部署到 Firebase 托管需要哪些 IAM 角色?
What IAM roles are needed for deploying to Firebase Hosting?
我正在尝试授权第三方在我设置的项目上部署到 Firebase 托管。我探索了 GCP 控制台中可用的 IAM 权限,唯一半相关的角色似乎是 Firebase Rules System,但它不允许用户部署到托管。虽然 Project Editor 可能会起作用,但我不想给他们那么大的权限,因为他们可以以我的费用推出其他 Firebase 产品。
我应该添加哪些 IAM 角色以允许用户部署到 Firebase 托管?
更新 (2018-11-12):Firebase 似乎在其 2018 年 10 月 28 日发布的版本中添加了更精细的权限设置:
The Firebase console now offers predefined Firebase roles. These new roles enable more granular access than the primitive Owner/Editor/Viewer roles. To edit member access for your project, visit the Firebase console Users and permissions page. For more information on roles, see Manage project access with Firebase IAM.
深入挖掘,我发现了这些与托管相关的 IAM 条目:https://firebase.google.com/docs/projects/iam/permissions#hosting
原回答:
我询问了 Firebase 支持,以下是他们的回复:
To be able to deploy hosting app your developer must be either an
Owner or Editor. So in your case, lowest privilege that you can give
is Editor because currently role-based access restriction for Static
Hosting is unavailable. We're aware that many developers, such as
yourself, would like more extensive and granular control for
permissions. We're exploring potential solutions, but I can't share
any details or timelines at this time.
Keep an eye out on our release notes for any further updates.
我正在尝试授权第三方在我设置的项目上部署到 Firebase 托管。我探索了 GCP 控制台中可用的 IAM 权限,唯一半相关的角色似乎是 Firebase Rules System,但它不允许用户部署到托管。虽然 Project Editor 可能会起作用,但我不想给他们那么大的权限,因为他们可以以我的费用推出其他 Firebase 产品。
我应该添加哪些 IAM 角色以允许用户部署到 Firebase 托管?
更新 (2018-11-12):Firebase 似乎在其 2018 年 10 月 28 日发布的版本中添加了更精细的权限设置:
The Firebase console now offers predefined Firebase roles. These new roles enable more granular access than the primitive Owner/Editor/Viewer roles. To edit member access for your project, visit the Firebase console Users and permissions page. For more information on roles, see Manage project access with Firebase IAM.
深入挖掘,我发现了这些与托管相关的 IAM 条目:https://firebase.google.com/docs/projects/iam/permissions#hosting
原回答:
我询问了 Firebase 支持,以下是他们的回复:
To be able to deploy hosting app your developer must be either an Owner or Editor. So in your case, lowest privilege that you can give is Editor because currently role-based access restriction for Static Hosting is unavailable. We're aware that many developers, such as yourself, would like more extensive and granular control for permissions. We're exploring potential solutions, but I can't share any details or timelines at this time.
Keep an eye out on our release notes for any further updates.