Questions About CloudKit Security Roles and Permissions

Hi, I'm using CloudKit to create an app that backs up and records your data to iCloud.

Here's what I'm unsure about:

I understand that the 'CloudKit Dashboard' has 'Security Roles'. I thought these were meant to set permissions for accessing and modifying users' data, but I found there was no change even when I removed all 'Permissions' from 'Default Roles'. Can you clarify?

  1. I'd like to know what _world, _icloud, and _creator in Default Roles mean respectively.
  2. I would like to know what changes the creation, read, and write permissions make.
  3. Is it better to just use the default settings?

Here's what I understand so far:

Default Roles: _world: I don't know _icloud: An account that is not my device but is linked to my iCloud _creator: My Device

Permissions: create: Create data read: Read data write: Update and delete data.

I'm not sure if I understand this correctly. Please explain.

Answered by in 794815022

The World role includes all iCloud users, whether or not they are authenticated. The Authenticated role includes all iCloud users who are signed in and have been authenticated. The Creator role includes only the authenticated user who has created a record.

The World role includes all iCloud users, whether or not they are authenticated. The Authenticated role includes all iCloud users who are signed in and have been authenticated. The Creator role includes only the authenticated user who has created a record.

Questions About CloudKit Security Roles and Permissions
 
 
Q