Your company has an application running on App Engine that allows users to upload music files and share them with other people. You want to allow users to upload files directly into Cloud Storage from their browser session. The payload should not be passed through the backend. What should you do?
Choose an answer
Tap an option to check your answer.
Correct answer: Set a CORS configuration in the target Cloud Storage bucket where the base URL of the App Engine application is an allowed origin. 2. Use the Cloud Storage Signed URL feature to generate a POST URL..
Why this is the answer
The correct option enables direct browser uploads to Cloud Storage without proxying through the App Engine backend. A Signed URL grants temporary, limited permission to a specific Cloud Storage resource, allowing a user to upload directly without needing full Cloud Storage writer permissions. This is crucial for security and scalability. CORS (Cross-Origin Resource Sharing) configuration on the bucket is necessary because the upload request originates from a different domain (the App Engine application) than the Cloud Storage bucket, preventing browser security restrictions. Assigning the Cloud Storage WRITER role to users is insecure as it grants broad, permanent access. Using App Engine default credentials to sign requests is not applicable for direct browser uploads; the browser needs a pre-signed URL to interact directly with Cloud Storage.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed