A debug token is a secret used during the development or integration testing of an app. It essentially allows the development or integration testing to bypass app attestation while still allowing App Check to enforce protection on supported production Firebase services.
To get more information about DebugToken, see:
resource "google_firebase_web_app" "default" {
provider = google-beta
project = "my-project-name"
display_name = "Web App for debug token"
}
# It takes a while for App Check to recognize the new app
# If your app already exists, you don't have to wait 30 seconds.
resource "time_sleep" "wait_30s" {
depends_on = [google_firebase_web_app.default]
create_duration = "30s"
}
resource "google_firebase_app_check_debug_token" "default" {
provider = google-beta
project = "my-project-name"
app_id = google_firebase_web_app.default.app_id
display_name = "Debug Token"
token = "00000000-AAAA-BBBB-CCCC-000000000000"
depends_on = [time_sleep.wait_30s]
}
The following arguments are supported:
display_name
-
(Required)
A human readable display name used to identify this debug token.
token
-
(Required)
The secret token itself. Must be provided during creation, and must be a UUID4,
case insensitive. You may use a method of your choice such as random/random_uuid
to generate the token.
This field is immutable once set, and cannot be updated. You can, however, delete
this debug token to revoke it.
For security reasons, this field will never be populated in any response.
Note: This property is sensitive and will not be displayed in the plan.
app_id
-
(Required)
The ID of a
Web App,
Apple App,
or Android App
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}
debug_token_id
-
The last segment of the resource name of the debug token.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.DebugToken can be imported using any of these accepted formats:
projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}
{{project}}/{{app_id}}/{{debug_token_id}}
{{app_id}}/{{debug_token_id}}
In Terraform v1.5.0 and later, use an import
block to import DebugToken using one of the formats above. For example:
import {
id = "projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}"
to = google_firebase_app_check_debug_token.default
}
When using the terraform import
command, DebugToken can be imported using one of the formats above. For example:
$ terraform import google_firebase_app_check_debug_token.default projects/{{project}}/apps/{{app_id}}/debugTokens/{{debug_token_id}}
$ terraform import google_firebase_app_check_debug_token.default {{project}}/{{app_id}}/{{debug_token_id}}
$ terraform import google_firebase_app_check_debug_token.default {{app_id}}/{{debug_token_id}}
This resource supports User Project Overrides.