Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

GCP Certified Google Cloud Certification > Claud Shell commands-Virtual Networks Module 1.2.5 > Flashcards

Claud Shell commands-Virtual Networks Module 1.2.5 Flashcards

1
Q

create the privatenet

A

gcloud compute networks create privatenet –subnet-mode=custom

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

create the privatesubnet-us subnet

A

gcloud compute networks subnets create privatesubnet-us –network=privatenet –region=Lab region –range=172.16.0.0/24

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

list the available VPC networks

A

gcloud compute networks list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

To list the available VPC subnets (sorted by VPC network)

A

gcloud compute networks subnets list –sort-by=NETWORK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

create the privatenet-allow-icmp-ssh-rdp firewall rule

A

gcloud compute firewall-rules create privatenet-allow-icmp-ssh-rdp –direction=INGRESS –priority=1000 –network=privatenet –action=ALLOW –rules=icmp,tcp:22,tcp:3389 –source-ranges=0.0.0.0/0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

list all the firewall rules

A

gcloud compute firewall-rules list –sort-by=NETWORK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

create the privatenet-us-vm instance

A

gcloud compute instances create privatenet-us-vm –zone=Lab Zone –machine-type=e2-micro –subnet=privatesubnet-us –image-family=debian-11 –image-project=debian-cloud –boot-disk-size=10GB –boot-disk-type=pd-standard –boot-disk-device-name=privatenet-us-vm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

all the VM instances (sorted by zone)

A

gcloud compute instances list –sort-by=ZONE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ssh to vm-internal through IAP tunel

A

gcloud compute ssh vm-internal –zone us-central1-c –tunnel-through-iap.

iap needs to be enabled by firewall
If instance doesn’t have external IP we can’t simple ssh to it from cloud shel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

set the project Id

A

gcloud config set project [projectID]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Copy an image from a public Cloud Storage bucket to your own bucket.

A

gsutil cp gs://cloud-training/gcpnet/private/access.svg gs://$MY_BUCKET

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

cloud bucket get the default access list that’s been assigned to setup.html

A

gsutil acl get gs://$BUCKET_NAME_1/setup.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

cloud bucket set the access list to private

A

gsutil acl set private gs://$BUCKET_NAME_1/setup.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

cloud bucket update the access list to make the file publicly readable

A

gsutil acl ch -u AllUsers:R gs://$BUCKET_NAME_1/setup.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

cloud bucket create boto file for configuring your own encryption keys

A

gsutil config -n

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

cloud bucket add own encryption keys to bucket conf

A

add key generated by

python3 -c ‘import base64; import os; print(base64.encodebytes(os.urandom(32)))’

to boto file and it is used automatically when uploading files to the bucket

17
Q

cloud bucket rewrite a file

A

When a file is encrypted, rewriting the file decrypts it
gsutil rewrite -k gs://$BUCKET_NAME_1/setup.html
Co

18
Q

cloud bucket view cloud lifecycle policy

A

view the current lifecycle policy

19
Q

cloud bucket set lifecycle policy

A

gsutil lifecycle set life.json gs://$BUCKET_NAME_1
Copie

20
Q

cloud bucket view the current versioning status

A

gsutil versioning get gs://$BUCKET_NAME_1

21
Q

cloud bucket enable versioning

A

gsutil versioning set on gs://$BUCKET_NAME_1

22
Q

synchronise a directory to a bucket

A

gsutil rsync -r ./firstlevel

23
Q

authorize the VM to use the Google Cloud API

A

gcloud auth activate-service-account –key-file credentials.json

24
Q

deploy the application to App Engine using yaml file

A

gcloud app deploy app.yaml

25
Q

create a VPC network called vpc-demo

A

gcloud compute networks create vpc-demo –subnet-mode custom

26
Q

create subnet vpc-demo-subnet1 in the region <filled></filled>

A

gcloud compute networks subnets create vpc-demo-subnet1 \
–network vpc-demo –range 10.1.1.0/24 –region “filled at lab start”

27
Q

Create a firewall rule to allow all custom traffic within the network:

A

gcloud compute firewall-rules create vpc-demo-allow-custom \
–network vpc-demo \
–allow tcp:0-65535,udp:0-65535,icmp \
–source-ranges 10.0.0.0/8

28
Q

Create a firewall rule to allow SSH, ICMP traffic from anywhere:

A

gcloud compute firewall-rules create vpc-demo-allow-ssh-icmp \
–network vpc-demo \
–allow tcp:22,icmp

29
Q

Create a VM instance vpc-demo-instance1 in zone <filled></filled>

A

gcloud compute instances create vpc-demo-instance1 –machine-type=e2-medium –zone “filled at lab start” –subnet vpc-demo-subnet1

30
Q

create an HA VPN in the vpc-demo network:

A

gcloud compute vpn-gateways create vpc-demo-vpn-gw1 –network vpc-demo –region “filled at lab start”

31
Q

View details of the vpc-demo-vpn-gw1 gateway to verify its settings:

A

gcloud compute vpn-gateways describe vpc-demo-vpn-gw1 –region “filled at lab start”

32
Q

Create a cloud router in the vpc-demo network

A

gcloud compute routers create vpc-demo-router1 \
–region “filled at lab start” \
–network vpc-demo \
–asn 65001

33
Q

Create the first VPN tunnel in the vpc-demo network:

A

gcloud compute vpn-tunnels create vpc-demo-tunnel0 \
–peer-gcp-gateway on-prem-vpn-gw1 \
–region “filled at lab start” \
–ike-version 2 \
–shared-secret [SHARED_SECRET] \
–router vpc-demo-router1 \
–vpn-gateway vpc-demo-vpn-gw1 \
–interface 0

34
Q

Create the second VPN tunnel in the vpc-demo network

A

gcloud compute vpn-tunnels create vpc-demo-tunnel1 \
–peer-gcp-gateway on-prem-vpn-gw1 \
–region “filled at lab start” \
–ike-version 2 \
–shared-secret [SHARED_SECRET] \
–router vpc-demo-router1 \
–vpn-gateway vpc-demo-vpn-gw1 \
–interface 1

35
Q

Create the router interface for tunnel0 in network vpc-demo

A

gcloud compute routers add-interface vpc-demo-router1 \
–interface-name if-tunnel0-to-on-prem \
–ip-address 169.254.0.1 \
–mask-length 30 \
–vpn-tunnel vpc-demo-tunnel0 \
–region “filled at lab start”

36
Q

Create the BGP peer for tunnel0 in network vpc-demo:

A

gcloud compute routers add-bgp-peer vpc-demo-router1 \
–peer-name bgp-on-prem-tunnel0 \
–interface if-tunnel0-to-on-prem \
–peer-ip-address 169.254.0.2 \
–peer-asn 65002 \
–region “filled at lab start”

37
Q

Allow traffic from network VPC on-prem to vpc-demo:

A

gcloud compute firewall-rules create vpc-demo-allow-subnets-from-on-prem \
–network vpc-demo \
–allow tcp,udp,icmp \
–source-ranges 192.168.1.0/24

38
Q

List the VPN tunnels you just created

A

gcloud compute vpn-tunnels list

39
Q
A

GCP Certified Google Cloud Certification (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions