Google Cloud Classic v6.57.0, May 30 23

Google Cloud Classic v6.57.0 published on Tuesday, May 30, 2023 by Pulumi

gcp.cloudfunctions.Function

Explore with Pulumi AI

Google Cloud Classic v6.57.0 published on Tuesday, May 30, 2023 by Pulumi

pulumi/pulumi-gcp

Example Usage

Public Function

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var bucket = new Gcp.Storage.Bucket("bucket", new()
    {
        Location = "US",
    });

    var archive = new Gcp.Storage.BucketObject("archive", new()
    {
        Bucket = bucket.Name,
        Source = new FileAsset("./path/to/zip/file/which/contains/code"),
    });

    var function = new Gcp.CloudFunctions.Function("function", new()
    {
        Description = "My function",
        Runtime = "nodejs16",
        AvailableMemoryMb = 128,
        SourceArchiveBucket = bucket.Name,
        SourceArchiveObject = archive.Name,
        TriggerHttp = true,
        EntryPoint = "helloGET",
    });

    // IAM entry for all users to invoke the function
    var invoker = new Gcp.CloudFunctions.FunctionIamMember("invoker", new()
    {
        Project = function.Project,
        Region = function.Region,
        CloudFunction = function.Name,
        Role = "roles/cloudfunctions.invoker",
        Member = "allUsers",
    });

});

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudfunctions"
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		bucket, err := storage.NewBucket(ctx, "bucket", &storage.BucketArgs{
			Location: pulumi.String("US"),
		})
		if err != nil {
			return err
		}
		archive, err := storage.NewBucketObject(ctx, "archive", &storage.BucketObjectArgs{
			Bucket: bucket.Name,
			Source: pulumi.NewFileAsset("./path/to/zip/file/which/contains/code"),
		})
		if err != nil {
			return err
		}
		function, err := cloudfunctions.NewFunction(ctx, "function", &cloudfunctions.FunctionArgs{
			Description:         pulumi.String("My function"),
			Runtime:             pulumi.String("nodejs16"),
			AvailableMemoryMb:   pulumi.Int(128),
			SourceArchiveBucket: bucket.Name,
			SourceArchiveObject: archive.Name,
			TriggerHttp:         pulumi.Bool(true),
			EntryPoint:          pulumi.String("helloGET"),
		})
		if err != nil {
			return err
		}
		_, err = cloudfunctions.NewFunctionIamMember(ctx, "invoker", &cloudfunctions.FunctionIamMemberArgs{
			Project:       function.Project,
			Region:        function.Region,
			CloudFunction: function.Name,
			Role:          pulumi.String("roles/cloudfunctions.invoker"),
			Member:        pulumi.String("allUsers"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.storage.BucketObject;
import com.pulumi.gcp.storage.BucketObjectArgs;
import com.pulumi.gcp.cloudfunctions.Function;
import com.pulumi.gcp.cloudfunctions.FunctionArgs;
import com.pulumi.gcp.cloudfunctions.FunctionIamMember;
import com.pulumi.gcp.cloudfunctions.FunctionIamMemberArgs;
import com.pulumi.asset.FileAsset;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var bucket = new Bucket("bucket", BucketArgs.builder()        
            .location("US")
            .build());

        var archive = new BucketObject("archive", BucketObjectArgs.builder()        
            .bucket(bucket.name())
            .source(new FileAsset("./path/to/zip/file/which/contains/code"))
            .build());

        var function = new Function("function", FunctionArgs.builder()        
            .description("My function")
            .runtime("nodejs16")
            .availableMemoryMb(128)
            .sourceArchiveBucket(bucket.name())
            .sourceArchiveObject(archive.name())
            .triggerHttp(true)
            .entryPoint("helloGET")
            .build());

        var invoker = new FunctionIamMember("invoker", FunctionIamMemberArgs.builder()        
            .project(function.project())
            .region(function.region())
            .cloudFunction(function.name())
            .role("roles/cloudfunctions.invoker")
            .member("allUsers")
            .build());

    }
}

import pulumi
import pulumi_gcp as gcp

bucket = gcp.storage.Bucket("bucket", location="US")
archive = gcp.storage.BucketObject("archive",
    bucket=bucket.name,
    source=pulumi.FileAsset("./path/to/zip/file/which/contains/code"))
function = gcp.cloudfunctions.Function("function",
    description="My function",
    runtime="nodejs16",
    available_memory_mb=128,
    source_archive_bucket=bucket.name,
    source_archive_object=archive.name,
    trigger_http=True,
    entry_point="helloGET")
# IAM entry for all users to invoke the function
invoker = gcp.cloudfunctions.FunctionIamMember("invoker",
    project=function.project,
    region=function.region,
    cloud_function=function.name,
    role="roles/cloudfunctions.invoker",
    member="allUsers")

