Your company is migrating to Google Cloud. You currently manage all employee identities in an on-premises Microsoft Active Directory (AD). You want to use these existing identities to manage access to GCP resources without requiring users to remember a new set of passwords.

Which TWO actions should you take to achieve this? (Select TWO)

Create a Cloud Identity domain to represent your organization in Google Cloud.

Export users from Active Directory to a CSV file and upload it to Cloud IAM.

Use Google Cloud Directory Sync (GCDS) to synchronize users and groups from AD to Cloud Identity.

Configure Identity-Aware Proxy (IAP) to connect directly to your on-premises Active Directory.

Create a VPC peering connection between your on-premises network and Google Cloud to share IAM policies.