0

I have a blaze account on firestore. I'm trying to create a new firestore database and get this message: "To manage Cloud Firestore, ask a project owner for the necessary permissions"

My roles:

  • Cloud Storage for Firebase Admin,
  • Firebase Admin
  • Firebase Analytics Admin
  • Firebase Develop Admin
  • Firebase Rules System

What else should I have?

I'm attaching to 2 images:

firestore page

IAM - my roles

Thank you, Geanni

geanni Barbulescu
  • 5
  • 2
  • I don't get your point here. What's the issue you're experiencing? Is your rule not working? Could you please give us more details, or maybe post your rule? – Gregorio Palamà Oct 27 '21 at 20:38
  • I added 2 images with the error on firestore and the IAM rules. The problem is that I don't have the option to create the database, I see a message asking to have additional permissions. – geanni Barbulescu Oct 27 '21 at 20:46

2 Answers2

0

As documented here, you need the follow role:

Firebase Develop Admin - roles/firebase.developAdmin
Gregorio Palamà
  • 1,965
  • 2
  • 17
  • 22
  • Right, I already see have this role, but still get the error this is my problem. Please look on the image attached to the initial question. – geanni Barbulescu Oct 27 '21 at 21:24
0

The roles you've listed give you read/write access to the various Firebase services, but not the ability to add and remove them entirely from a project - that permission comes from Google Cloud itself.

The basic IAM roles define an Owner role that contains the needed permissions, but this is probably not what you are looking for.

At a more fine-tuned level, you should be able to use roles/datastore.owner to grant the ability to provision a Firestore database (Firestore is a layer on top of Datastore). That should be all you would need, but you might also need to consider roles/appengine.appAdmin too.

Relevant links:

samthecodingman
  • 23,122
  • 4
  • 30
  • 54