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const bucket = new gcp.storage.Bucket("bucket", {location: "US"});
const archive = new gcp.storage.BucketObject("archive", {
    bucket: bucket.name,
    source: new pulumi.asset.FileAsset("./path/to/zip/file/which/contains/code"),
});
const _function = new gcp.cloudfunctions.Function("function", {
    description: "My function",
    runtime: "nodejs16",
    availableMemoryMb: 128,
    sourceArchiveBucket: bucket.name,
    sourceArchiveObject: archive.name,
    triggerHttp: true,
    entryPoint: "helloGET",
});
// IAM entry for all users to invoke the function
const invoker = new gcp.cloudfunctions.FunctionIamMember("invoker", {
    project: _function.project,
    region: _function.region,
    cloudFunction: _function.name,
    role: "roles/cloudfunctions.invoker",
    member: "allUsers",
});

resources:
  bucket:
    type: gcp:storage:Bucket
    properties:
      location: US
  archive:
    type: gcp:storage:BucketObject
    properties:
      bucket: ${bucket.name}
      source:
        fn::FileAsset: ./path/to/zip/file/which/contains/code
  function:
    type: gcp:cloudfunctions:Function
    properties:
      description: My function
      runtime: nodejs16
      availableMemoryMb: 128
      sourceArchiveBucket: ${bucket.name}
      sourceArchiveObject: ${archive.name}
      triggerHttp: true
      entryPoint: helloGET
  # IAM entry for all users to invoke the function
  invoker:
    type: gcp:cloudfunctions:FunctionIamMember
    properties:
      project: ${function.project}
      region: ${function.region}
      cloudFunction: ${function.name}
      role: roles/cloudfunctions.invoker
      member: allUsers

Single User

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var bucket = new Gcp.Storage.Bucket("bucket", new()
    {
        Location = "US",
    });

    var archive = new Gcp.Storage.BucketObject("archive", new()
    {
        Bucket = bucket.Name,
        Source = new FileAsset("./path/to/zip/file/which/contains/code"),
    });

    var function = new Gcp.CloudFunctions.Function("function", new()
    {
        Description = "My function",
        Runtime = "nodejs16",
        AvailableMemoryMb = 128,
        SourceArchiveBucket = bucket.Name,
        SourceArchiveObject = archive.Name,
        TriggerHttp = true,
        HttpsTriggerSecurityLevel = "SECURE_ALWAYS",
        Timeout = 60,
        EntryPoint = "helloGET",
        Labels = 
        {
            { "my-label", "my-label-value" },
        },
        EnvironmentVariables = 
        {
            { "MY_ENV_VAR", "my-env-var-value" },
        },
    });

    // IAM entry for a single user to invoke the function
    var invoker = new Gcp.CloudFunctions.FunctionIamMember("invoker", new()
    {
        Project = function.Project,
        Region = function.Region,
        CloudFunction = function.Name,
        Role = "roles/cloudfunctions.invoker",
        Member = "user:myFunctionInvoker@example.com",
    });

});

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudfunctions"
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		bucket, err := storage.NewBucket(ctx, "bucket", &storage.BucketArgs{
			Location: pulumi.String("US"),
		})
		if err != nil {
			return err
		}
		archive, err := storage.NewBucketObject(ctx, "archive", &storage.BucketObjectArgs{
			Bucket: bucket.Name,
			Source: pulumi.NewFileAsset("./path/to/zip/file/which/contains/code"),
		})
		if err != nil {
			return err
		}
		function, err := cloudfunctions.NewFunction(ctx, "function", &cloudfunctions.FunctionArgs{
			Description:               pulumi.String("My function"),
			Runtime:                   pulumi.String("nodejs16"),
			AvailableMemoryMb:         pulumi.Int(128),
			SourceArchiveBucket:       bucket.Name,
			SourceArchiveObject:       archive.Name,
			TriggerHttp:               pulumi.Bool(true),
			HttpsTriggerSecurityLevel: pulumi.String("SECURE_ALWAYS"),
			Timeout:                   pulumi.Int(60),
			EntryPoint:                pulumi.String("helloGET"),
			Labels: pulumi.AnyMap{
				"my-label": pulumi.Any("my-label-value"),
			},
			EnvironmentVariables: pulumi.AnyMap{
				"MY_ENV_VAR": pulumi.Any("my-env-var-value"),
			},
		})
		if err != nil {
			return err
		}
		_, err = cloudfunctions.NewFunctionIamMember(ctx, "invoker", &cloudfunctions.FunctionIamMemberArgs{
			Project:       function.Project,
			Region:        function.Region,
			CloudFunction: function.Name,
			Role:          pulumi.String("roles/cloudfunctions.invoker"),
			Member:        pulumi.String("user:myFunctionInvoker@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.storage.BucketObject;
import com.pulumi.gcp.storage.BucketObjectArgs;
import com.pulumi.gcp.cloudfunctions.Function;
import com.pulumi.gcp.cloudfunctions.FunctionArgs;
import com.pulumi.gcp.cloudfunctions.FunctionIamMember;
import com.pulumi.gcp.cloudfunctions.FunctionIamMemberArgs;
import com.pulumi.asset.FileAsset;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var bucket = new Bucket("bucket", BucketArgs.builder()        
            .location("US")
            .build());

        var archive = new BucketObject("archive", BucketObjectArgs.builder()        
            .bucket(bucket.name())
            .source(new FileAsset("./path/to/zip/file/which/contains/code"))
            .build());

        var function = new Function("function", FunctionArgs.builder()        
            .description("My function")
            .runtime("nodejs16")
            .availableMemoryMb(128)
            .sourceArchiveBucket(bucket.name())
            .sourceArchiveObject(archive.name())
            .triggerHttp(true)
            .httpsTriggerSecurityLevel("SECURE_ALWAYS")
            .timeout(60)
            .entryPoint("helloGET")
            .labels(Map.of("my-label", "my-label-value"))
            .environmentVariables(Map.of("MY_ENV_VAR", "my-env-var-value"))
            .build());

        var invoker = new FunctionIamMember("invoker", FunctionIamMemberArgs.builder()        
            .project(function.project())
            .region(function.region())
            .cloudFunction(function.name())
            .role("roles/cloudfunctions.invoker")
            .member("user:myFunctionInvoker@example.com")
            .build());

