Associate-Cloud-Engineer Practice Exam Questions with Answers Google Cloud Certified - Associate Cloud Engineer Certification

Fill in local SSD. Fill in persistent disk storage and snapshot storage.

Fill in local SSD. Add estimated cost for cluster management.

Select Add GPUs. Fill in persistent disk storage and snapshot storage.

Select Add GPUs. Add estimated cost for cluster management.

Add the support team group to the roles/monitoring.viewer role

Add the support team group to the roles/spanner.databaseUser role.

Add the support team group to the roles/spanner.databaseReader role.

Add the support team group to the roles/stackdriver.accounts.viewer role.

Deploy the new version in the same application and use the --migrate option.

Deploy the new version in the same application and use the --splits option to give a weight of 99 to the current version and a weight of 1 to the new version.

Create a new App Engine application in the same project. Deploy the new version in that application. Use the App Engine library to proxy 1% of the requests to the new version.

Create a new App Engine application in the same project. Deploy the new version in that application. Configure your network load balancer to send 1% of the traffic to that new application.

Create a custom role with view-only project permissions. Add the user's account to the custom role.

Create a custom role with view-only service permissions. Add the user's account to the custom role.

Select the built-in IAM project Viewer role. Add the user's account to this role.

Select the built-in IAM service Viewer role. Add the user's account to this role.

Assign the finance team only the Billing Account User role on the billing account.

Assign the engineering team only the Billing Account User role on the billing account.

Assign the finance team the Billing Account User role on the billing account and the Project Billing Manager role on the organization.

Assign the engineering team the Billing Account User role on the billing account and the Project Billing Manager role on the organization.

Use Google Cloud Directory Sync (GCDS) to synchronize users into Cloud Identity.

Use the cloud Identity APIs and write a script to synchronize users to Cloud Identity.

Export users from Active Directory as a CSV and import them to Cloud Identity via the Admin Console.

Ask each employee to create a Google account using self signup. Require that each employee use their company email address and password.

Attach a public IP to the instances and allow incoming connections from the internet on port 22 for SSH.

Use a third party tool to provide remote access to the instances.

Use the gcloud compute ssh command with the --tunnel-through-iap flag. Allow ingress traffic from the IP range 35.235.240.0/20 on port 22.

Create a bastion host with public internet access. Create the SSH tunnel to the instance through the bastion host.

Create the instance without a public IP address.

Create the instance with Private Google Access enabled.

Create a deny-all egress firewall rule on the VPC network.

Create a route on the VPC to route all traffic to the instance over the VPN tunnel.

Run gcloud auth login, enter your login credentials in the dialog window, and paste the received login token to gcloud CLI.

Create a Google Cloud service account, and download the service account key. Place the key file in a folder on your machine where gcloud CLI can find it.

Download your Cloud Identity user account key. Place the key file in a folder on your machine where gcloud CLI can find it.

Run gcloud config set compute/zone $my_zone to set the default zone for gcloud CLI.

Run gcloud config set project $my_project to set the default project for gcloud CLI.

Instruct the external consultant to use the gcloud compute ssh command line tool by using Identity-Aware Proxy to access the instance.

Instruct the external consultant to use the gcloud compute ssh command line tool by using the public IP address of the instance to access it.

Instruct the external consultant to generate an SSH key pair, and request the public key from the consultant.

Add the public key to the instance yourself, and have the consultant access the instance through SSH with their private key.

Instruct the external consultant to generate an SSH key pair, and request the private key from the consultant.

Add the private key to the instance yourself, and have the consultant access the instance through SSH with their public key.

Use the gcloud CLI services enable cloudresourcemanager.googleapis.com command to enable all resources.

Use the gcloud services enable compute.googleapis.com command to enable Compute Engine and the gcloud services enable storage-api.googleapis.com command to enable the Cloud Storage APIs.

Open the Google Cloud console and enable all Google Cloud APIs from the API dashboard.

Open the Google Cloud console and run gcloud init --project in a Cloud Shell.

Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.

Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.

Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the “compute.osAdminLogin” role to the Google group corresponding to this team.

Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.

Deploy the application lo Cloud. Run. Use gradual rollouts for traffic spelling.

Deploy the application lo Google Kubemetes Engine. Use Anthos Service Mesh for traffic splitting.

Deploy the application to Cloud functions. Saucily the version number in the functions name.

Deploy the application to App Engine. For each new version, create a new service.

