79158311

Date: 2024-11-05 08:55:46
Score: 0.5
Natty:
Report link

Just to improve on @slushy answer, you can specify the service account you want to use in your 2nd generation cloud functions with setGlobalOptions:

// index.ts

import { onRequest } from "firebase-functions/v2/https";
import { initializeApp } from "firebase-admin/app";
import { setGlobalOptions } from "firebase-functions/v2";

initializeApp({ });

setGlobalOptions({
  serviceAccount: "chosen-service-account@PROJECT_ID.iam.gserviceaccount.com",
});


exports.myCustomFunction = onRequest(
  { cors: true },
  async (req: Request, res: Response) => {
     // Operations through the Admin SDK will be using the specified service account
  })

This allows you to target a more restrictive service account regarding account permissions, therefore improving your app security.

Check out more on firebase service accounts and the related google cloud permissions.

Reasons:
  • Long answer (-0.5):
  • Has code block (-0.5):
  • User mentioned (1): @slushy
  • Low reputation (0.5):
Posted by: Santironhacker