    }
}

import pulumi
import pulumi_gcp as gcp

bucket = gcp.storage.Bucket("bucket", location="US")
archive = gcp.storage.BucketObject("archive",
    bucket=bucket.name,
    source=pulumi.FileAsset("./path/to/zip/file/which/contains/code"))
function = gcp.cloudfunctions.Function("function",
    description="My function",
    runtime="nodejs16",
    available_memory_mb=128,
    source_archive_bucket=bucket.name,
    source_archive_object=archive.name,
    trigger_http=True,
    https_trigger_security_level="SECURE_ALWAYS",
    timeout=60,
    entry_point="helloGET",
    labels={
        "my-label": "my-label-value",
    },
    environment_variables={
        "MY_ENV_VAR": "my-env-var-value",
    })
# IAM entry for a single user to invoke the function
invoker = gcp.cloudfunctions.FunctionIamMember("invoker",
    project=function.project,
    region=function.region,
    cloud_function=function.name,
    role="roles/cloudfunctions.invoker",
    member="user:myFunctionInvoker@example.com")

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const bucket = new gcp.storage.Bucket("bucket", {location: "US"});
const archive = new gcp.storage.BucketObject("archive", {
    bucket: bucket.name,
    source: new pulumi.asset.FileAsset("./path/to/zip/file/which/contains/code"),
});
const _function = new gcp.cloudfunctions.Function("function", {
    description: "My function",
    runtime: "nodejs16",
    availableMemoryMb: 128,
    sourceArchiveBucket: bucket.name,
    sourceArchiveObject: archive.name,
    triggerHttp: true,
    httpsTriggerSecurityLevel: "SECURE_ALWAYS",
    timeout: 60,
    entryPoint: "helloGET",
    labels: {
        "my-label": "my-label-value",
    },
    environmentVariables: {
        MY_ENV_VAR: "my-env-var-value",
    },
});
// IAM entry for a single user to invoke the function
const invoker = new gcp.cloudfunctions.FunctionIamMember("invoker", {
    project: _function.project,
    region: _function.region,
    cloudFunction: _function.name,
    role: "roles/cloudfunctions.invoker",
    member: "user:myFunctionInvoker@example.com",
});

resources:
  bucket:
    type: gcp:storage:Bucket
    properties:
      location: US
  archive:
    type: gcp:storage:BucketObject
    properties:
      bucket: ${bucket.name}
      source:
        fn::FileAsset: ./path/to/zip/file/which/contains/code
  function:
    type: gcp:cloudfunctions:Function
    properties:
      description: My function
      runtime: nodejs16
      availableMemoryMb: 128
      sourceArchiveBucket: ${bucket.name}
      sourceArchiveObject: ${archive.name}
      triggerHttp: true
      httpsTriggerSecurityLevel: SECURE_ALWAYS
      timeout: 60
      entryPoint: helloGET
      labels:
        my-label: my-label-value
      environmentVariables:
        MY_ENV_VAR: my-env-var-value
  # IAM entry for a single user to invoke the function
  invoker:
    type: gcp:cloudfunctions:FunctionIamMember
    properties:
      project: ${function.project}
      region: ${function.region}
      cloudFunction: ${function.name}
      role: roles/cloudfunctions.invoker
      member: user:myFunctionInvoker@example.com

Create Function Resource

new Function(name: string, args: FunctionArgs, opts?: CustomResourceOptions);

@overload
def Function(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             available_memory_mb: Optional[int] = None,
             build_environment_variables: Optional[Mapping[str, Any]] = None,
             build_worker_pool: Optional[str] = None,
             description: Optional[str] = None,
             docker_registry: Optional[str] = None,
             docker_repository: Optional[str] = None,
             entry_point: Optional[str] = None,
             environment_variables: Optional[Mapping[str, Any]] = None,
             event_trigger: Optional[FunctionEventTriggerArgs] = None,
             https_trigger_security_level: Optional[str] = None,
             https_trigger_url: Optional[str] = None,
             ingress_settings: Optional[str] = None,
             kms_key_name: Optional[str] = None,
             labels: Optional[Mapping[str, Any]] = None,
             max_instances: Optional[int] = None,
             min_instances: Optional[int] = None,
             name: Optional[str] = None,
             project: Optional[str] = None,
             region: Optional[str] = None,
             runtime: Optional[str] = None,
             secret_environment_variables: Optional[Sequence[FunctionSecretEnvironmentVariableArgs]] = None,
             secret_volumes: Optional[Sequence[FunctionSecretVolumeArgs]] = None,
             service_account_email: Optional[str] = None,
             source_archive_bucket: Optional[str] = None,
             source_archive_object: Optional[str] = None,
             source_repository: Optional[FunctionSourceRepositoryArgs] = None,
             timeout: Optional[int] = None,
             trigger_http: Optional[bool] = None,
             vpc_connector: Optional[str] = None,
             vpc_connector_egress_settings: Optional[str] = None)
@overload
def Function(resource_name: str,
             args: FunctionArgs,
             opts: Optional[ResourceOptions] = None)

func NewFunction(ctx *Context, name string, args FunctionArgs, opts ...ResourceOption) (*Function, error)

public Function(string name, FunctionArgs args, CustomResourceOptions? opts = null)

public Function(String name, FunctionArgs args)
public Function(String name, FunctionArgs args, CustomResourceOptions options)

type: gcp:cloudfunctions:Function
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FunctionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args FunctionArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args FunctionArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FunctionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args FunctionArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Function Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Function resource accepts the following input properties:

