This module manages Firebase Authentication (Identity Platform) configuration and social identity providers for a Google Cloud project.
module "firebase_auth" {
source = "GoogleCloudPlatform/firebase-auth/google"
version = "~> 0.1"
project_id = "my-project-id"
auth_config = {
email_enabled = true
anonymous_enabled = true
allow_duplicate_emails = false
}
auth_providers = {
google = {
client_id = "your-client-id"
client_secret = "your-client-secret"
}
}
}
| Name |
Description |
Type |
Default |
Required |
| auth_config |
Core configuration for Firebase Identity Platform. |
object({
allow_duplicate_emails = optional(bool, false)
anonymous_enabled = optional(bool, false)
email_enabled = optional(bool, false)
email_password_required = optional(bool, true)
phone_enabled = optional(bool, false)
test_phone_numbers = optional(map(string), {})
authorized_domains = optional(list(string), ["localhost"])
sms_region_config = optional(object({
allow_by_default = optional(object({
disallowed_regions = optional(list(string))
}))
allowlist = optional(object({
allowed_regions = optional(list(string))
}))
}))
}) |
{} |
no |
| auth_providers |
Authentication provider configurations. |
object({
google = optional(object({
client_id = string
client_secret = string
}))
apple = optional(object({
service_id = string
team_id = string
key_id = string
client_secret = string
}))
facebook = optional(object({
app_id = string
app_secret = string
}))
github = optional(object({
client_id = string
client_secret = string
}))
}) |
{} |
no |
| autodelete_anonymous_users |
Whether to auto-delete anonymous users. |
bool |
true |
no |
| blocking_functions |
Configuration related to blocking functions. |
object({
triggers = optional(list(object({
event_type = string
function_uri = string
})))
forward_inbound_credentials = optional(object({
id_token = optional(bool)
access_token = optional(bool)
refresh_token = optional(bool)
}))
}) |
null |
no |
| enable_auth_management |
Whether Terraform should manage the base Identity Platform configuration. Set to false if the auth config is managed externally or via the Firebase Console. |
bool |
true |
no |
| mfa |
Options related to Multi-Factor Authentication (MFA). |
object({
state = optional(string) # DISABLED, ENABLED, MANDATORY
provider_configs = optional(list(object({
state = optional(string)
totp_provider_config = optional(object({
adjacent_intervals = optional(number)
}))
})))
}) |
null |
no |
| monitoring |
Configuration related to monitoring project activity. |
object({
request_logging_enabled = optional(bool)
}) |
null |
no |
| multi_tenant |
Configuration related to multi-tenant functionality. |
object({
allow_tenant_creation = optional(bool)
default_tenant_location = optional(string)
}) |
null |
no |
| project_id |
The GCP project ID to initialize Firebase Auth in. |
string |
n/a |
yes |
| quota |
Configuration related to quotas. |
object({
sign_up_quota_config = optional(object({
quota = optional(number)
start_time = optional(string)
quota_duration = optional(string)
}))
}) |
null |
no |
| Name |
Description |
| enabled_providers |
List of enabled authentication providers. |
| project_id |
The project ID. |