Answer-first summary for fast verification
Answer: Create a signed URL with a four-hour expiration and share the URL with the company.
The correct answer is A. Creating a signed URL with a specific expiration time (in this case, four hours) is the most secure and efficient method to share the object in the Cloud Storage bucket with an external company that does not have a Google account. Signed URLs give time-limited access to the specified Cloud Storage resource, ensuring that the external company can access the object only for the duration you specify. After the four-hour period, the signed URL will expire, and the external company will no longer have access to the content. This method requires fewer steps and is more secure compared to making the object public, configuring the storage bucket as a static website, or creating a new Cloud Storage bucket for this purpose.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As a Google Associate Cloud Engineer, you need to share an object in a Cloud Storage bucket that contains sensitive data with an external company. The company does not possess a Google account, thus preventing you from granting user-specific access privileges. Moreover, it is crucial that access to this content is automatically revoked after four hours. Identify the most secure method that accomplishes this with the minimum number of steps. What should you do?
A
Create a signed URL with a four-hour expiration and share the URL with the company.
B
Set object access to 'public' and use object lifecycle management to remove the object after four hours.
C
Configure the storage bucket as a static website and furnish the object's URL to the company. Delete the object from the storage bucket after four hours.
D
Create a new Cloud Storage bucket specifically for the external company to access. Copy the object to that bucket. Delete the bucket after four hours have passed.
No comments yet.