PROFESSIONAL-CLOUD-DEVELOPER · Question #135
You are developing an application that will allow clients to download a file from your website for a specific period of time. How should you design the application to complete this task while followin
The correct answer is B. Generate and assign a Cloud Storage-signed URL for the file. Make the URL available for the. Cloud Storage Signed URLs are precisely designed for this use case: they grant time-limited, unauthenticated access to a specific object. The application generates a signed URL with a defined expiration, shares it with the client, and after the expiration the URL is invalid. No G
Question
You are developing an application that will allow clients to download a file from your website for a specific period of time. How should you design the application to complete this task while following Google-recommended best practices?
Options
- AConfigure the application to send the file to the client as an email attachment.
- BGenerate and assign a Cloud Storage-signed URL for the file. Make the URL available for the
- CCreate a temporary Cloud Storage bucket with time expiration specified, and give download
- DGenerate the HTTP cookies with time expiration specified. If the time is valid, copy the file from
How the community answered
(38 responses)- A3% (1)
- B74% (28)
- C16% (6)
- D8% (3)
Explanation
Cloud Storage Signed URLs are precisely designed for this use case: they grant time-limited, unauthenticated access to a specific object. The application generates a signed URL with a defined expiration, shares it with the client, and after the expiration the URL is invalid. No Google account or bucket-level IAM is needed for the end user. Option A (email attachment) is impractical for large files, offers no control over re-sharing, and is not a web download pattern. Option C (temporary bucket with time expiration) is not a real Cloud Storage feature-buckets do not auto-expire-and even if approximated with lifecycle rules, it would affect all objects and require public bucket access. Option D (HTTP cookies) requires custom server-side validation logic and copying files, adding complexity without the built-in expiration enforcement that Signed URLs provide natively.
Topics
Community Discussion
No community discussion yet for this question.