I'd like to integrate the Cloudflare R2 (object storage) with my Firebase project.
Normally you would use Firebase Storage but since Google Cloud has some insanely high egress fees, I'd prefer to use Cloudflare R2 as a storage option.
Do you know if Firebase/Google allows such an integration? And if so, how could it be done?
Further, is it possible to use the Cloudflare CDN instead of the Firebase CDN?
I've tried to achieve said integration but so far, I'm kinda clueless.
Firebase Storage and Cloudflare R2 are totally different services and there's nothing like an integration. Firebase security rules work only for Firebase storage and if you use R2, you'll have to update your application as per their data access system.
You would ideally be storing files in either of the 1 places so hat integration are you looking for? You are also charged for number of operations performed so do consider that pricing as well instead of just bandwidth.
Additionally, if your application will be serving a lot of files, consider using Cloud CDN (if using Firebase Storage) that'll significantly reduce egress charges.
Related
Hi short important question:
Like much people I want to use the Load Balancing + Cloud CDN + Cloud Armor stack. Because yeah, CDN and anti DDOS is important. Load Balancing too.
Cloud Storage is supported by Load Balancing of course. But now the question is: Is Firebase Storage supported too (i think yes because it's basically the same, but Firebase Storage has important features like security rules, are they supported too)? Especially: Will the security rules still work? Because Firebase Storage is built on top of Cloud Storage. I have fear that Load Balancing points to the Cloud Storage Bucket instead of the Firebase Storage skin; and therefore the security rules won't work anymore of course.
Thanks in advance!
Second question: When it comes to uploading, is it possible to set up Load Balancing in this process too? I want that e.g Indian users upload their data to an indian bucket instead of an US bucket.
I have to build an API using Firebase, and need some help with design choices. I want to be able to sell the API to users, who can then use it to build/integrate their own applications. Users will have both read and write privileges.
General information:
I'm using Firestore db with email & password authentication.
Only specifically assigned users may use the API
Each user may only access specific documents concerning them.
I've noticed 3 different ways in which an API can be provided to a user of my Firestore db:
https triggered cloud functions (https://firebase.google.com/docs/functions/http-events)
Using the SDK (https://firebase.google.com/docs/firestore/client/libraries)
Using the REST API provided by Firbase (https://firebase.google.com/docs/firestore/use-rest-api)
API requirements:
Used only by users that I specifically grant access to (email & password login)
I want to limit these users to only a couple of read/write tasks that they're able to perform.
It needs to be safe.
My current approach is:
Use the 3rd option - the REST API provided by Firebase (thereby giving users the projectId and API key)
Add authorised users to the list of authorised accounts on Firbase, and limit access using custom claims and database rules.
My questions:
It seems that https functions (option 1) are normally used in API building. Are options 2 and 3 unsafe?
What are the normal use cases of the 3 options? When should each be used and when should each be avoided?
Are there any obvious flaws in my choice of option 3?
Any other useful information about making these design decisions will be much appreciated.
Thank you in advance
TL;DL: It depends on what you want to do with this API and how many and what type of devices/users will be calling it.
Before answering your questions I will list below the advantages of each approach:
Cloud Functions:
Cloud Function is a Functions as a Service Solution, so it's also a hosting service for your API, therefore you won't have to provision, manage, or upgrade servers and the API will automatically scale based on the load. Also this option takes into account the pros of SDKs and client libraries, since your code will have to use it to connect to Firestore anyway.
SDKs and client libraries:
This is the easiest and more optimized way to reach Firestore, however, environments where running a native library is not possible such as IOT devices will be left out of your solution, so consider this while implementing this option.
Cloud Firestore REST API:
Every device properly authorized to access Firestore will be able to do so.
NOTE: For both SDK and REST API you will need to consider hosting of your API, either on Cloud Functions, as mentioned, App Engine Standard, App Engine Flex or a Compute Engine Server Instance.
All that being said, it's up to you and your API's usage and requirements to say which option is best considering the points above.
As per security, I'd say that all option can be secure if firebase rules and firebase auth are set correctly.
I use Google's Firebase Storage through the Java Admin API to store files in a Spring Boot application. For security reasons, I create a separate storage bucket for each customer organization. Since I blow away my test environment frequently, I delete and create these storage buckets often. I'm looking for help to get these buckets quicker into Firebase.
Here's what I currently do:
My Spring Boot application creates a bucket with the Google Cloud Storage libraries per the Firebase Storage documentation.
I add the Google Cloud Storage buckets to Firebase by importing them in the Firebase Storage web console. I can import multiple buckets at once.
I apply the default security rules to each Firebase Storage bucket. I can only do this one bucket at a time.
I want to automate steps 2 & 3:
From what I can see in the Firebase docs, I can't do steps 2 and 3 with the Java Admin API.
I can probably automate step 3 through the Firebase CLI tool. For that, I need to set up a "deployment target" that includes all the buckets. I have to add the buckets by name, one by one, and can't use any wildcards here. But my bucket names include database IDs which will be pretty much the same across my environments. So I hope that this deployment target only changes when I add more customer organizations.
Does anybody know of better ways to automate steps 2 and 3?
I decided to change my approach: I now put all customer organizations into one bucket.
It's just too much work to deal with the different buckets now. With one bucket, I just delete all the folders in there which seems simple for now in the Firebase Storage web console.
I'm not sure how my project would behave with hundreds or thousands of buckets. On the contrary, it seems that having thousands of folders within a bucket is a valid use case.
The lack of functionality for Storage buckets both in the Firebase CLI and the Google Cloud SDK indicates to me that you shouldn't have many buckets in your project.
I'm building a SAAS project on Firebase and weighing the pros and cons of multi-tenant architecture vs managed Firebase instances for each account.
One of the key challenges with managed instances is reporting usage. I've searched through Firebase docs but have not been able to find an API endpoint to fetch a Firebase project's account usage (eg bandwidth, function invocations, storage, etc).
Is there a API that I'm missing or is this alternatively possible with core Google Cloud APIs?
firebaser here
We just added a REST API to manage projects and the apps in those projects. But there is currently no way to report usage for a project across all Firebase products. It sounds like a useful feature through, so I recommend filing a feature request.
Until a feature is added that fits your needs, you will have to do the tracking from within your own app, or by proxying the tracked functionality through Cloud Functions, where you can then log whatever you need for tracking usage.
I have an app which uses firebase storage and I am observing an unusual traffic to the storage. The bandwidth usage is unusually high, which shouldn't happen with the usual behavior of the app.
I need to isolate a user or a stored file which causes this unusual bandwidth usage. Is there any way I can get more information about the storage usage, other than the information shown at the Usage tab of firebase console?
Firebase Storage only tracks and shows aggregate data for the usage in your project. It does not tie this usage to specific Firebase Authentication users.
If you need that, consider adding your own tracking for this, for example by logging uploads/downloads to Google Analytics for Firebase.
You can also log to Stack Driver, although it might only be in aggregate there too. For the exact metrics, see the Google Cloud Platform documentation on its storage metrics.
Alternatively you could reach out to Firebase support for personalized help in troubleshooting. But I'm not sure if they have access to the type of data you're looking for.