Currently, the automated testing feature within Firebase App Distribution mandates that the user executing the test possess either the Project Owner or Project Editor IAM role. This requirement is overly broad and presents a significant operational barrier for organizations managing a large number of projects (e.g., 1,000+) where granting such high-level permissions is often restricted due to security policies and standard practices. Attempts confirmed that even users with high-privilege roles like Organization Admin and Firebase Admin were unable to run these tests, indicating the check is strictly limited to Owner/Editor.

This limitation prevents teams from effectively utilizing the automated testing feature. We request the ability to run Firebase App Distribution automated tests using more granular permissions. Ideally, this would involve either identifying a specific set of minimum required permissions that can be bundled into a custom role or providing a new, less privileged predefined IAM role specifically for this purpose. Enabling finer-grained access control is crucial for the adoption and practical use of this feature in enterprise environments. Google Support acknowledged this limitation is known, on the product roadmap without a specific ETA, and filed an internal bug/request.