Permissions are granted to your project members via
roles
.
A role is a collection of
permissions
. When you assign a role to a
project member, you grant that project member all the permissions that the role
contains.
Firebase IAM supports the following types of roles:
Basic roles
:
Fundamental
Owner
,
Editor
, and
Viewer
roles (formerly called
"primitive" roles).
Predefined roles
:
Curated Firebase-specific roles that enable more granular access control than
the basic roles. Firebase offers:
Firebase-level roles
:
Roles which grant full read/write or read-only access to
all
the
Firebase products.
Product-category roles
:
Roles which grant full read/write or read-only access to groups of
products. They are structured around Google Analytics and general
product categories.
Product-level roles
:
Roles which grant full read/write or read-only access to
specific
Firebase products.
Custom roles
: Fully customized
roles that you create to tailor a set of permissions that meet the specific
requirements of your organization.
Manage project members and their roles
View project members and their roles
You can view many of your project members and their roles in the
Users and permissions
tab
of
settings
>
Project settings
in the
Firebase console. Note the following:
- The Firebase console only lists project members assigned a
basic role
(Owner, Editor,
Viewer) or a
Firebase predefined role
.
The project members listed in this tab are the only project members who have
access to the Firebase project in the Firebase console.
- The Firebase console does not list project members that are service
accounts. View these project members in the
IAM
page
of the Google Cloud console.
Alternatively, you can view
all
of your project members and their roles in the
IAM
page
of the Google Cloud console.
Assign a role to a project member
To manage the role(s) assigned to each project member, you must be an Owner of the Firebase
project (or be assigned a role with the permission
resourcemanager.projects.setIamPolicy
).
Here are the places where you can assign and manage roles:
If the Owner of your project can no longer perform the tasks of an Owner (for example, the person
left your company) and your project isn't managed via a Google Cloud organization (see next
paragraph), you can
contact Firebase Support
to have a temporary Owner assigned.
Note that if a Firebase project is part of a Google Cloud organization, it may not have an Owner.
If you're unable to find an Owner for your Firebase project, contact the person who manages your
Google Cloud organization to assign an Owner for the project.