Google Cloud Associate Cloud Engineer — Question 305

You are building an application that processes data files uploaded from thousands of suppliers. Your primary goals for the application are data security and the expiration of aged data. You need to design the application to:
* Restrict access so that suppliers can access only their own data.
* Give suppliers write access to data only for 30 minutes.
* Delete data that is over 45 days old.
You have a very short development cycle, and you need to make sure that the application requires minimal maintenance. Which two strategies should you use?
(Choose two.)

Answer options

• A. Build a lifecycle policy to delete Cloud Storage objects after 45 days.
• B. Use signed URLs to allow suppliers limited time access to store their objects.
• C. Set up an SFTP server for your application, and create a separate user for each supplier.
• D. Build a Cloud function that triggers a timer of 45 days to delete objects that have expired.
• E. Develop a script that loops through all Cloud Storage buckets and deletes any buckets that are older than 45 days.

Correct answer: A, B

Explanation

Answer A is correct because implementing a lifecycle policy in Cloud Storage automates the deletion of objects after 45 days, ensuring minimal maintenance. Answer B is also correct as signed URLs enable suppliers to upload their data for a limited time, fulfilling the requirement for temporary write access. The other options either involve more manual processes or do not efficiently meet the security and maintenance goals set for the application.