Firebase Rules API

Can I deploy Firestore security rules with the Firebase Rules API?

Yes. POST /v1/{+name}/rulesets creates a new ruleset from your rules source, then PATCH /v1/{+name} on the cloud.firestore release pointer flips production traffic to it. This is the same flow that firebase deploy --only firestore:rules uses underneath.

What are the rate limits for the Firebase Rules API?

Google enforces standard googleapis.com project-level quotas for the Firebase Rules API. Ruleset creation is rate-limited because each ruleset is immutable and persisted; pipelines should avoid creating one ruleset per file change and instead bundle changes per release.

How do I run a Firebase Rules test through Jentic?

Run pip install jentic, search for test firebase security rules, load the projects.test operation, and execute it with the candidate rulesetName and a testSuite of synthetic request expectations. Sign up at https://app.jentic.com/sign-up.

Does the Firebase Rules API support Cloud Storage rules and Realtime Database rules?

Yes. The same ruleset and release machinery covers Cloud Firestore, Cloud Storage, and Realtime Database; the release name (such as cloud.firestore or firebase.storage) determines which Firebase service the ruleset is bound to.

Is the Firebase Rules API free?

Firebase Rules is included with Firebase at no extra charge. Rule evaluation cost is incurred only when a Firebase service evaluates the rules during a request, and that cost is billed under the underlying service such as Firestore or Cloud Storage.