ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Developer All Questions

View all questions & answers for the Professional Cloud Developer exam
Go to Exam

Exam Professional Cloud Developer topic 1 question 210 discussion

Actual exam question from Google's Professional Cloud Developer
Question #: 210
Topic #: 1
[All Professional Cloud Developer Questions]

You are developing a web application that contains private images and videos stored in a Cloud Storage bucket. Your users are anonymous and do not have Google Accounts. You want to use your application-specific logic to control access to the images and videos. How should you configure access?

  • A. Cache each web application user's IP address to create a named IP table using Google Cloud Armor. Create a Google Cloud Armor security policy that allows users to access the backend bucket.
  • B. Grant the Storage Object Viewer IAM role to allUsers. Allow users to access the bucket after authenticating through your web application.
  • C. Configure Identity-Aware Proxy (IAP) to authenticate users into the web application. Allow users to access the bucket after authenticating through IAP.
  • D. Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by TNT87 at Dec. 4, 2022, 11:26 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
__rajan__
9 months, 4 weeks ago
Selected Answer: D
D is correct.
upvoted 1 times
...
purushi
11 months, 2 weeks ago
Selected Answer: D
The key here is "application-specific logic to control access to the images and videos". Signed Url with Read only permission with limited access time is the right choice.
upvoted 1 times
...
hiromi
1 year ago
Selected Answer: D
D is ok https://cloud.google.com/storage/docs/access-control/signed-urls#should-you-use
upvoted 1 times
...
zellck
1 year, 7 months ago
Selected Answer: D
D is the answer. https://cloud.google.com/storage/docs/access-control/signed-urls#should-you-use In some scenarios, you might not want to require your users to have a Google account in order to access Cloud Storage, but you still want to control access using your application-specific logic. The typical way to address this use case is to provide a signed URL to a user, which gives the user read, write, or delete access to that resource for a limited time. You specify an expiration time when you create the signed URL. Anyone who knows the URL can access the resource until the expiration time for the URL is reached or the key used to sign the URL is rotated.
upvoted 2 times
...
TNT87
1 year, 7 months ago
Selected Answer: D
https://cloud.google.com/storage/docs/access-control/signed-urls#should-you-use
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel