User permissions
Assign permissions to your user.
In GCP, you don't directly grant users permissions. Instead, you grant them roles. These are the permissions associated with the roles that you granted to use Function Store and a brief description of what they do:
Permission
Description
cloudfunctions.functions.create
Create new functions.
cloudfunctions.functions.delete
Delete functions.
cloudfunctions.functions.setIamPolicy
Update IAM policies associated with a function.
cloudfunctions.functions.update
Update existing functions.
cloudfunctions.functions.list
List functions.
cloudfunctions.functions.get
View functions, excluding IAM policies.
serviceusage.services.get
Returns the service configuration and enabled state for a given service.
serviceusage.services.enable
Enable a service so that it can be used with a project.
resourcemanager.projects.get
Grant permissions to retrieve Firebase project information.
firebaseauth.users.get
Retrieve a list of existing Authentication users.
firebaseauth.users.update
Update existing users in Authentication.
iam.serviceAccounts.actAs
Permission to impersonate a service account in order to attach that service account to a resource.
Note that for HTTPS functions, you need to set up the cloudfunctions.functions.setIamPolicy to invoke the function.
Once you've granted these permissions by assigning roles to your service account, it's time to link a billing account. In the next section, we'll guide you through the process👇.
Last updated