Topic 9 Question 39
If you do not grant a user named Bob permission to access a Cloud Storage bucket, but then use an ACL to grant access to an object inside that bucket to Bob, what will happen?
Bob will be able to access all of the objects inside the bucket because he was granted access to at least one object in the bucket.
Bob will be able to access the object because bucket and object ACLs are independent of each other.
Bob will not be able to access the object because he does not have access to the bucket.
It is not possible to grant access to an object when it is inside a bucket for which a user does not have access.
解説
Bucket and object ACLs are independent of each other, which means that the ACLs on a bucket do not affect the ACLs on objects inside that bucket. It is possible for a user without permissions for a bucket to have permissions for an object inside the bucket. For example, you can create a bucket such that only GroupA is granted permission to list the objects in the bucket, but then upload an object into that bucket that allows GroupB READ access to the object. GroupB will be able to read the object, but will not be able to view the contents of the bucket or perform bucket-related tasks. Reference: https://cloud.google.com/storage/docs/best-practices#security
コメント(3)
B is absolutely right
👍 7Ziegler2020/06/06B is correct, ACL enables you to control access at object level.
👍 2nitinrawat2020/09/07B is correct
👍 2AshokC2020/09/23
シャッフルモード