services / Google Cloud / Entities
Data objects in Firestore in Datastore mode are known as entities. An entity has one or more named properties, each of which can have one or more values. Properties can store data of various types, including strings, numbers, dates, and binary data. An entity is limited to 1 megabyte when stored. Entities operations are billed per operation and per gigabyte per month.
Permissions to create, edit and delete entities can result in spend towards write, read and storage quotas. Access to Entities storing sensitive information can result in data exfiltration.
datastore.entities.create
Creating an entity also uses storage quota, which is billed per gigabyte per month along with write to the datastore.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security