I’m using Google cloud storage with direct access and parse-server-gcs-adapter and am trying to figure out the easiest way to not use public read permissions on all files. Proxying everything through the server is not a good solution for us since direct access is a necessity due to various benefits of GCS, and drawbacks of proxying.
However, with direct access and the gcs file adapter everything has to be public and the files in the bucket directly accessible, which is a problem for us.
We don’t need ACL or fine-grained control so I’m leaning towards implementing signed URLs directly in the file adapter since that should be a simple solution with adequate security for our use case.
Before I start implementing a solution I just wanted to check if there’s anything we missed that supports our use case already? If not, I’ll go ahead and extend the file adapter and try to do a pull request so others can benefit as well.