英文:
Firebase cloud function with access to two different projects
问题
I'm currently developing two different web apps for a university project, using Firebase for hosting, as a database, and Firebase cloud functions for some backend work. I'm using Firebase for the first time, though.
Now, as the cloud function I have does the job for both projects, I do not want to deploy the function in both projects, but instead give the cloud function access to both projects.
Is there any way I can accomplish this?
What I tried so far was deploying the cloud function to project A and then initializing two apps in my cloud function Node.js environment, one with project A's firebaseConfig and one with project B's config. But I keep getting an error (permission denied: missing or insufficient permissions) when I tried to access the Firestore database of Project B. There are no specific rules set for database access as it's still in development, so that can't be the problem.
Can someone help me out?
Best regards!
英文:
I‘m currently developing two different web apps for university project, using Firebase for hosting, as database and Firebase cloud functions for some back-end work. I‘m using Firebase for the first time though.
Now, as the cloud function I have does the job for both projects, I do not want to deploy the function in both projects, but instead give the cloud function access to both projects.
Is there any way I can accomplish this?
What I tried so far was deploying cloud function to project A and there initializing two apps in my cloud function node.js environment, one with project A‘s firebaseConfig and one with project B‘s config. But I keep getting an error (permission denied: missing or insufficient permissions) when I tried to access the Firestore database of Project B. There are no specific rules set for database access as still in development, so that can‘t be the problem.
Can someone help me out?
Best regards!
答案1
得分: 2
给定:
- 项目 A
- 服务帐号 A
- 在服务帐号 A 上下文中运行的 Cloud Function A
- 项目 B
- Firestore B
如果您想让 服务帐号 A 访问 Firestore B,那么您必须授予 服务帐号 A 访问 项目 B 的权限,然后在授予权限后,您必须分配 服务帐号 A 一个角色,赋予它访问 Firestore B 的权限,例如:
- Firebase Admin(如果您想授予它广泛的权限)
- Cloud Datastore User(如果您只需要它读写 Firestore 数据)
如果没有适当的 IAM 权限,无法实现跨项目访问。
英文:
Given:
- Project A
- Service Account A
- Cloud Function A running under the context of Service Account A
- Project B
- Firestore B
If you want to have Service Account A access Firestore B then you must grant Service Account A access to Project B, then after it has been granted access you must assign Service Account A a role that gives it permission to access Firestore B, for example:
- Firebase Admin (if you want to grant it broad permissions)
- Cloud Datastore User (if you only need it to read/write Firestore data)
Without proper IAM permissions in place you cannot have cross-project access.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论