Function Store
  • Home
  • Getting started
    • Introduction
    • Installing a function
    • Reconfiguring a function
    • Uninstalling a function
    • FAQs
  • Reference
    • Requirements
      • Assign Roles
        • User permissions
      • Link a Billing account to your project
      • Enable the APIs
    • Projects
      • How to add a project
      • How to set up a project
    • Functions
      • Benefits
      • Use cases
      • Authentication when installing
      • Runtime configuration
      • Deploying with a ZIP file
    • Policies
      • How to add a Policy
      • How to remove a Policy
    • Authentication
      • Users
      • Roles
      • Permissions
    • Secrets
      • Creating a Secret
      • Using a Secret
      • Changing the value for a Secret
      • Deactivating a Secret
  • developers
    • Overview
    • Getting Started
    • Set up
    • Workspaces
      • Create a workspace
      • Workspace boilerplate
      • Node engines
    • Writing Functions
      • Function Anatomy
      • Configuration file
      • Function Triggers
      • Environment Variables
        • Type "text"
        • Type "number"
        • Type "email"
        • Type "url"
        • Type "json"
        • Type "boolean"
        • Type "select"
        • Type "multiselect"
        • Type "firestoreDocumentPath"
        • Type "firestoreCollectionPath"
        • Type "color"
      • Documentation
    • Push/Update your functions in the cloud
    • Continuous Integration
    • Publish functions in the Marketplace
    • Emulators
      • Initialize emulators in your workspace
      • Environment variables
      • Starting emulators
      • Testing your functions in the emulator
      • Importing existing data into local emulators
        • Exporting data from Cloud Firestore to local emulator
        • Exporting user accounts from Firebase to local emulator
    • Visual Studio Code Extension
      • Installing the extension
      • Extension UI
      • Functions list
      • Creating and editing functions
      • Emulators
      • Extension settings
      • Troubleshooting
        • "Command not found" error when executing a command
  • Billing
    • Understanding Billing
  • Security
    • Security
  • Resources
    • Events and Triggers
    • Best Practices
      • How to log events in functions?
    • Document your Functions
    • Editorial guidelines
    • Our Processes
      • Use Cases Analysis
  • Use cases
    • Custom Stripe Checkout
Powered by GitBook
On this page
  • Overview
  • Roles that you need to assign

Was this helpful?

  1. Reference
  2. Requirements

Assign Roles

Assign roles to your service account.

PreviousRequirementsNextUser permissions

Last updated 3 years ago

Was this helpful?

Overview

When an identity calls a Google Cloud Platform API, Cloud Identity and Access Management (IAM) requires that the identity has the appropriate permissions to use the resource. You can grant permissions by granting roles to a user, a group, or a service account. In this case, you need to assign roles to your service account associated with a project to start installing and managing functions in Function Store.

Roles that you need to assign

A role is a group of permissions that can be assigned to principals. These principals can be individuals, service accounts, or Google Groups. Creation of roles and assigning permissions to the roles can be done from the .

The roles you need to assign to your service account are:

  • Cloud Function Admin: Full access to functions, operations and locations.

  • Firebase Authentication Admin: Full read/write access to Firebase Authentication resources.

  • Secret Manager Admin: Full access to administer Secret Manager resources.

  • Service Account User: Run operations as the service account.

  • Service Usage Admin: Ability to enable, disable, and inspect service states, inspect operations, and consume quota and billing for a consumer project.

These roles bundle one or more permissions. Check them in the next section.

👇
Google Cloud Platform (GCP) console