Cloud Functions and IAM

As with other Google Cloud products and services, Cloud Functions support permissions through IAM policies. There are two Cloud Functions with specific IAM roles: Cloud Functions Developer and Cloud Functions Viewer. The Cloud Functions Developer role provides agents with full read and write access to all functions-related resources. The Cloud Functions Viewer role provides view-only access to these resources. In addition, the three project-level primitive IAM roles also apply to Cloud Functions: Project Owner, Project Editor, and Project Viewer.

As mentioned earlier, invoked functions have access to a managed service account with Project Editor rights: appspot.gserviceaccount.com. Note, however, that all Cloud Functions ...

Get Building Google Cloud Platform Solutions now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.