Matheus Ribeiro
Reputation: 69
Permission denied to Google Cloud Secret on firebase function deploy, even with Secret Manager Admin Role
I have a Firebase project that uses SecretParam.
from firebase_functions.params import SecretParam
XYZ_PASSWORD = SecretParam('XYZ_PASSWORD')
...
I have a secret account with Secret Manager Admin role.
However, when I try to deploy the Firebase functions, it gives me this error in the log:
firebase deploy --only functions
i functions: ensuring 3*******[email protected] access to secret XYZ_PASSWORD.
Error: HTTP Error: 403, Permission 'secretmanager.secrets.setIamPolicy' denied for resource 'projects/*******/secrets/XYZ_PASSWORD' (or it may not exist).
The secretmanager.secrets.setIamPolicy should be available on the Secret Manager Admin role, as per the documentation.
Any suggestions why does this not work?
Upvotes: 0
Views: 46
Answers (1)
Matheus Ribeiro
Reputation: 69
Solved. My GCP user, the one logged in Firebase CLI with firebase login, was missing the setIamPolicy. Adding the policy to it and redeploying solved.
Upvotes: 0
Related Questions
- Permission denied to google cloud secret on firebase function deploy
- Google Secret Manager Permissions For Local Emulating of Functions
- Google Secret Manager Permission Denied with Firebase Function
- Cant access secrets stored in Secret Manager from cloud dataproc(Pyspark)
- Can't access secret stored in Secrets Manager from Google Cloud Function
- Can´t deploy to firebase cloud function
- Storing secrets in firebase projects: Firebase config API or Secret Manager API?
- Accessing secrets in GCP Secret Manager from Python in Docker- nontsop Permission Denied