Firebase云函数具有访问两个不同项目的权限。

huangapple go评论62阅读模式
英文:

Firebase cloud function with access to two different projects

问题

I'm currently developing two different web apps for a university project, using Firebase for hosting, as a database, and Firebase cloud functions for some backend work. I'm using Firebase for the first time, though.

Now, as the cloud function I have does the job for both projects, I do not want to deploy the function in both projects, but instead give the cloud function access to both projects.

Is there any way I can accomplish this?
What I tried so far was deploying the cloud function to project A and then initializing two apps in my cloud function Node.js environment, one with project A's firebaseConfig and one with project B's config. But I keep getting an error (permission denied: missing or insufficient permissions) when I tried to access the Firestore database of Project B. There are no specific rules set for database access as it's still in development, so that can't be the problem.
Can someone help me out?

Best regards!

英文:

I‘m currently developing two different web apps for university project, using Firebase for hosting, as database and Firebase cloud functions for some back-end work. I‘m using Firebase for the first time though.

Now, as the cloud function I have does the job for both projects, I do not want to deploy the function in both projects, but instead give the cloud function access to both projects.

Is there any way I can accomplish this?
What I tried so far was deploying cloud function to project A and there initializing two apps in my cloud function node.js environment, one with project A‘s firebaseConfig and one with project B‘s config. But I keep getting an error (permission denied: missing or insufficient permissions) when I tried to access the Firestore database of Project B. There are no specific rules set for database access as still in development, so that can‘t be the problem.
Can someone help me out?

Best regards!

答案1

得分: 2

给定:

  • 项目 A
    • 服务帐号 A
    • 在服务帐号 A 上下文中运行的 Cloud Function A
  • 项目 B
    • Firestore B

如果您想让 服务帐号 A 访问 Firestore B,那么您必须授予 服务帐号 A 访问 项目 B 的权限,然后在授予权限后,您必须分配 服务帐号 A 一个角色,赋予它访问 Firestore B 的权限,例如:

如果没有适当的 IAM 权限,无法实现跨项目访问。

英文:

Given:

  • Project A
    • Service Account A
    • Cloud Function A running under the context of Service Account A
  • Project B
    • Firestore B

If you want to have Service Account A access Firestore B then you must grant Service Account A access to Project B, then after it has been granted access you must assign Service Account A a role that gives it permission to access Firestore B, for example:

Without proper IAM permissions in place you cannot have cross-project access.

huangapple
  • 本文由 发表于 2023年4月11日 00:46:31
  • 转载请务必保留本文链接:https://go.coder-hub.com/75978960.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定