Google cloud load balancer dynamically adding backend buckets

Question

Goal: For example, users could create courses which has resources such as images, videos etc. I want to restrict access to them using signed cookies. i.e. resources on /courses/1 will only be accessible to logged-in users who have a valid signed cookie.

Background I'll be creating a bucket of media files per course based on https://cloud.google.com/storage/docs/access-control#recommended_bucket_architecture.

Where I am stuck

• How to add backend buckets to the load balancer dynamically since I could only add them in the console
• How to use the same signing key for all buckets for easy maintenance https://cloud.google.com/cdn/docs/using-signed-cookies#creatingkeys. It seems like I need to manually create a key for each bucket.

So is there a standard way to do these or am I thinking about this whole architecture wrong since this won't scale without automation?

Answer 1

You will be limited to 50 path rules as mentioned in the Quotas, limited to 50 courses. I hope you expect more than this!!

So, this pattern isn't suitable for your use case. You need to use the same bucket and to control access with a backend app. And then to generated SignedUrl for the resources requested by the users