Review the Compute Engine activity logs Select and review the Admin Event logs

Review the Compute Engine activity logs Select and review the System Event logs

Install the Cloud Logging Agent In Cloud Logging review the Compute Engine syslog logs

Install the Cloud Logging Agent In Cloud Logging, review the Compute Engine operation logs

gcloud deployment-manager deployments create my-gcp-ace-cluster --config cluster.yaml

gcloud deployment-manager deployments create my-gcp-ace-cluster --type container.v1.cluster --config cluster.yaml

gcloud deployment-manager deployments apply my-gcp-ace-cluster --type container.v1.cluster --config cluster.yaml

gcloud deployment-manager deployments apply my-gcp-ace-cluster --config cluster.yaml

Set autoscaling to On, set the minimum number of instances to 1, and then set the maximum number of instances to 1.

Set autoscaling to Off, set the minimum number of instances to 1, and then set the maximum number of instances to 1.

Set autoscaling to On, set the minimum number of instances to 1, and then set the maximum number of instances to 2.

Set autoscaling to Off, set the minimum number of instances to 1, and then set the maximum number of instances to 2.

Create a Billing account, associate a payment method with it, and provide all project creators with permission to associate that billing account with their projects.

Grant all engineer’s permission to create their own billing accounts for each new project.

Apply for monthly invoiced billing, and have a single invoice tor the project paid by the finance team.

Create a billing account, associate it with a monthly purchase order (PO), and send the PO to Google Cloud.

Create a custom role with view-only project permissions. Add the user's account to the custom role.

Create a custom role with view-only service permissions. Add the user's account to the custom role.

Select the built-in IAM project Viewer role. Add the user's account to this role.

Select the built-in IAM service Viewer role. Add the user's account to this role.

• Navigate to Cloud Mentioning in the Google Cloud console, and create a custom monitoring job for the

Bigtable instance to track all changes.

• Create an alert by using webhook endpoints. with the SIEM endpoint as a receiver

• Navigate to the Audit Logs page in the Google Cloud console, and enable Data Read. Data Write and Admin Read logs for the Bigtable instance

• Create a Pub/Sub topic as a Cloud Logging sink destination, and add your SIEM as a subscriber to the topic.

• Install the Ops Agent on the Bigtable instance during configuration. K

• Create a service account with read permissions for the Bigtable instance.

• Create a custom Dataflow job with this service account to export logs to the company's SIEM system.

• Navigate to the Audit Logs page in the Google Cloud console, and enable Admin Write logs for the

Biglable instance.

• Create a Cloud Functions instance to export logs from Cloud Logging to your SIEM.

Select the MIG from the Compute Engine console and, in the menu, select Replace VMs.

Use the gcloud compute instance-groups managed recreate-instances command to recreate theVM.

Use the gcloud compute instances update command with a REFRESH action for the VM.

Update and apply the instance template of the MIG.

When creating the VM, use machine type n1-standard-96.

When creating the VM, use Intel Skylake as the CPU platform.

Create the VM using Compute Engine default settings. Use gcloud to modify the running instance to have 96 vCPUs.

Start the VM using Compute Engine default settings, and adjust as you go based on Rightsizing Recommendations.

Configure the Horizontal Pod Autoscaler for availability and configure the cluster autoscaler for suggestions.

Configure the Horizontal Pod Autoscaler for availability and configure the Vertical Pod Autoscaler recommendations for suggestions.

Configure the Vertical Pod Autoscaler recommendations for availability and configure the Cluster autoscaler for suggestions.

Configure the Vertical Pod Autoscaler recommendations for availability and configure the Horizontal Pod Autoscaler for suggestions.

Export Cloud Datastore data using gcloud datastore export.

Create a Cloud Datastore index using gcloud datastore indexes create.

Install the google-cloud-sdk-datastore-emulator component using the apt get install command.

Install the cloud-datastore-emulator component using the gcloud components install command.

Use a Deployment Manager script to automate creating storage buckets in an appropriate region

Use a local SSD to improve performance of the VM for the targeted workload

Use the gsutii command to create a storage bucket in the same region as the VM

Use a Persistent Disk SSD in the same zone as the VM to improve performance of the VM

Open the Cloud Spanner console to review configurations.

