How do I enable Auditing for Firebase App Distribution service. I enabled for Firebase management API but seems Audit logs related to upload and tester management is not contained within audit.
Related
We are building an internal web application that is deployed in our staging Firebase project. We use Firebase Auth to allow our internal team to authenticate using their google account. Everything works fine here, no issues.
But now, we have a requirement to make certain changes to the Firestore DB in our production Firebase project, using the web application deployed in staging. And we only want 'admin' users from our team to be able to do that. I believe we are going to need a Firebase function in production to first authenticate the user as 'admin' and only then allow these read/write operations in its Firestore db. However, the 'admin' user belongs to the staging project.
How do we enable this cross-project authentication and data access in the most secure way possible?
Any ideas/suggestions?
Till now I was using service account to connect to my Firestore database (Firebase is not enabled) from within Google products like Cloud Functions or Colab.
Now I need to connect to Firestore from html page opened in my browser. Is it possible without enabling Firebase?
Yes, the Google Cloud Firestore NodeJS SDK is meant to be used on server side only. You can use Firebase Web SDK along with Firebase Authentication and Firebase Security Rules to support serverless app architectures where clients connect directly to your Firestore database.
You don't necessarily have to use Firebase Auth. However, it might be a good idea to restrict access and allow only public content to be accessible without authentication.
You can follow the quickstart in the documentation to setup the client SDK.
Since my apps will rely on Firebase Realtime Database\Cloud Messaging, is there a way to integrate the initial creation of the Google account and Firebase project during my app install?
I am now hosting Pre-Packaged+Identity+Server+5.2.0+with+API+Manager+2.0.0 [https://docs.wso2.com/display/CLUSTER44x/Configuring+the+Pre-Packaged+Identity+Server+5.2.0+with+API+Manager+2.0.0] in my own AWS instance.
Planning to move on to managed Cloud solution by WSO2. But I can see independent installatiion of identity server and wso2 api manager. But is there a cloud alternative for idenitity server , api manager combo.
I am using WSO2 idenity server for user management only.keeping users in that. Can it be done in API manager as well?
What is the cloud alternative for this?
WSO2 Cloud uses Identity Server for providing Single Sign On. Cloud has its deployment architecture done in a way API Manager can also do the user management (thats comes with the power of WSO2 platform). You dont need to worry about cloud having the API Manager and Identity Server separately.
IF you are managing your subscribers and publishers, then its an out of the box scenario in the cloud. If you want to store end users of the APIs (i.e. if you are using the password grant type), then you can add a secondary userstore and store the end users in it.
I recommend you to raise these questions via the "Contact Support" option available in the Cloud UI.
I want to use datastore of google in my web app but do not want to host it in google app engine, I want to host it some other machine. So how i can use datastore in such web app ?
will it be more economical ?
You would need to follow the Accessing the Cloud Datastore API from another platform procedure:
This section shows how to activate and access the Cloud Datastore API
from an external application running on a platform outside of Google
Cloud.
Enable the Cloud Datastore API for the project. You can enable the API for an existing project, or create a new project and then enable
the API.
Enable the Cloud Datastore API
To use the Cloud Datastore API, your Cloud project requires an active App Engine application. Open the App Engine dashboard and
confirm your Cloud project has an active App Engine app.
Open the App Engine dashboard
Create an App Engine app if needed. The app must not be disabled.
Go to the Create service account key page.
Click the drop-down box below Service account, then click New service account.
Enter a name for the service account in Name.
Use the default Service account ID or generate a different one.
Select JSON in Key type.
Click Create.
Upon successful creation, your browser will download the private key. The Cloud Platform Console provides a prompt that displays the
private key file name. Note the file name so you can locate it, then
click Close to dismiss the prompt.
Your Service Account is the Email address displayed under the Service Account section.
Your Private Key is the file you just downloaded.
At this point all services and authorizations are configured for your
project and you can start writing code or exploring the API.
You don't actually need to write code for the GAE app and deploy it, see Is an App Engine instance required for accessing Datastore?
As for being more economical or not (I presume compared to running the app on GAE) - it depends a lot on the app's usage/scale, what the app does and how it does it.
Have a look at Cloud Endpoints
https://cloud.google.com/appengine/docs/java/endpoints/