1. Create an ingress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.2.0/24)• Protocols: allow all2. Create an ingress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.1.0/24)• Protocols: allow all

1. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #2 service account• Source filter: all instances with tier #1 service account• Protocols: allow TCP:80802. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #3 service account• Source filter: all instances with tier #2 service account• Protocols: allow TCP: 8080

1. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #2 service account• Source filter: all instances with tier #1 service account• Protocols: allow all2. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #3 service account• Source filter: all instances with tier #2 service account• Protocols: allow all

1. Create an egress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.2.0/24)• Protocols: allow TCP: 80802. Create an egress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.1.0/24)• Protocols: allow TCP: 8080

Create a cluster with a single node-pool by using standard VMs. Label the fault-tolerant Deployments as spot-true.

Create a cluster with a single node-pool by using Spot VMs. Label the critical Deployments as spot-false.

Create a cluster with both a Spot W node pool and a rode pool by using standard VMs Deploy the critical.

deployments on the Spot VM node pool and the fault; tolerant deployments on the node pool by using standard VMs.

Create a cluster with both a Spot VM node pool and by using standard VMs. Deploy the critical deployments on the mode pool by using standard VMs and the fault-tolerant deployments on the Spot VM node pool.

Deploy me application on App Engine For each update, create a new version of the same service Configure traffic splitting to send a small percentage of traffic to the new version

Deploy the application on App Engine For each update, create a new service Configure traffic splitting to send a small percentage of traffic to the new service.

Deploy the application on Kubernetes Engine For a new release, update the deployment to use the new version

Deploy the application on Kubernetes Engine For a now release, create a new deployment for the new version Update the service e to use the now deployment.

Set up a low-priority (65534) rule that blocks all egress and a high-priority rule (1000) that allows only the appropriate ports.

Set up a high-priority (1000) rule that pairs both ingress and egress ports.

Set up a high-priority (1000) rule that blocks all egress and a low-priority (65534) rule that allows only the appropriate ports.

Set up a high-priority (1000) rule to allow the appropriate ports.

Upload the image to Cloud Storage and create a Kubernetes Service referencing the image.

Upload the image to Cloud Storage and create a Kubernetes Deployment referencing the image.

Upload the image to Container Registry and create a Kubernetes Service referencing the image.

Upload the image to Container Registry and create a Kubernetes Deployment referencing the image.

Open the Cloud Spanner console to review configurations.

Open the IAM & admin console to review IAM policies for Cloud Spanner roles.

Go to the Stackdriver Monitoring console and review information for Cloud Spanner.

Go to the Stackdriver Logging console, review admin activity logs, and filter them for Cloud Spanner IAM roles.

Create a bash script that contains all requirement steps as gcloud commands

Develop templates for the environment using Cloud Deployment Manager

Use curl in a terminal to send a REST request to the relevant Google API for each individual resource.

Use the Cloud Console interface to provision and manage all related resources

Create a health check on port 443 and use that when creating the Managed Instance Group.

Select Multi-Zone instead of Single-Zone when creating the Managed Instance Group.

In the Instance Template, add the label ‘health-check’.

In the Instance Template, add a startup script that sends a heartbeat to the metadata server.

Meet with the cloud enablement team to discuss load balancer options.

Redesign the application to use a distributed user session service that does not rely on WebSockets and HTTP sessions.

Review the encryption requirements for WebSocket connections with the security team.

Convert the WebSocket code to use HTTP streaming.

Cloud Pub/Sub, Cloud Dataflow, Cloud Datastore, BigQuery

Firebase Messages, Cloud Pub/Sub, Cloud Spanner, BigQuery

Cloud Pub/Sub, Cloud Storage, BigQuery, Cloud Bigtable

Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable, BigQuery

Install a RDP client on your desktop. Verify that a firewall rule for port 3389 exists.

Install a RDP client in your desktop. Set a Windows username and password in the GCP Console. Use the credentials to log in to the instance.

Set a Windows password in the GCP Console. Verify that a firewall rule for port 22 exists. Click the RDP button in the GCP Console and supply the credentials to log in.

Set a Windows username and password in the GCP Console. Verify that a firewall rule for port 3389 exists. Click the RDP button in the GCP Console, and supply the credentials to log in.

Use Binary Authorization and whitelist only the container images used by your customers’ Pods.

Use the Container Analysis API to detect vulnerabilities in the containers used by your customers’ Pods.