Runtime string: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
AvailableMemoryMb int: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
BuildEnvironmentVariables Dictionary<string, object>: A set of key/value environment variable pairs available during build time.
BuildWorkerPool string: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
Description string: Description of the function.
DockerRegistry string: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
DockerRepository string: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
EntryPoint string: Name of the function that will be executed when the Google Cloud Function is triggered.
EnvironmentVariables Dictionary<string, object>: A set of key/value environment variable pairs to assign to the function.
EventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
HttpsTriggerSecurityLevel string: The security level for the function. The following options are available:
HttpsTriggerUrl string: URL which triggers function execution. Returned only if trigger_http is used.
IngressSettings string: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
KmsKeyName string: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
Labels Dictionary<string, object>: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
MaxInstances int: The limit on the maximum number of function instances that may coexist at a given time.
MinInstances int: The limit on the minimum number of function instances that may coexist at a given time.
Name string: A user-defined name of the function. Function names must be unique globally.
Project string: Project of the function. If it is not provided, the provider project is used.
Region string: Region of function. If it is not provided, the provider region is used.
SecretEnvironmentVariables List<FunctionSecretEnvironmentVariableArgs>: Secret environment variables configuration. Structure is documented below.
SecretVolumes List<FunctionSecretVolumeArgs>: Secret volumes configuration. Structure is documented below.
ServiceAccountEmail string: If provided, the self-provided service account to run the function with.
SourceArchiveBucket string: The GCS bucket containing the zip archive which contains the function.
SourceArchiveObject string: The source archive object (file) in archive bucket.
SourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
Timeout int: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
TriggerHttp bool: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
VpcConnector string: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
VpcConnectorEgressSettings string: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

Runtime string: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
AvailableMemoryMb int: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
BuildEnvironmentVariables map[string]interface{}: A set of key/value environment variable pairs available during build time.
BuildWorkerPool string: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
Description string: Description of the function.
DockerRegistry string: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
DockerRepository string: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
EntryPoint string: Name of the function that will be executed when the Google Cloud Function is triggered.
EnvironmentVariables map[string]interface{}: A set of key/value environment variable pairs to assign to the function.
EventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
HttpsTriggerSecurityLevel string: The security level for the function. The following options are available:
HttpsTriggerUrl string: URL which triggers function execution. Returned only if trigger_http is used.
IngressSettings string: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
KmsKeyName string: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
Labels map[string]interface{}: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
MaxInstances int: The limit on the maximum number of function instances that may coexist at a given time.
MinInstances int: The limit on the minimum number of function instances that may coexist at a given time.
Name string: A user-defined name of the function. Function names must be unique globally.
Project string: Project of the function. If it is not provided, the provider project is used.
Region string: Region of function. If it is not provided, the provider region is used.
SecretEnvironmentVariables []FunctionSecretEnvironmentVariableArgs: Secret environment variables configuration. Structure is documented below.
SecretVolumes []FunctionSecretVolumeArgs: Secret volumes configuration. Structure is documented below.
ServiceAccountEmail string: If provided, the self-provided service account to run the function with.
SourceArchiveBucket string: The GCS bucket containing the zip archive which contains the function.
SourceArchiveObject string: The source archive object (file) in archive bucket.
SourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
Timeout int: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
TriggerHttp bool: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
VpcConnector string: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
VpcConnectorEgressSettings string: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

runtime String: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
availableMemoryMb Integer: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
buildEnvironmentVariables Map<String,Object>: A set of key/value environment variable pairs available during build time.
buildWorkerPool String: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description String: Description of the function.
dockerRegistry String: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
dockerRepository String: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entryPoint String: Name of the function that will be executed when the Google Cloud Function is triggered.
environmentVariables Map<String,Object>: A set of key/value environment variable pairs to assign to the function.
eventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
httpsTriggerSecurityLevel String: The security level for the function. The following options are available:
httpsTriggerUrl String: URL which triggers function execution. Returned only if trigger_http is used.
ingressSettings String: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kmsKeyName String: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels Map<String,Object>: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
maxInstances Integer: The limit on the maximum number of function instances that may coexist at a given time.
minInstances Integer: The limit on the minimum number of function instances that may coexist at a given time.
name String: A user-defined name of the function. Function names must be unique globally.
project String: Project of the function. If it is not provided, the provider project is used.
region String: Region of function. If it is not provided, the provider region is used.
secretEnvironmentVariables List<FunctionSecretEnvironmentVariableArgs>: Secret environment variables configuration. Structure is documented below.
secretVolumes List<FunctionSecretVolumeArgs>: Secret volumes configuration. Structure is documented below.
serviceAccountEmail String: If provided, the self-provided service account to run the function with.
sourceArchiveBucket String: The GCS bucket containing the zip archive which contains the function.
sourceArchiveObject String: The source archive object (file) in archive bucket.
sourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
timeout Integer: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
triggerHttp Boolean: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpcConnector String: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpcConnectorEgressSettings String: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

