Embedded Files
Use a token that provides clients with restricted direct access to a specific resource, in order to offload data transfer from the application. This is particularly useful in applications that use cloud-hosted storage systems or queues, and can minimize cost and maximize scalability and performance.
When to use this pattern?
To minimize resource loading and maximize performance and scalability.
To minimize operational cost.
When clients regularly upload or download data
When the application has limited compute resources available
When the data is stored in a remote data store or a different data center.
When NOT to use this pattern?
If the application must perform some task on the data before it's stored or before it's sent to the client.
If the design of an existing application makes it difficult to incorporate the pattern.
If it's necessary to maintain audit trails or control the number of times a data transfer operation is executed
If it's necessary to limit the size of the data, especially during upload operations.
Considerations
Manage the validity status and period of the key.
Control the level of access the key will provide.
Consider how to control users’ behaviour Validate, and optionally sanitize, all uploaded data.
Audit all operations.
Deliver the key securely.
Protect sensitive data in transit.
Google Sites
Report abuse