Region restriction configuration
For gdpr compliant usage in europe we need a way to configure that ALL related resources are hosted in a specific region. Whould be great if that could be configured in one single place and automatically apply to all services spin up for my app.
Edward Bock
shared this idea
-
Thomas Bouldin commented
Firebase App Hosting is designed as a regional service. It always creates all managed resources (e.g. your GitHub key, your Developer Connect repository, your Cloud Build Jobs, and your Cloud Run instance) in a single region, though we obviously cannot force you to not call services in other regions from within Cloud Run.
If you want to ensure locality of your secrets, be sure to pass the optional --location flag to `firebase apphosting:secrets:set` to change the secret from globally replicated to regionally restricted.
That being said, consult your legal council whether they believe a CDN counts as data being stored or processed in a different jurisdiction. We do not currently have a way to turn the CDN off.
Finally, it is worth noting that we didn't finish setting up a European region at launch. It's in progress, though, and our first region should be live as a fast-follow.