runtime string: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
availableMemoryMb number: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
buildEnvironmentVariables {[key: string]: any}: A set of key/value environment variable pairs available during build time.
buildWorkerPool string: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description string: Description of the function.
dockerRegistry string: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
dockerRepository string: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entryPoint string: Name of the function that will be executed when the Google Cloud Function is triggered.
environmentVariables {[key: string]: any}: A set of key/value environment variable pairs to assign to the function.
eventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
httpsTriggerSecurityLevel string: The security level for the function. The following options are available:
httpsTriggerUrl string: URL which triggers function execution. Returned only if trigger_http is used.
ingressSettings string: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kmsKeyName string: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels {[key: string]: any}: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
maxInstances number: The limit on the maximum number of function instances that may coexist at a given time.
minInstances number: The limit on the minimum number of function instances that may coexist at a given time.
name string: A user-defined name of the function. Function names must be unique globally.
project string: Project of the function. If it is not provided, the provider project is used.
region string: Region of function. If it is not provided, the provider region is used.
secretEnvironmentVariables FunctionSecretEnvironmentVariableArgs[]: Secret environment variables configuration. Structure is documented below.
secretVolumes FunctionSecretVolumeArgs[]: Secret volumes configuration. Structure is documented below.
serviceAccountEmail string: If provided, the self-provided service account to run the function with.
sourceArchiveBucket string: The GCS bucket containing the zip archive which contains the function.
sourceArchiveObject string: The source archive object (file) in archive bucket.
sourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
timeout number: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
triggerHttp boolean: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpcConnector string: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpcConnectorEgressSettings string: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

runtime str: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
available_memory_mb int: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
build_environment_variables Mapping[str, Any]: A set of key/value environment variable pairs available during build time.
build_worker_pool str: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description str: Description of the function.
docker_registry str: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
docker_repository str: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entry_point str: Name of the function that will be executed when the Google Cloud Function is triggered.
environment_variables Mapping[str, Any]: A set of key/value environment variable pairs to assign to the function.
event_trigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
https_trigger_security_level str: The security level for the function. The following options are available:
https_trigger_url str: URL which triggers function execution. Returned only if trigger_http is used.
ingress_settings str: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kms_key_name str: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels Mapping[str, Any]: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
max_instances int: The limit on the maximum number of function instances that may coexist at a given time.
min_instances int: The limit on the minimum number of function instances that may coexist at a given time.
name str: A user-defined name of the function. Function names must be unique globally.
project str: Project of the function. If it is not provided, the provider project is used.
region str: Region of function. If it is not provided, the provider region is used.
secret_environment_variables Sequence[FunctionSecretEnvironmentVariableArgs]: Secret environment variables configuration. Structure is documented below.
secret_volumes Sequence[FunctionSecretVolumeArgs]: Secret volumes configuration. Structure is documented below.
service_account_email str: If provided, the self-provided service account to run the function with.
source_archive_bucket str: The GCS bucket containing the zip archive which contains the function.
source_archive_object str: The source archive object (file) in archive bucket.
source_repository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
timeout int: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
trigger_http bool: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpc_connector str: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpc_connector_egress_settings str: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

runtime String: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
availableMemoryMb Number: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
buildEnvironmentVariables Map<Any>: A set of key/value environment variable pairs available during build time.
buildWorkerPool String: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description String: Description of the function.
dockerRegistry String: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
dockerRepository String: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entryPoint String: Name of the function that will be executed when the Google Cloud Function is triggered.
environmentVariables Map<Any>: A set of key/value environment variable pairs to assign to the function.
eventTrigger Property Map: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
httpsTriggerSecurityLevel String: The security level for the function. The following options are available:
httpsTriggerUrl String: URL which triggers function execution. Returned only if trigger_http is used.
ingressSettings String: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kmsKeyName String: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels Map<Any>: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
maxInstances Number: The limit on the maximum number of function instances that may coexist at a given time.
minInstances Number: The limit on the minimum number of function instances that may coexist at a given time.
name String: A user-defined name of the function. Function names must be unique globally.
project String: Project of the function. If it is not provided, the provider project is used.
region String: Region of function. If it is not provided, the provider region is used.
secretEnvironmentVariables List<Property Map>: Secret environment variables configuration. Structure is documented below.
secretVolumes List<Property Map>: Secret volumes configuration. Structure is documented below.
serviceAccountEmail String: If provided, the self-provided service account to run the function with.
sourceArchiveBucket String: The GCS bucket containing the zip archive which contains the function.
sourceArchiveObject String: The source archive object (file) in archive bucket.
sourceRepository Property Map: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
timeout Number: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
triggerHttp Boolean: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpcConnector String: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpcConnectorEgressSettings String: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

Outputs

All input properties are implicitly available as output properties. Additionally, the Function resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Status string: Describes the current stage of a deployment.

Id string: The provider-assigned unique ID for this managed resource.
Status string: Describes the current stage of a deployment.

id String: The provider-assigned unique ID for this managed resource.
status String: Describes the current stage of a deployment.

id string: The provider-assigned unique ID for this managed resource.
status string: Describes the current stage of a deployment.

id str: The provider-assigned unique ID for this managed resource.
status str: Describes the current stage of a deployment.

id String: The provider-assigned unique ID for this managed resource.
status String: Describes the current stage of a deployment.