Create a GKE node pool with a sandbox type configured to gvisor. Add the parameter runtimeClassName: gvisor to the specification of your customers’ Pods.

Use the cos_containerd image for your GKE nodes. Add a nodeSelector with the value cloud.google.com/gke-os-distribution: cos_containerd to the specification of your customers’ Pods.

Create a Cloud Memorystore for Redis instance with 32-GB capacity.

Run it on Compute Engine, and choose a custom instance type with 6 vCPUs and 32 GB of memory.

Package it in a container image, and run it on Kubernetes Engine, using n1-standard-32 instances as nodes.

Run it on Compute Engine, choose the instance type n1-standard-1, and add an SSD persistent disk of 32 GB.

Use Cloud Bigtable for data storage.

Use Cloud SQL for data storage.

Use Cloud Spanner for data storage.

Use Firestore for data storage.

Create a Service Account in your own project, and grant this Service Account access to BigGuery in your project

Create a Service Account in your own project, and ask the partner to grant this Service Account access to BigQuery in their project

Ask the partner to create a Service Account in their project, and have them give the Service Account access to BigQuery in their project

Ask the partner to create a Service Account in their project, and grant their Service Account access to the BigQuery dataset in your project

• Ensure that the Ops Agent Is Installed on the Compute Engine instance.

• Create a custom metric in the Cloud Monitoring dashboard.

• Provide the security team member with access to this dashboard.

• Ensure that the Ops Agent is installed on tie Compute Engine instance.

• Provide the security team member roles/configure.inventoryViewer permission.

• Ensure that the OS Config agent Is Installed on the Compute Engine instance.

• Provide the security team member roles/configure.vulnerabilityViewer permission.

• Ensure that the OS Config agent is installed on the Compute Engine instance

• Create a log sink Co a BigQuery dataset.

• Provide the security team member with access to this dataset.

The pending Pod's resource requests are too large to fit on a single node of the cluster.

Too many Pods are already running in the cluster, and there are not enough resources left to schedule the pending Pod.

The node pool is configured with a service account that does not have permission to pull the container image used by the pending Pod.

The pending Pod was originally scheduled on a node that has been preempted between the creation of the Deployment and your verification of the Pods’ status. It is currently being rescheduled on a new node.

Deploy a new version of your application in Google Kubernetes Engine instead of App Engine and then use GCP Console to split traffic.

Deploy a new version of your application in a Compute Engine instance instead of App Engine and then use GCP Console to split traffic.

Deploy a new version as a separate app in App Engine. Then configure App Engine using GCP Console to split traffic between the two apps.

Deploy a new version of your application in App Engine. Then go to App Engine settings in GCP Console and split traffic between the current version and newly deployed versions accordingly.

Run gcloud app restore.

On the App Engine page of the GCP Console, select the application that needs to be reverted and click Revert.

On the App Engine Versions page of the GCP Console, route 100% of the traffic to the previous version.

Deploy the original version as a separate application. Then go to App Engine settings and split traffic between applications so that the original version serves 100% of the requests.

Enable Cloud IAP for the Compute Engine instances, and add the operations partner as a Cloud IAP Tunnel User.

Tag all the instances with the same network tag. Create a firewall rule in the VPC to grant TCP access on port 22 for traffic from the operations partner to instances with the network tag.

Set up Cloud VPN between your Google Cloud VPC and the internal network of the operations partner.

Ask the operations partner to generate SSH key pairs, and add the public keys to the VM instances.

Use the BigQuery interface to review the nightly Job and look for any errors

Review the Error Reporting page in the Cloud Console to find any errors.

In Cloud Logging create a filter for your Data Studio report

Use the open source CLI tool. Snapshot Debugger, to find out why the data was not refreshed correctly.

Arrange to switch to Flat-Rate pricing for this query, then move back to on-demand.

Use the command line to run a dry run query to estimate the number of bytes read. Then convert that bytes estimate to dollars using the Pricing Calculator.

Use the command line to run a dry run query to estimate the number of bytes returned. Then convert that bytes estimate to dollars using the Pricing Calculator.

Run a select count (*) to get an idea of how many records your query will look through. Then convert that number of rows to dollars using the Pricing Calculator.

Use labels to group resources that share common IAM policies

Use folders to group resources that share common IAM policies

Set up a proper billing account structure to group IAM policies

Set up a proper project naming structure to group IAM policies

Create a Data Studio dashboard that uses the related BigQuery tables as a source and give the BI team view access to the Data Studio dashboard.

