Your company offers a popular gaming service. Your instances are deployed with private IP addresses, and external access is granted through a global load balancer. You have recently engaged a traffic-scrubbing service and want to restrict your origin to allow connections only from the traffic-scrubbing service. What should you do? 

Answer options:

A. Create a Cloud Armor Security Policy that blocks all traffic except for the traffic-scrubbing service. 
B. Create a VPC Firewall rule that blocks all traffic except for the traffic-scrubbing service. 
C. Create a VPC Service Control Perimeter that blocks all traffic except for the traffic-scrubbing service.
D. Create IPTables firewall rules that block all traffic except for the traffic-scrubbing service.

B