Look up Existing Function Resource

Get an existing Function resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FunctionState, opts?: CustomResourceOptions): Function

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        available_memory_mb: Optional[int] = None,
        build_environment_variables: Optional[Mapping[str, Any]] = None,
        build_worker_pool: Optional[str] = None,
        description: Optional[str] = None,
        docker_registry: Optional[str] = None,
        docker_repository: Optional[str] = None,
        entry_point: Optional[str] = None,
        environment_variables: Optional[Mapping[str, Any]] = None,
        event_trigger: Optional[FunctionEventTriggerArgs] = None,
        https_trigger_security_level: Optional[str] = None,
        https_trigger_url: Optional[str] = None,
        ingress_settings: Optional[str] = None,
        kms_key_name: Optional[str] = None,
        labels: Optional[Mapping[str, Any]] = None,
        max_instances: Optional[int] = None,
        min_instances: Optional[int] = None,
        name: Optional[str] = None,
        project: Optional[str] = None,
        region: Optional[str] = None,
        runtime: Optional[str] = None,
        secret_environment_variables: Optional[Sequence[FunctionSecretEnvironmentVariableArgs]] = None,
        secret_volumes: Optional[Sequence[FunctionSecretVolumeArgs]] = None,
        service_account_email: Optional[str] = None,
        source_archive_bucket: Optional[str] = None,
        source_archive_object: Optional[str] = None,
        source_repository: Optional[FunctionSourceRepositoryArgs] = None,
        status: Optional[str] = None,
        timeout: Optional[int] = None,
        trigger_http: Optional[bool] = None,
        vpc_connector: Optional[str] = None,
        vpc_connector_egress_settings: Optional[str] = None) -> Function

func GetFunction(ctx *Context, name string, id IDInput, state *FunctionState, opts ...ResourceOption) (*Function, error)

public static Function Get(string name, Input<string> id, FunctionState? state, CustomResourceOptions? opts = null)

public static Function get(String name, Output<String> id, FunctionState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AvailableMemoryMb int: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
BuildEnvironmentVariables Dictionary<string, object>: A set of key/value environment variable pairs available during build time.
BuildWorkerPool string: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
Description string: Description of the function.
DockerRegistry string: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
DockerRepository string: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
EntryPoint string: Name of the function that will be executed when the Google Cloud Function is triggered.
EnvironmentVariables Dictionary<string, object>: A set of key/value environment variable pairs to assign to the function.
EventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
HttpsTriggerSecurityLevel string: The security level for the function. The following options are available:
HttpsTriggerUrl string: URL which triggers function execution. Returned only if trigger_http is used.
IngressSettings string: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
KmsKeyName string: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
Labels Dictionary<string, object>: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
MaxInstances int: The limit on the maximum number of function instances that may coexist at a given time.
MinInstances int: The limit on the minimum number of function instances that may coexist at a given time.
Name string: A user-defined name of the function. Function names must be unique globally.
Project string: Project of the function. If it is not provided, the provider project is used.
Region string: Region of function. If it is not provided, the provider region is used.
Runtime string: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
SecretEnvironmentVariables List<FunctionSecretEnvironmentVariableArgs>: Secret environment variables configuration. Structure is documented below.
SecretVolumes List<FunctionSecretVolumeArgs>: Secret volumes configuration. Structure is documented below.
ServiceAccountEmail string: If provided, the self-provided service account to run the function with.
SourceArchiveBucket string: The GCS bucket containing the zip archive which contains the function.
SourceArchiveObject string: The source archive object (file) in archive bucket.
SourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
Status string: Describes the current stage of a deployment.
Timeout int: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
TriggerHttp bool: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
VpcConnector string: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
VpcConnectorEgressSettings string: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

AvailableMemoryMb int: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
BuildEnvironmentVariables map[string]interface{}: A set of key/value environment variable pairs available during build time.
BuildWorkerPool string: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
Description string: Description of the function.
DockerRegistry string: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
DockerRepository string: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
EntryPoint string: Name of the function that will be executed when the Google Cloud Function is triggered.
EnvironmentVariables map[string]interface{}: A set of key/value environment variable pairs to assign to the function.
EventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
HttpsTriggerSecurityLevel string: The security level for the function. The following options are available:
HttpsTriggerUrl string: URL which triggers function execution. Returned only if trigger_http is used.
IngressSettings string: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
KmsKeyName string: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
Labels map[string]interface{}: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
MaxInstances int: The limit on the maximum number of function instances that may coexist at a given time.
MinInstances int: The limit on the minimum number of function instances that may coexist at a given time.
Name string: A user-defined name of the function. Function names must be unique globally.
Project string: Project of the function. If it is not provided, the provider project is used.
Region string: Region of function. If it is not provided, the provider region is used.
Runtime string: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
SecretEnvironmentVariables []FunctionSecretEnvironmentVariableArgs: Secret environment variables configuration. Structure is documented below.
SecretVolumes []FunctionSecretVolumeArgs: Secret volumes configuration. Structure is documented below.
ServiceAccountEmail string: If provided, the self-provided service account to run the function with.
SourceArchiveBucket string: The GCS bucket containing the zip archive which contains the function.
SourceArchiveObject string: The source archive object (file) in archive bucket.
SourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
Status string: Describes the current stage of a deployment.
Timeout int: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
TriggerHttp bool: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
VpcConnector string: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
VpcConnectorEgressSettings string: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