Create a Service Account for the BI team and distribute a new private key to each member of the BI team.

Use Cloud Scheduler to schedule a batch Dataflow job to copy the data from BigQuery to the BI team's internal data warehouse.

Assign the IAM role of BigQuery User to a Google Group that contains the members of the BI team.

Create a Billing account, associate a payment method with it, and provide all project creators with permission to associate that billing account with their projects.

Grant all engineer’s permission to create their own billing accounts for each new project.

Apply for monthly invoiced billing, and have a single invoice tor the project paid by the finance team.

Create a billing account, associate it with a monthly purchase order (PO), and send the PO to Google Cloud.

Enable the Node Auto-Repair feature for your GKE cluster.

Enable the Node Auto-Upgrades feature for your GKE cluster.

Select the latest available cluster version for your GKE cluster.

Select “Container-Optimized OS (cos)” as a node image for your GKE cluster.

Run gcloud iam roles describe roles/spanner.databaseUser. Add the users to the role.

Run gcloud iam roles describe roles/spanner.databaseUser. Add the users to a new group. Add the group to the role.

Run gcloud iam roles describe roles/spanner.viewer --project my-project. Add the users to the role.

Run gcloud iam roles describe roles/spanner.viewer --project my-project. Add the users to a new group. Add the group to the role.

Run gcloud configurations list followed by gcloud configurations activate .

Run gcloud config list followed by gcloud config activate.

Run gcloud config configurations list followed by gcloud config configurations activate.

Re-authenticate with the gcloud auth login command and select the correct configurations on login.

Grant the Project Editor role to the Marketing learn for acme data digest

Create a Project Lien on acme-data digest and then grant the Project Editor role to the Marketing team

Create another protect with the ID acme-marketing-data-digest for the Marketing team and deploy the resources there

Create a new protect named Meeting Data Digest and use the ID acme-data-digest Grant the Project Editor role to the Marketing team.

Create an Instance template with the container image, and deploy a Managed Instance Group with Autoscaling.

Upload Docker images to Artifact Registry, and deploy the application on Google Kubernetes Engine using Standard mode.

Upload Docker images to the Cloud Storage, and deploy the application on Google Kubernetes Engine using Standard mode.

Upload Docker images to Artifact Registry, and deploy the application on Cloud Run.

Add the cluster’s API as a new Type Provider in Deployment Manager, and use the new type to create the DaemonSet.

Use the Deployment Manager Runtime Configurator to create a new Config resource that contains the DaemonSet definition.

With Deployment Manager, create a Compute Engine instance with a startup script that uses kubectl to create the DaemonSet.

In the cluster’s definition in Deployment Manager, add a metadata that has kube-system as key and the DaemonSet manifest as value.

Set the maximum number of instances to 1.

Decrease the maximum number of instances to 3.

Use a TCP health check instead of an HTTP health check.

Increase the initial delay of the HTTP health check to 200 seconds.

Create a Kubernetes Service of type NodePort for your application, and a Kubernetes Ingress to expose this Service via a Cloud Load Balancer.

Create a Kubernetes Service of type ClusterIP for your application. Configure the public DNS name of your application using the IP of this Service.

Create a Kubernetes Service of type NodePort to expose the application on port 443 of each node of the Kubernetes cluster. Configure the public DNS name of your application with the IP of every node of the cluster to achieve load-balancing.

Create a HAProxy pod in the cluster to load-balance the traffic to all the pods of the application. Forward the public traffic to HAProxy with an iptable rule. Configure the DNS name of your application using the public IP of the node HAProxy is running on.

Disable the flag “Delete boot disk when instance is deleted.”

Enable delete protection on the instance.

Disable Automatic restart on the instance.

Enable Preemptibility on the instance.

Create a service account with just the permissions to access files in the bucket. Create a JSON key for the service account. Execute the command gsutil signurl -m 1h gs:///*.

Create a service account with just the permissions to access files in the bucket. Create a JSON key for the service account. Execute the command gsutil signurl -d 1h gs:///**.

Create a service account with just the permissions to access files in the bucket. Create a JSON key for the service account. Execute the command gsutil signurl -p 60m gs:///.

Create a JSON key for the Default Compute Engine Service Account. Execute the command gsutil signurl -t 60m gs:///***

Set autoscaling to On, set the minimum number of instances to 1, and then set the maximum number of instances to 1.

Set autoscaling to Off, set the minimum number of instances to 1, and then set the maximum number of instances to 1.

