Firebase CLI lower than 7.7.0 will need to explicitly grant access through Cloud IAM

body{ font-family:Google Sans, Roboto, sans-serif; font-size:14px; -webkit-text-size-adjust: none !important; -webkit-font-smoothing: antialiased !important; -ms-text-size-adjust: none !important; } table, tr, td { border-collapse:collapse; mso-table-lspace:0pt; mso-table-rspace:0pt; } a{ color:#0288d1; text-decoration: none;"> } a:link, a:visited, a:hover, a:active { color: #4285f4; text-decoration: none; } .appleLinks a { color:#000000 !important; text-decoration:none !important; } strong { font-weight: bold !important; } em { font-style: italic !important; } .yshortcuts a span { color: inherit !important; border-bottom: none !important; } html { -webkit-text-size-adjust: none; -ms-text-size-adjust: 100%; } .ReadMsgBody { width: 100%; } .ExternalClass { width: 100%; } .ExternalClass * { line-height: 100% } td { -webkit-text-size-adjust: none; } a[href^=tel] { color: inherit; text-decoration: none; } .mob-hide { display:none !important; } div, p, a, li, td { -webkit-text-size-adjust:none; } td { text-decoration:none !important; } a[x-apple-data-detectors] { color: inherit !important; text-decoration: none !important; font-size: inherit !important; font-family: inherit !important; font-weight: inherit !important; line-height: inherit !important; } @media all and (max-width: 600px) { .table-main-gmail { /* Forces Gmail to display Desktop view */ width: 100% !important; min-width:100% !important; } }
Update your Firebase CLI to keep deploying public HTTP functions
Hi Sangyong,
We are writing because one of your Firebase projects has HTTP Cloud Functions that were deployed using the Firebase CLI.
After January 15, 2020, if you use any version of the Firebase CLI lower than 7.7.0 to deploy a new HTTP or Callable Cloud Function, that function will require you to explicitly grant public access through Cloud IAM permissions. Existing HTTP Cloud Functions will not be affected by this change.
What's changing?
Due to a Google Cloud Platform change to provide more security and predictability for server-to-server communication, all newly created HTTP Cloud Functions will be private-by-default and require manual configuration using Cloud IAM.
However, since most Cloud Functions created by Firebase users are client application-facing, we have updated the Firebase CLI to maintain the existing behavior and set the permissions for new functions as public.
This change does not affect the functions that have already been deployed. Only new functions deployed after January 15, 2020, using old versions of the CLI, will be affected.
What is the behavior of a private function?
Clients that try to connect will be returned a "403 Forbidden" error.
What’s next?
Before you attempt to deploy any functions, update your Firebase CLI to the latest version (at least 7.7.0, released November 7, 2019), by running:
  1. npm install --global firebase-tools, and then
  2. firebase --version to confirm that you're on a version of 7.7.0 or higher.
Once you have done this, functions deployed with the Firebase CLI will continue to be public by default.
How do I convert my existing functions to private?
If you would like to take advantage of the new functionality to restrict access to your existing HTTP functions, you can do so after deploying it by configuring its permissions.
What if I accidentally deploy functions that are private and want to make them public?
You can manually set a function to public using Cloud Console or gcloud CLI.
Your project(s) that have recently deployed functions are:
We’re here to help
As always, if you have any questions or need any assistance, feel free to reach out to our support team.
Raj on behalf of the Firebase team
You have received this mandatory service announcement to update you about important changes to Firebase or your account.
© 2019 Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043 USA