availableMemoryMb Integer: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
buildEnvironmentVariables Map<String,Object>: A set of key/value environment variable pairs available during build time.
buildWorkerPool String: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description String: Description of the function.
dockerRegistry String: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
dockerRepository String: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entryPoint String: Name of the function that will be executed when the Google Cloud Function is triggered.
environmentVariables Map<String,Object>: A set of key/value environment variable pairs to assign to the function.
eventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
httpsTriggerSecurityLevel String: The security level for the function. The following options are available:
httpsTriggerUrl String: URL which triggers function execution. Returned only if trigger_http is used.
ingressSettings String: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kmsKeyName String: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels Map<String,Object>: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
maxInstances Integer: The limit on the maximum number of function instances that may coexist at a given time.
minInstances Integer: The limit on the minimum number of function instances that may coexist at a given time.
name String: A user-defined name of the function. Function names must be unique globally.
project String: Project of the function. If it is not provided, the provider project is used.
region String: Region of function. If it is not provided, the provider region is used.
runtime String: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
secretEnvironmentVariables List<FunctionSecretEnvironmentVariableArgs>: Secret environment variables configuration. Structure is documented below.
secretVolumes List<FunctionSecretVolumeArgs>: Secret volumes configuration. Structure is documented below.
serviceAccountEmail String: If provided, the self-provided service account to run the function with.
sourceArchiveBucket String: The GCS bucket containing the zip archive which contains the function.
sourceArchiveObject String: The source archive object (file) in archive bucket.
sourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
status String: Describes the current stage of a deployment.
timeout Integer: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
triggerHttp Boolean: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpcConnector String: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpcConnectorEgressSettings String: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

availableMemoryMb number: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
buildEnvironmentVariables {[key: string]: any}: A set of key/value environment variable pairs available during build time.
buildWorkerPool string: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description string: Description of the function.
dockerRegistry string: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
dockerRepository string: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entryPoint string: Name of the function that will be executed when the Google Cloud Function is triggered.
environmentVariables {[key: string]: any}: A set of key/value environment variable pairs to assign to the function.
eventTrigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
httpsTriggerSecurityLevel string: The security level for the function. The following options are available:
httpsTriggerUrl string: URL which triggers function execution. Returned only if trigger_http is used.
ingressSettings string: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kmsKeyName string: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels {[key: string]: any}: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
maxInstances number: The limit on the maximum number of function instances that may coexist at a given time.
minInstances number: The limit on the minimum number of function instances that may coexist at a given time.
name string: A user-defined name of the function. Function names must be unique globally.
project string: Project of the function. If it is not provided, the provider project is used.
region string: Region of function. If it is not provided, the provider region is used.
runtime string: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
secretEnvironmentVariables FunctionSecretEnvironmentVariableArgs[]: Secret environment variables configuration. Structure is documented below.
secretVolumes FunctionSecretVolumeArgs[]: Secret volumes configuration. Structure is documented below.
serviceAccountEmail string: If provided, the self-provided service account to run the function with.
sourceArchiveBucket string: The GCS bucket containing the zip archive which contains the function.
sourceArchiveObject string: The source archive object (file) in archive bucket.
sourceRepository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
status string: Describes the current stage of a deployment.
timeout number: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
triggerHttp boolean: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpcConnector string: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpcConnectorEgressSettings string: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

available_memory_mb int: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
build_environment_variables Mapping[str, Any]: A set of key/value environment variable pairs available during build time.
build_worker_pool str: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description str: Description of the function.
docker_registry str: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
docker_repository str: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entry_point str: Name of the function that will be executed when the Google Cloud Function is triggered.
environment_variables Mapping[str, Any]: A set of key/value environment variable pairs to assign to the function.
event_trigger FunctionEventTriggerArgs: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
https_trigger_security_level str: The security level for the function. The following options are available:
https_trigger_url str: URL which triggers function execution. Returned only if trigger_http is used.
ingress_settings str: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kms_key_name str: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels Mapping[str, Any]: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
max_instances int: The limit on the maximum number of function instances that may coexist at a given time.
min_instances int: The limit on the minimum number of function instances that may coexist at a given time.
name str: A user-defined name of the function. Function names must be unique globally.
project str: Project of the function. If it is not provided, the provider project is used.
region str: Region of function. If it is not provided, the provider region is used.
runtime str: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
secret_environment_variables Sequence[FunctionSecretEnvironmentVariableArgs]: Secret environment variables configuration. Structure is documented below.
secret_volumes Sequence[FunctionSecretVolumeArgs]: Secret volumes configuration. Structure is documented below.
service_account_email str: If provided, the self-provided service account to run the function with.
source_archive_bucket str: The GCS bucket containing the zip archive which contains the function.
source_archive_object str: The source archive object (file) in archive bucket.
source_repository FunctionSourceRepositoryArgs: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
status str: Describes the current stage of a deployment.
timeout int: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
trigger_http bool: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpc_connector str: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpc_connector_egress_settings str: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

availableMemoryMb Number: Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.
buildEnvironmentVariables Map<Any>: A set of key/value environment variable pairs available during build time.
buildWorkerPool String: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
description String: Description of the function.
dockerRegistry String: Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
dockerRepository String: User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
entryPoint String: Name of the function that will be executed when the Google Cloud Function is triggered.
environmentVariables Map<Any>: A set of key/value environment variable pairs to assign to the function.
eventTrigger Property Map: A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.
httpsTriggerSecurityLevel String: The security level for the function. The following options are available:
httpsTriggerUrl String: URL which triggers function execution. Returned only if trigger_http is used.
ingressSettings String: String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.
kmsKeyName String: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key
labels Map<Any>: A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
maxInstances Number: The limit on the maximum number of function instances that may coexist at a given time.
minInstances Number: The limit on the minimum number of function instances that may coexist at a given time.
name String: A user-defined name of the function. Function names must be unique globally.
project String: Project of the function. If it is not provided, the provider project is used.
region String: Region of function. If it is not provided, the provider region is used.
runtime String: The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.
secretEnvironmentVariables List<Property Map>: Secret environment variables configuration. Structure is documented below.
secretVolumes List<Property Map>: Secret volumes configuration. Structure is documented below.
serviceAccountEmail String: If provided, the self-provided service account to run the function with.
sourceArchiveBucket String: The GCS bucket containing the zip archive which contains the function.
sourceArchiveObject String: The source archive object (file) in archive bucket.
sourceRepository Property Map: Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*
status String: Describes the current stage of a deployment.
timeout Number: Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
triggerHttp Boolean: Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.
vpcConnector String: The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*.
vpcConnectorEgressSettings String: The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.