Set autoscaling to On, set the minimum number of instances to 1, and then set the maximum number of instances to 2.

Set autoscaling to Off, set the minimum number of instances to 1, and then set the maximum number of instances to 2.

Invite the user to transfer their existing account

Invite the user to use an email alias to resolve the conflict

Tell the user that they must delete their existing account

Tell the user to remove all personal email from the existing account

Increase the size of the disk to 1 TB.

Increase the allocated CPU to the instance.

Migrate to use a Local SSD on the instance.

Migrate to use a Regional SSD on the instance.

Add the auditors group to the ‘logging.viewer’ and ‘bigQuery.dataViewer’ predefined IAM roles.

Add the auditors group to two new custom IAM roles.

Add the auditor user accounts to the ‘logging.viewer’ and ‘bigQuery.dataViewer’ predefined IAM roles.

Add the auditor user accounts to two new custom IAM roles.

After the VM has been created, use your Google Account credentials to log in into the VM.

After the VM has been created, use gcloud compute reset-windows-password to retrieve the login credentials for the VM.

When creating the VM, add metadata to the instance using ‘windows-password’ as the key and a password as the value.

After the VM has been created, download the JSON private key for the default Compute Engine service account. Use the credentials in the JSON file to log in to the VM.

Create a Compute Engine snapshot of your base VM. Create your images from that snapshot.

Create a Compute Engine snapshot of your base VM. Create your instances from that snapshot.

Create a custom Compute Engine image from a snapshot. Create your images from that image.

Create a custom Compute Engine image from a snapshot. Create your instances from that image.

HTTPS Load Balancer

Network Load Balancer

SSL Proxy Load Balancer

Internal TCP/UDP Load Balancer. Add a firewall rule allowing ingress traffic from 0.0.0.0/0 on the target instances.

1. Create an IAM entry for each data scientist's user account.2. Assign the BigQuery jobUser role to the group.

1. Create an IAM entry for each data scientist's user account.2. Assign the BigQuery dataViewer user role to the group.

1. Create a dedicated Google group in Cloud Identity.2. Add each data scientist's user account to the group.3. Assign the BigQuery jobUser role to the group.

1. Create a dedicated Google group in Cloud Identity.2. Add each data scientist's user account to the group.3. Assign the BigQuery dataViewer user role to the group.

Create an alert policy to send a notification when the HTTP response latency exceeds the specified threshold.

Implement an App Engine service which invokes the Cloud Monitoring API and sends a notification in case of anomalies.

Use the Cloud Monitoring dashboard to observe latency and take the necessary actions when the response latency exceeds the specified threshold.

Export Cloud Monitoring metrics to BigQuery and use a Looker Studio dashboard to monitor your web applications latency.

Create and deploy a Custom Resource Definition per microservice.

Create and deploy a Docker Compose File.

Create and deploy a Job per microservice.

Create and deploy a Deployment per microservice.

Grant all members of the DevOps team the role of Project Editor on the organization level.

Grant all members of the DevOps team the role of Project Editor on the production project.

Create a custom role that combines the required permissions. Grant the DevOps team the custom role on the production project.

Create a custom role that combines the required permissions. Grant the DevOps team the custom role on the organization level.

• Add a step for human approval to the CI/CD pipeline before the execution of the infrastructure

provisioning.

• Use the human approvals IAM account for the provisioning.

• Attach a single service account to the compute instances.

• Add minimal rights to the service account.

• Allow the service account to impersonate a Cloud Identity user with elevated permissions to create, update, or delete resources.

• Attach a single service account to the compute instances.

• Add all required Identity and Access Management (IAM) permissions to this service account to create, update, or delete resources

• Create multiple service accounts, one for each pipeline with the appropriate minimal Identity and

Access Management (IAM) permissions.

• Use a secret manager service to store the key files of the service accounts.

• Allow the CI/CD pipeline to request the appropriate secrets during the execution of the pipeline.

Add a bucket lifecycle rule that archives data with newer versions after 30 days to Coldline Storage.

Add a bucket lifecycle rule that archives data with newer versions after 30 days to Nearline Storage.

Add a bucket lifecycle rule that archives data from regional storage after 30 days to Coldline Storage.

Add a bucket lifecycle rule that archives data from regional storage after 30 days to Nearline Storage.

Configure an SSL Proxy load balancer in front of the application servers.

Configure an Internal UDP load balancer in front of the application servers.

