Your organization is implementing a new security policy to control how firewall rules are applied to control flows between virtual machines (VMs). Using Google-recommended practices, you need to set up a firewall rule to enforce strict control of traffic between VM A and VM B. You must ensure that communications flow only from VM A to VM B within the VPC, and no other communication paths are allowed. No other firewall rules exist in the VPC. Which firewall rule should you configure to allow only this communication path?
A. Firewall rule direction: ingress
Action: allow –
Target: VM B service account –
Source ranges: VM A service account
Priority: 1000
B. Firewall rule direction: ingress
Action: allow –
Target: specific VM B tag –
Source ranges: VM A tag and VM A source IP address
Priority: 1000
C. Firewall rule direction: ingress
Action: allow –
Target: VM A service account –
Source ranges: VM B service account and VM B source IP address
Priority: 100
D. Firewall rule direction: ingress
Action: allow –
Target: specific VM A tag –
Source ranges: VM B tag and VM B source IP address
Priority: 100
Answer
A