Google Cloud Professional Cloud Architect — Question 239

Your company has an application running on App Engine that allows users to upload music files and share them with other people. You want to allow users to upload files directly into Cloud Storage from their browser session. The payload should not be passed through the backend. What should you do?

Answer options

• A. 1. Set a CORS configuration in the target Cloud Storage bucket where the base URL of the App Engine application is an allowed origin. 2. Use the Cloud Storage Signed URL feature to generate a POST URL.
• B. 1. Set a CORS configuration in the target Cloud Storage bucket where the base URL of the App Engine application is an allowed origin. 2. Assign the Cloud Storage WRITER role to users who upload files.
• C. 1. Use the Cloud Storage Signed URL feature to generate a POST URL. 2. Use App Engine default credentials to sign requests against Cloud Storage.
• D. 1. Assign the Cloud Storage WRITER role to users who upload files. 2. Use App Engine default credentials to sign requests against Cloud Storage.

Correct answer: A

Explanation

Option A is correct because it outlines the necessary steps to allow users to upload files directly to Cloud Storage using a signed URL while ensuring proper CORS configuration. Option B incorrectly suggests assigning the WRITER role, which is unnecessary for direct uploads via signed URLs. Options C and D do not address the CORS requirement, which is critical for browser-based uploads.