Open the IAM & admin console to review IAM policies for Cloud Spanner roles.

Go to the Stackdriver Monitoring console and review information for Cloud Spanner.

Go to the Stackdriver Logging console, review admin activity logs, and filter them for Cloud Spanner IAM roles.

Use kubect1 to delete the topic resource.

Use gcloud CLI to delete the topic.

Use kubect1 to create the label deleted-by-cnrm and to change its value to true for the topic resource.

Use gcloud CLI to update the topic label managed-by-cnrm to false.

Run gcloud iam roles list. Review the output section.

Run gcloud iam service-accounts list. Review the output section.

Navigate to the project and then to the IAM section in the GCP Console. Review the members and roles.

Navigate to the project and then to the Roles section in the GCP Console. Review the roles and status.

Assign the auditor the IAM role roles/logging.privateLogViewer. Perform the export of logs to Cloud Storage.

Assign the auditor the IAM role roles/logging.privateLogViewer. Direct the auditor to also review the logs for changes to Cloud IAM policy.

Assign the auditor’s IAM user to a custom role that has logging.privateLogEntries.list

permission. Perform the export of logs to Cloud Storage.

Assign the auditor’s IAM user to a custom role that has logging.privateLogEntries.list

permission. Direct the auditor to also review the logs for changes to Cloud IAM policy.

Enable node auto-provisioning on the GKE cluster.

Create a VerticalPodAutscaler for those workloads.

Create a node pool with preemptible VMs and GPUs attached to those VMs.

Create a node pool of instances with GPUs, and enable autoscaling on this node pool with a minimum size of 1.

Link the acquired company’s projects to your company's billing account.

Configure the acquired company's billing account and your company's billing account to export the billing data into the same BigQuery dataset.

Migrate the acquired company’s projects into your company’s GCP organization. Link the migrated projects to your company's billing account.

Create a new GCP organization and a new billing account. Migrate the acquired company's projects and your company's projects into the new GCP organization and link the projects to the new billing account.

Deployment Manager

Cloud Composer

Managed Instance Group

Unmanaged Instance Group

Migrate the users to Active Directory. Connect the Human Resources system to Active Directory. Turn on Google Cloud Directory Sync (GCDS) for Cloud Identity. Turn on Identity Federation from Cloud Identity to Active Directory.

Organize the users in Cloud Identity into groups. Enforce multi-factor authentication in Cloud Identity.

Turn on identity federation between Cloud Identity and Google Workspace. Enforce multi-factor authentication for domain wide delegation.

Use a third-party identity provider service through federation. Synchronize the users from Google Workplace to the third-party provider in real time.

An internal HTTP(S) load balancer together with Identity-Aware Proxy to allow only HTTPS traffic.

An external HTTP(S) load balancer to distribute the load and a URL map to target the requests for the static content to the Cloud Storage backend. Install the HTTPS certificates on the instance.

An external HTTP(S) load balancer with a managed SSL certificate to distribute the load and a URL map to target the requests for the static content to the Cloud Storage backend.

An external network load balancer pointing to the backend instances to distribute the load evenly. The web servers will forward the request to the Cloud Storage as needed.

Deploy the application on GKE, and add a HorizontalPodAutoscaler to the deployment.

Deploy the application on GKE, and add a VerticalPodAutoscaler to the deployment.

Create a GKE cluster with autoscaling enabled on the node pool. Set a minimum and maximum for the size of the node pool.

Create a separate node pool for each application, and deploy each application to its dedicated node pool.

Create a folder to contain all the dev projects Create an organization policy to limit resources in US locations.

Create an organization to contain all the dev projects. Create an Identity and Access Management (IAM) policy to limit the resources in US regions.

Create an Identity and Access Management

Create an Identity and Access Management (IAM)policy to restrict the resources locations in all dev projects. Apply the policy to all dev roles.

Use gcloud config configurations describe to review the output.

Use gcloud config configurations activate and gcloud config list to review the output.

Use kubectl config get-contexts to review the output.

Use kubectl config use-context and kubectl config view to review the output.

Enable API and then share charts from project A, B, and C.

Enable API and then give the metrics.reader role to projects A, B, and C.

Enable API and then use default dashboards to view all projects in sequence.

Enable API, create a workspace under project A, and then add project B and C.

Modify the minimum number of Cloud Run instances.

Set a minimum concurrent requests environment variable for the application.

Modify the maximum number of Cloud Run instances.

Use traffic splitting.

Using the Cloud SDK, create a new project, enable the Compute Engine API in that project, and then create the instance specifying your new project.

Enable the Compute Engine API in the Cloud Console, use the Cloud SDK to create the instance, and then use the ––project flag to specify a new project.

Using the Cloud SDK, create the new instance, and use the ––project flag to specify the new project.

Answer yes when prompted by Cloud SDK to enable the Compute Engine API.

Enable the Compute Engine API in the Cloud Console. Go to the Compute Engine section of the Console to create a new instance, and look for the Create In A New Project option in the creation form.

Create a cluster with a single node-pool by using standard VMs. Label the fault-tolerant Deployments as spot-true.

Create a cluster with a single node-pool by using Spot VMs. Label the critical Deployments as spot-false.

Create a cluster with both a Spot W node pool and a rode pool by using standard VMs Deploy the critical.

deployments on the Spot VM node pool and the fault; tolerant deployments on the node pool by using standard VMs.

Create a cluster with both a Spot VM node pool and by using standard VMs. Deploy the critical deployments on the mode pool by using standard VMs and the fault-tolerant deployments on the Spot VM node pool.

Disable the flag “Delete boot disk when instance is deleted.”

Enable delete protection on the instance.

Disable Automatic restart on the instance.

Enable Preemptibility on the instance.

1. Create a subnetwork in the same VPC, in europe-west1.2. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint.

1. Create a VPC and a subnetwork in europe-west1.2. Expose the application with an internal load balancer.3. Create the new instance in the new subnetwork and use the load balancer's address as the endpoint.

1. Create a subnetwork in the same VPC, in europe-west1.2. Use Cloud VPN to connect the two subnetworks.3. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint.

1. Create a VPC and a subnetwork in europe-west1.2. Peer the 2 VPCs.3. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint.

Create a cron job that runs on a scheduled basis to review stackdriver monitoring metrics, and then resize the Spanner instance accordingly.

Create a Stackdriver alerting policy to send an alert to oncall SRE emails when Cloud Spanner CPU exceeds the threshold. SREs would scale resources up or down accordingly.

Create a Stackdriver alerting policy to send an alert to Google Cloud Support email when Cloud Spanner CPU exceeds your threshold. Google support would scale resources up or down accordingly.

Create a Stackdriver alerting policy to send an alert to webhook when Cloud Spanner CPU is over or under your threshold. Create a Cloud Function that listens to HTTP and resizes Spanner resources accordingly.

1. Verify that you are assigned the Project Owners IAM role for this project.

2. Locate the project in the GCP console, click Shut down and then enter the project ID.

1. Verify that you are assigned the Project Owners IAM role for this project.

2. Switch to the project in the GCP console, locate the resources and delete them.

1. Verify that you are assigned the Organizational Administrator IAM role for this project.

2. Locate the project in the GCP console, enter the project ID and then click Shut down.

1. Verify that you are assigned the Organizational Administrators IAM role for this project.

2. Switch to the project in the GCP console, locate the resources and delete them.

* Create service accounts sa-app and sa-db.

• Associate service account: sa-app with the application servers and the service account sa-db with the database servers.

• Create an ingress firewall rule to allow network traffic from source service account sa-app to target service account sa-db.

• Create network tags app-server and db-server.

• Add the app-server lag lo the application servers and the db-server lag to the database servers.

• Create an egress firewall rule to allow network traffic from source network tag app-server to target network tag db-server.

* Create a service account sa-app and a network tag db-server.

* Associate the service account sa-app with the application servers and the network tag db-server with

the database servers.

• Create an ingress firewall rule to allow network traffic from source VPC IP addresses and target the subnet-a IP addresses.