Supporting Types

FunctionEventTrigger

EventType string: The type of event to observe. For example: "google.storage.object.finalize". See the documentation on calling Cloud Functions for a full reference of accepted triggers.
Resource string: Required. The name or partial URI of the resource from which to observe events. For example, "myBucket" or "projects/my-project/topics/my-topic"
FailurePolicy FunctionEventTriggerFailurePolicy: Specifies policy for failed executions. Structure is documented below.

EventType string: The type of event to observe. For example: "google.storage.object.finalize". See the documentation on calling Cloud Functions for a full reference of accepted triggers.
Resource string: Required. The name or partial URI of the resource from which to observe events. For example, "myBucket" or "projects/my-project/topics/my-topic"
FailurePolicy FunctionEventTriggerFailurePolicy: Specifies policy for failed executions. Structure is documented below.

eventType String: The type of event to observe. For example: "google.storage.object.finalize". See the documentation on calling Cloud Functions for a full reference of accepted triggers.
resource String: Required. The name or partial URI of the resource from which to observe events. For example, "myBucket" or "projects/my-project/topics/my-topic"
failurePolicy FunctionEventTriggerFailurePolicy: Specifies policy for failed executions. Structure is documented below.

eventType string: The type of event to observe. For example: "google.storage.object.finalize". See the documentation on calling Cloud Functions for a full reference of accepted triggers.
resource string: Required. The name or partial URI of the resource from which to observe events. For example, "myBucket" or "projects/my-project/topics/my-topic"
failurePolicy FunctionEventTriggerFailurePolicy: Specifies policy for failed executions. Structure is documented below.

event_type str: The type of event to observe. For example: "google.storage.object.finalize". See the documentation on calling Cloud Functions for a full reference of accepted triggers.
resource str: Required. The name or partial URI of the resource from which to observe events. For example, "myBucket" or "projects/my-project/topics/my-topic"
failure_policy FunctionEventTriggerFailurePolicy: Specifies policy for failed executions. Structure is documented below.

eventType String: The type of event to observe. For example: "google.storage.object.finalize". See the documentation on calling Cloud Functions for a full reference of accepted triggers.
resource String: Required. The name or partial URI of the resource from which to observe events. For example, "myBucket" or "projects/my-project/topics/my-topic"
failurePolicy Property Map: Specifies policy for failed executions. Structure is documented below.

FunctionEventTriggerFailurePolicy

Retry bool: Whether the function should be retried on failure. Defaults to false.

Retry bool: Whether the function should be retried on failure. Defaults to false.

retry Boolean: Whether the function should be retried on failure. Defaults to false.

retry boolean: Whether the function should be retried on failure. Defaults to false.

retry bool: Whether the function should be retried on failure. Defaults to false.

retry Boolean: Whether the function should be retried on failure. Defaults to false.

FunctionSecretEnvironmentVariable

Key string: Name of the environment variable.
Secret string: ID of the secret in secret manager (not the full resource name).
Version string: Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
ProjectId string: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.

Key string: Name of the environment variable.
Secret string: ID of the secret in secret manager (not the full resource name).
Version string: Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
ProjectId string: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.

key String: Name of the environment variable.
secret String: ID of the secret in secret manager (not the full resource name).
version String: Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
projectId String: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.

key string: Name of the environment variable.
secret string: ID of the secret in secret manager (not the full resource name).
version string: Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
projectId string: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.

key str: Name of the environment variable.
secret str: ID of the secret in secret manager (not the full resource name).
version str: Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
project_id str: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.

key String: Name of the environment variable.
secret String: ID of the secret in secret manager (not the full resource name).
version String: Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
projectId String: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.

FunctionSecretVolume

MountPath string: The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
Secret string: ID of the secret in secret manager (not the full resource name).
ProjectId string: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
Versions List<FunctionSecretVolumeVersion>: List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.

MountPath string: The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
Secret string: ID of the secret in secret manager (not the full resource name).
ProjectId string: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
Versions []FunctionSecretVolumeVersion: List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.

mountPath String: The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
secret String: ID of the secret in secret manager (not the full resource name).
projectId String: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
versions List<FunctionSecretVolumeVersion>: List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.

mountPath string: The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
secret string: ID of the secret in secret manager (not the full resource name).
projectId string: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
versions FunctionSecretVolumeVersion[]: List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.

mount_path str: The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
secret str: ID of the secret in secret manager (not the full resource name).
project_id str: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
versions Sequence[FunctionSecretVolumeVersion]: List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.

mountPath String: The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
secret String: ID of the secret in secret manager (not the full resource name).
projectId String: Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
versions List<Property Map>: List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.

FunctionSecretVolumeVersion

Path string: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
Version string: Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.

Path string: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
Version string: Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.

path String: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
version String: Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.

path string: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
version string: Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.

path str: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
version str: Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.

path String: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
version String: Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.