Configure an External HTTP(s) load balancer in front of the application servers.

Configure an External Network load balancer in front of the application servers.

In Cloud Identity, set up SSO with Google as an identity provider to access custom SAML apps.

In Cloud Identity, set up SSO with a third-party identity provider with Google as a service provider.

Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Mobile & Desktop Apps.

Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Web Server Applications.

Use Cloud SQL database with cross-region replication to store game statistics in the EU, US, and APAC regions.

Use Cloud Spanner to store user data mapped to the game statistics.

Use BigQuery to store game statistics with a Redis on Memorystore instance in the front to provide global consistency.

Store game statistics in a Bigtable database partitioned by username.

Ask the auditor for their Google account, and give them the Viewer role on the project.

Ask the auditor for their Google account, and give them the Security Reviewer role on the project.

Create a temporary account for the auditor in Cloud Identity, and give that account the Viewer role on the project.

Create a temporary account for the auditor in Cloud Identity, and give that account the Security Reviewer role on the project.

Create a Cloud Function to create an instance template.

Create a snapshot schedule for the disk using the desired interval.

Create a cron job to create a new disk from the disk using gcloud.

Create a Cloud Task to create an image and export it to Cloud Storage.

Ask your ML team to add the “accelerator: gpu” annotation to their pod specification.

Recreate all the nodes of the GKE cluster to enable GPUs on all of them.

Create your own Kubernetes cluster on top of Compute Engine with nodes that have GPUs. Dedicate this cluster to your ML team.

Add a new, GPU-enabled, node pool to the GKE cluster. Ask your ML team to add the cloud.google.com/gke -accelerator: nvidia-tesla-p100 nodeSelector to their pod specification.

Grant the basic role roles/viewer and the predefined role roles/compute.admin to the DevOps group.

Create an IAM policy and grant all compute. instanceAdmln." permissions to the policy Attach the policy to the DevOps group.

Create a custom role at the folder level and grant all compute. instanceAdmln. * permissions to the role Grant the custom role to the DevOps group.

Grant the basic role roles/editor to the DevOps group.

Select Cloud SQL (MySQL). Verify that the enable binary logging option is selected.

Select Cloud SQL (MySQL). Select the create failover replicas option.

Select Cloud Spanner. Set up your instance with 2 nodes.

Select Cloud Spanner. Set up your instance as multi-regional.

Use gcloud to create the new project, and then deploy your application to the new project.

Use gcloud to create the new project and to copy the deployed application to the new project.

Create a Deployment Manager configuration file that copies the current App Engine deployment into a new project.

Deploy your application again using gcloud and specify the project parameter with the new project name to create the new project.

Use kubectl app deploy .

Use gcloud app deploy .

Create a docker image from the Dockerfile and upload it to Container Registry. Create a Deployment YAML file to point to that image. Use kubectl to create the deployment with that file.

Create a docker image from the Dockerfile and upload it to Cloud Storage. Create a Deployment YAML file to point to that image. Use kubectl to create the deployment with that file.

When creating the VM, use machine type n1-standard-96.

When creating the VM, use Intel Skylake as the CPU platform.

Create the VM using Compute Engine default settings. Use gcloud to modify the running instance to have 96 vCPUs.

Start the VM using Compute Engine default settings, and adjust as you go based on Rightsizing Recommendations.

Move both projects under the same folder.

Grant the VM Service Account the role Storage Object Creator on corp-aggregate-reports-storage.

Create a Shared VPC network between both projects. Grant the VM Service Account the role Storage Object Creator on corp-iot-insights.

Make corp-aggregate-reports-storage public and create a folder with a pseudo-randomized suffix name. Share the folder with the IoT team.

Configure Cloud Identity-Aware Proxy (or HTTPS resources

Configure Cloud Identity-Aware Proxy for SSH and TCP resources.

Create an SSH keypair and store the public key as a project-wide SSH Key

Create an SSH keypair and store the private key as a project-wide SSH Key

1. Go to the Logs ingestion window in Stackdriver Logging, and disable the log source for the GKE container resource.

1. Go to the Logs ingestion window in Stackdriver Logging, and disable the log source for the GKE Cluster Operations resource.

1. Go to the GKE console, and delete existing clusters.2. Recreate a new cluster.3. Clear the option to enable legacy Stackdriver Logging.

1. Go to the GKE console, and delete existing clusters.2. Recreate a new cluster.3. Clear the option to enable legacy Stackdriver Monitoring.