Reputation: 1979
How to grant read access to a ServiceAccount
I want to double check or consider another ways to set up the privileges that I have for this file.
I've already tried IAM (Identity and Access Management) admin privileges (It has Editor privileges) & I'm using GAE (Google App Engine) with Firebase Admin (It supposed to doesn't matter the Firebase Rules for the full privileges case).
I also have my file under /WEB-INF/.
This is the error on the StackDriver
java.security.AccessControlException: access denied ("java.io.FilePermission" "/WEB-INF/project-blah-firebase-adminsdk-blah-blah.json" "read")
Additional notes
- I have tried the code on the Post and Get Method of a Servlet Class
- I have tried getApplicationDefault()
- Should I consider OAuth 2.0? if yes, where should I place the Application ID?
Additional Reference
Upvotes: 0
Views: 53
Answers (1)
Reputation: 7438
I have a similar GAE project where I use Maven to manage/deploy my project. Here's what I do:
- Put the json file into the
src/main/resourcesdirectory. - Load the file as follows:
InputStream stream = getClass().getClassLoader().getResourceAsStream("service_account.json");
Upvotes: 0
Related Questions
- GCP: How to grant a role to a service account on a Firestore collection?
- How to authorise a service account to access the Google Admin API
- getting "401 Unauthorized" while trying to authenticated with service account
- Authenticate users in Java AppEngine Application with Firebase
- Access denied to file in my Google App Engine project
- User Authorization for Cloud Endpoints
- Connecting to Admin secured webservice on App Engine from Java client
- java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers)
- Authenticating UserService FROM appengine
- Restful Java - Grant access to resources