Exam Professional Cloud Architect topic 1 question 27 discussion

A is the one

Let's go with option elimination A. Google Cloud Dedicated Interconnect >> Secured, fast connection, hence the choice. This will allow private connection from GCP to the data centre with a fast connection. Cost is not mentioned in the requirement to eliminate this option. B. Google Cloud VPN connected to the data centre network >> We have to think about data flowing on the internet and the requirement talks about private connect. Also not sure how well you connect VPN with Data Center until you use the hybrid option. https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview hence eliminate C. A NAT and TLS translation gateway installed on-premises >>This is a VM option to reach outside won't for this requirement hence eliminate D. A Google Compute Engine instance with a VPN server installed connected to the data centre network >>This is a slow option hence eliminate Hence A

Google Cloud Dedicated Interconnect provides the necessary performance, reliability, and private connectivity required for your database replication scenario. Therefore, Option A is the best choice.

A - Private Connection to VPC network, and transfer speed of 10 GBPS makes it obvious choice to maintain fast read replicas

Key clue is "Replication requires private address space communication" . Only Google Cloud Dedicated Interconnect has private address. VPN is public, encrypted and slower !!! Another clue is "Large updates are frequent" means you need faster Dedicated interconnect, as VPN will be slower.

1. High Bandwidth and Reliability: Dedicated Interconnect provides a direct physical connection between your on-premises network and Google Cloud, offering high bandwidth and low latency. This is essential for replicating a 4TB database with frequent large updates. 2. Private Address Space: Dedicated Interconnect allows you to extend your private IP address space to Google Cloud, ensuring secure and private communication for database replication. 3. Security: Dedicated Interconnect offers a more secure connection compared to VPN, as traffic doesn't traverse the public internet. Note: Question didn't mention anything about costs, so guys please stop overthinking and focus on the question key words.

Option B Interconnect is incredibly expensive and the usecase do not justify it. Properly configured, a VPN provides similar features. If the question included an inusally high SLA, I will go with Interconnect. If not, VPN is a great option.

I'll go for VPN. First, the database is only for authentication and updates will be on this part, small portion of data needs to be replicated between on-premise and cloud. so no need for high bandwidth. the first migration will needs bandwidth but not toom much (5T) can be migrated using VPN. VPN permits to use private networking and it's secure. VPN not expensive as direct connect. As architect you should also evaluate the cost over the requirement, at the end you need convice business with solution. Paying 5K will kick you out the project for such small requirement.

If you tried to sell me on Interconnect when all I needed was a VPN (meets bandwidth req, private address space, encryption of traffic possible), I would reach out to AWS for a quote...

GoogleVPN throughput is 3Gbps. It supports private IP connection and cheaper than DIrect Connection. Direct connect supports 8 * 10Gbps or 2*100Gbps. But too expensive for this

Connect to private space with high-speed bandwidth will go to A.

B: Dedicated Interconnect would be a major overkill here and a quite expensive one as well. Requirements mention private _address space_, not private connection. Data over VPN is just as secure. Also there is no mention that a Google PoP would be available. https://cloud.google.com/network-connectivity/docs/how-to/choose-product

A is the correct answer

A is great but expensive for just a database DR but what can we do about that

VPN is not private, it is public but encrypted. Also, VPN is not suitable for large updates that happen frequently

without any second thought A is right

A. Google Cloud Dedicated Interconnect - large updates and better security, however may not be the most cost effective choice