I'm trying to invoke my Gen 2 Firebase function from my IOS app.
It has been working fine for several months, until I redeployed it today, and now all of a sudden, users from my app receive Unauthenticated
when trying to invoke it.
I granted the allUsers
&Cloud Functions Invoker (1)
principal to my function, but now it gives me this warning:
The specified principal roles/run.invoker
is nowhere to be found.
My users can't access the function. Does google deliberately make things more complicated than they should be?
At the top right of your Gen 2 Cloud Function details, you should see a badge: “Powered by Cloud Run,” along with the Cloud Run service name at the bottom. Remember this service name.
Next, open Serverless -> Cloud Run in the left menu. You will see a list of Cloud Run services. Find your Cloud Run service and check the checkbox next to it. A panel will appear at the top with the message “1 service selected” and buttons like Copy, Delete, and Permissions. . Click Permissions. The permissions panel for this Cloud Run service will appear on the right. Here, you can assign the Cloud Run Invoker role to the required service account.
I would also suggest removing the allUsers permission from the original Cloud Function to avoid unexpected security consequences.