Answer-first summary for fast verification
Answer: Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.
The correct answer is D because signed URLs provide a secure way to grant temporary access to private Cloud Storage objects without requiring users to have Google Accounts. This method allows the application to use its own logic to authenticate users before granting access via the signed URL. Options A, B, and C do not meet the requirement of allowing anonymous users to access private content based on application-specific logic without Google Accounts.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can you control access to private images and videos in a Cloud Storage bucket for anonymous users (without Google Accounts) while using application-specific logic in your web application?
A
Cache each web application user's IP address to create a named IP table using Google Cloud Armor. Create a Google Cloud Armor security policy that allows users to access the backend bucket.
B
Grant the Storage Object Viewer IAM role to allUsers. Allow users to access the bucket after authenticating through your web application.
C
Configure Identity-Aware Proxy (IAP) to authenticate users into the web application. Allow users to access the bucket after authenticating through IAP.
D
Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.
No comments yet.