• Create a network lag app-server and service account sa-db.

• Add the tag to the application servers and associate the service account with the database servers.

• Create an egress firewall rule to allow network traffic from source network tag app-server to target service account sa-db.

Add the cluster’s API as a new Type Provider in Deployment Manager, and use the new type to create the DaemonSet.

Use the Deployment Manager Runtime Configurator to create a new Config resource that contains the DaemonSet definition.

With Deployment Manager, create a Compute Engine instance with a startup script that uses kubectl to create the DaemonSet.

In the cluster’s definition in Deployment Manager, add a metadata that has kube-system as key and the DaemonSet manifest as value.

Set metadata to enable-oslogin=true for the instance. Grant the dev1 group the compute.osLogin role. Direct them to use the Cloud Shell to ssh to that instance.

Set metadata to enable-oslogin=true for the instance. Set the service account to no service account for that instance. Direct them to use the Cloud Shell to ssh to that instance.

Enable block project wide keys for the instance. Generate an SSH key for each user in the dev1 group. Distribute the keys to dev1 users and direct them to use their third-party tools to connect.

Enable block project wide keys for the instance. Generate an SSH key and associate the key with that instance. Distribute the key to dev1 users and direct them to use their third-party tools to connect.

Develop SQL queries by using Gemini for Google Cloud.

Enable Log Analytics for the log bucket and create a linked dataset in BigQuery.

Create a schema for the storage bucket and run SQL queries for the data in the bucket.

Export logs to a storage bucket and create an external view in BigQuery.

Create an Instance template with the container image, and deploy a Managed Instance Group with Autoscaling.

Upload Docker images to Artifact Registry, and deploy the application on Google Kubernetes Engine using Standard mode.

Upload Docker images to the Cloud Storage, and deploy the application on Google Kubernetes Engine using Standard mode.

Upload Docker images to Artifact Registry, and deploy the application on Cloud Run.

Enable Cloud CDN on the website frontend.

Enable ‘Share publicly’ on the PDF file objects.

Set Content-Type metadata to application/pdf on the PDF file objects.

Add a label to the storage bucket with a key of Content-Type and value of application/pdf.

Enable Cloud IAP for the Compute Engine instances, and add the operations partner as a Cloud IAP Tunnel User.

Tag all the instances with the same network tag. Create a firewall rule in the VPC to grant TCP access on port 22 for traffic from the operations partner to instances with the network tag.

Set up Cloud VPN between your Google Cloud VPC and the internal network of the operations partner.

Ask the operations partner to generate SSH key pairs, and add the public keys to the VM instances.

Change the subnet IP range from 10.0.0.0/20 to 10.0.0.0/22.

Change the subnet IP range from 10.0 0.0/20 to 10.0.0.0718.

Add a secondary IP range 10.1.0.0/20 to the subnet.

Convert the subnet IP range from IPv4 to IPv6

1. Create a consumer Gmail account.

2.Write a script that monitors the CPU usage.

3.When the CPU usage exceeds the threshold, have that script send an email using the Gmail account and smtp.gmail.com on port 25 as SMTP server.

1. Create a Stackdriver Workspace, and associate your Google Cloud Platform (GCP) project with it.

2.Create an Alerting Policy in Stackdriver that uses the threshold as a trigger condition.

3.Configure your email address in the notification channel.

1. Create a Stackdriver Workspace, and associate your GCP project with it.

2.Write a script that monitors the CPU usage and sends it as a custom metric to Stackdriver.

3.Create an uptime check for the instance in Stackdriver.

1. In Stackdriver Logging, create a logs-based metric to extract the CPU usage by using this regular expression: CPU Usage: ([0-9] {1,3}) %

2.In Stackdriver Monitoring, create an Alerting Policy based on this metric.

3.Configure your email address in the notification channel.

Modify the existing subnet range to 172.16.20.0/24.

Create a new Secondary IP Range in the VPC and configure the VMs to use that range.

Create a new VPC network for the VMs. Enable VPC Peering between the VMs’ VPC network and the Dataproc cluster VPC network.

Create a new VPC network for the VMs with a subnet of 172.32.0.0/16. Enable VPC network Peering between the Dataproc VPC network and the VMs VPC network. Configure a custom Route exchange.

Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.

Use the gcloud compute ssh command.

Create a key with the ssh-keygen command. Then use the gcloud compute ssh command.

Create a key with the ssh-keygen command. Upload the key to the instance. Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.

1. In GKE, create a Service of type LoadBalancer that uses the application's Pods as backend.2. Set the service's externalTrafficPolicy to Cluster.3. Configure the Compute Engine instance to use the address of the load balancer that has been created.

1. In GKE, create a Service of type NodePort that uses the application's Pods as backend.2. Create a Compute Engine instance called proxy with 2 network interfaces, one in each VPC.3. Use iptables on this instance to forward traffic from gce-network to the GKE nodes.4. Configure the Compute Engine instance to use the address of proxy in gce-network as endpoint.

1. In GKE, create a Service of type LoadBalancer that uses the application's Pods as backend.2. Add an annotation to this service: cloud.google.com/load-balancer-type: Internal3. Peer the two VPCs together.4. Configure the Compute Engine instance to use the address of the load balancer that has been created.

1. In GKE, create a Service of type LoadBalancer that uses the application's Pods as backend.2. Add a Cloud Armor Security Policy to the load balancer that whitelists the internal IPs of the MIG's instances.3. Configure the Compute Engine instance to use the address of the load balancer that has been created.

Create a new project and create an App Engine instance in europe-west3

Use the gcloud app region set command and supply the name of the new region.

From the console, under the App Engine page, click edit, and change the region drop-down.

Contact Google Cloud Support and request the change.

Change the default region property setting in the existing GCP project to asia-northeast1.

Change the region property setting in the existing App Engine application from us-central to asia-northeast1.

Create a second App Engine application in the existing GCP project and specify asia-northeast1 as the region to serve your application.

Create a new GCP project and create an App Engine application inside this new project. Specify asia-northeast1 as the region to serve your application.

Use the Google Cloud Pricing Calculator to determine the cost of every Google Cloud resource you expect to use. Use similar size instances for the web server, and use your current on-premises machines as a comparison for Cloud SQL.

Implement a similar architecture on Google Cloud, and run a reasonable load test on a smaller scale. Check the billing information, and calculate the estimated costs based on the real load your system usually handles.

Use the Google Cloud Pricing Calculator and select the Cloud Operations template to define your web application with as much detail as possible.

Create a Google spreadsheet with multiple Google Cloud resource combinations. On a separate sheet, import the current Google Cloud prices and use these prices for the calculations within formulas.

Deploy me application on App Engine For each update, create a new version of the same service Configure traffic splitting to send a small percentage of traffic to the new version

Deploy the application on App Engine For each update, create a new service Configure traffic splitting to send a small percentage of traffic to the new service.

Deploy the application on Kubernetes Engine For a new release, update the deployment to use the new version

Deploy the application on Kubernetes Engine For a now release, create a new deployment for the new version Update the service e to use the now deployment.

Write a script that runs gsutil Is -| – gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Schedule the script with cron.

Write a lifecycle management rule in JSON and push it to the bucket with gsutil lifecycle set config-json-file.

Write a lifecycle management rule in XML and push it to the bucket with gsutil lifecycle set config-xml-file.

Write a script that runs gsutil Is -Ir gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Repeat this process every morning.

Verify that both projects are in a GCP Organization. Create a new VPC and add all instances.

Verify that both projects are in a GCP Organization. Share the VPC from one project and request that the Compute Engine instances in the other project use this shared VPC.

Verify that you are the Project Administrator of both projects. Create two new VPCs and add all instances.

Verify that you are the Project Administrator of both projects. Create a new VPC and add all instances.

Grant all members of the DevOps team the role of Project Editor on the organization level.

Grant all members of the DevOps team the role of Project Editor on the production project.

Create a custom role that combines the required permissions. Grant the DevOps team the custom role on the production project.

Create a custom role that combines the required permissions. Grant the DevOps team the custom role on the organization level.