Register for Semperis' Hybrid Identity Protection (HIP) Conference - June 30 - July 1 Register for Semperis' Hybrid Identity Protection (HIP) Conference - June 30 - July 1
Backup & Storage|Cloud Computing

Google Announces Firestore Security Rules Simulator

When storing and working with company or user data, it can be a challenge to ensure that it is safe and secure. Whether it be keeping outsiders with malicious intent away from the data or simply making sure that only employees who require access to the data have it, there is a lot of work that goes into developing and testing security rules and procedures.



As a way to make this process easier, Google recently introduced the Firestore Security Rules Simulator. This is a new tool that developers and administrators can use to write and test security rules for Google’s Cloud Firestore database in a quick and efficient manner.

Previously, those writing and testing Firebase security rules had no choice but to actually deploy the rules and then run tests against them once they were live. If any of the rules didn’t function as expected, they would then have to be edited, re-deployed, and then re-tested in a process that was both tedious and time-consuming.

However, with the introduction of the Firestore Security Rules Simulator, developers are now able to write security rules and test them against their actual Firestore databases from right within the Firebase console. And perhaps the best part about this new tool is that testing can be done without having to actually deploy the rules to an actual Firestore database.

Some of the functions that developers can write rule tests for include document reads, writes, and deletes, all of which can be tested against an organization’s actual Firestore database. There is also the option to simulate a particular user being signed in, which can be useful for testing permissions that may be assigned to various user accounts.

In addition to releasing the Firestore Security Rules Simulator, Google also increased the number of calls that can be made per security rule from three to ten for single document requests. For those that are using batch-requests or other multi-resource requests, a total of 20 combined calls is allowed for all of the documents included in the call.

Google also mentioned that is has improved its reference documentation related to Firebase Security Rules and the specific language that is used to write them.

Security is something that cannot be taken lightly, especially with the amount of data that is stored in the cloud today. While there are many advantages to having data stored in the cloud or hybrid environments, security has to be one of the top priorities of developers and administrators that work with that data on a daily basis. And being able to test both new and existing security rules against an actual Firestore database is something that can be very helpful, as it allows for a faster testing and refinement process.


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Register for the Hybrid Identity Protection (HIP) Europe Conference!

Hybrid Identity Protection (HIP) Europe 2021 - Virtual Conference

Mobile workforces, cloud applications, and digitalization are changing every aspect of the modern enterprise. And with radical transformation come new business risks. Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric practitioners. At the inaugural HIP Europe, join your local IAM experts and Microsoft MVPs to learn all the latest from the Hybrid Identity world.