Security
After we have configured the database and set up sample collections and objects, it is important to provision security rules for your data to control access. Firestore offers two types of security, authentication, and access control methods depending on your choice of client libraries:
- Mobile and web client libraries: These are Firebase authentication and security rules that perform serverless authentication, authorization, and data validation
- Server client libraries: Identity and access management (IAM) is a method of access control for your database
You should be able to create, edit, and monitor security rules easily from the Firebase interface. Follow this link to get started: https://cloud.google.com/firestore/docs/security/get-started.
You can read more about it in this documentation: https://cloud.google.com/firestore/docs/security/overview.
Remember to always test and monitor your security rules before deploying or rolling out your application...