gcp.cloudfunctions.Function
Explore with Pulumi AI
Creates a new Cloud Function. For more information see:
- API documentation
- How-to Guides
Warning: As of November 1, 2019, newly created Functions are private-by-default and will require appropriate IAM permissions to be invoked. See below examples for how to set up the appropriate permissions, or view the Cloud Functions IAM resources for Cloud Functions.
Example Usage
Public Function
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var bucket = new Gcp.Storage.Bucket("bucket", new()
{
Location = "US",
});
var archive = new Gcp.Storage.BucketObject("archive", new()
{
Bucket = bucket.Name,
Source = new FileAsset("./path/to/zip/file/which/contains/code"),
});
var function = new Gcp.CloudFunctions.Function("function", new()
{
Description = "My function",
Runtime = "nodejs16",
AvailableMemoryMb = 128,
SourceArchiveBucket = bucket.Name,
SourceArchiveObject = archive.Name,
TriggerHttp = true,
EntryPoint = "helloGET",
});
// IAM entry for all users to invoke the function
var invoker = new Gcp.CloudFunctions.FunctionIamMember("invoker", new()
{
Project = function.Project,
Region = function.Region,
CloudFunction = function.Name,
Role = "roles/cloudfunctions.invoker",
Member = "allUsers",
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudfunctions"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
bucket, err := storage.NewBucket(ctx, "bucket", &storage.BucketArgs{
Location: pulumi.String("US"),
})
if err != nil {
return err
}
archive, err := storage.NewBucketObject(ctx, "archive", &storage.BucketObjectArgs{
Bucket: bucket.Name,
Source: pulumi.NewFileAsset("./path/to/zip/file/which/contains/code"),
})
if err != nil {
return err
}
function, err := cloudfunctions.NewFunction(ctx, "function", &cloudfunctions.FunctionArgs{
Description: pulumi.String("My function"),
Runtime: pulumi.String("nodejs16"),
AvailableMemoryMb: pulumi.Int(128),
SourceArchiveBucket: bucket.Name,
SourceArchiveObject: archive.Name,
TriggerHttp: pulumi.Bool(true),
EntryPoint: pulumi.String("helloGET"),
})
if err != nil {
return err
}
_, err = cloudfunctions.NewFunctionIamMember(ctx, "invoker", &cloudfunctions.FunctionIamMemberArgs{
Project: function.Project,
Region: function.Region,
CloudFunction: function.Name,
Role: pulumi.String("roles/cloudfunctions.invoker"),
Member: pulumi.String("allUsers"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.storage.BucketObject;
import com.pulumi.gcp.storage.BucketObjectArgs;
import com.pulumi.gcp.cloudfunctions.Function;
import com.pulumi.gcp.cloudfunctions.FunctionArgs;
import com.pulumi.gcp.cloudfunctions.FunctionIamMember;
import com.pulumi.gcp.cloudfunctions.FunctionIamMemberArgs;
import com.pulumi.asset.FileAsset;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucket = new Bucket("bucket", BucketArgs.builder()
.location("US")
.build());
var archive = new BucketObject("archive", BucketObjectArgs.builder()
.bucket(bucket.name())
.source(new FileAsset("./path/to/zip/file/which/contains/code"))
.build());
var function = new Function("function", FunctionArgs.builder()
.description("My function")
.runtime("nodejs16")
.availableMemoryMb(128)
.sourceArchiveBucket(bucket.name())
.sourceArchiveObject(archive.name())
.triggerHttp(true)
.entryPoint("helloGET")
.build());
var invoker = new FunctionIamMember("invoker", FunctionIamMemberArgs.builder()
.project(function.project())
.region(function.region())
.cloudFunction(function.name())
.role("roles/cloudfunctions.invoker")
.member("allUsers")
.build());
}
}
import pulumi
import pulumi_gcp as gcp
bucket = gcp.storage.Bucket("bucket", location="US")
archive = gcp.storage.BucketObject("archive",
bucket=bucket.name,
source=pulumi.FileAsset("./path/to/zip/file/which/contains/code"))
function = gcp.cloudfunctions.Function("function",
description="My function",
runtime="nodejs16",
available_memory_mb=128,
source_archive_bucket=bucket.name,
source_archive_object=archive.name,
trigger_http=True,
entry_point="helloGET")
# IAM entry for all users to invoke the function
invoker = gcp.cloudfunctions.FunctionIamMember("invoker",
project=function.project,
region=function.region,
cloud_function=function.name,
role="roles/cloudfunctions.invoker",
member="allUsers")
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const bucket = new gcp.storage.Bucket("bucket", {location: "US"});
const archive = new gcp.storage.BucketObject("archive", {
bucket: bucket.name,
source: new pulumi.asset.FileAsset("./path/to/zip/file/which/contains/code"),
});
const _function = new gcp.cloudfunctions.Function("function", {
description: "My function",
runtime: "nodejs16",
availableMemoryMb: 128,
sourceArchiveBucket: bucket.name,
sourceArchiveObject: archive.name,
triggerHttp: true,
entryPoint: "helloGET",
});
// IAM entry for all users to invoke the function
const invoker = new gcp.cloudfunctions.FunctionIamMember("invoker", {
project: _function.project,
region: _function.region,
cloudFunction: _function.name,
role: "roles/cloudfunctions.invoker",
member: "allUsers",
});
resources:
bucket:
type: gcp:storage:Bucket
properties:
location: US
archive:
type: gcp:storage:BucketObject
properties:
bucket: ${bucket.name}
source:
fn::FileAsset: ./path/to/zip/file/which/contains/code
function:
type: gcp:cloudfunctions:Function
properties:
description: My function
runtime: nodejs16
availableMemoryMb: 128
sourceArchiveBucket: ${bucket.name}
sourceArchiveObject: ${archive.name}
triggerHttp: true
entryPoint: helloGET
# IAM entry for all users to invoke the function
invoker:
type: gcp:cloudfunctions:FunctionIamMember
properties:
project: ${function.project}
region: ${function.region}
cloudFunction: ${function.name}
role: roles/cloudfunctions.invoker
member: allUsers
Single User
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var bucket = new Gcp.Storage.Bucket("bucket", new()
{
Location = "US",
});
var archive = new Gcp.Storage.BucketObject("archive", new()
{
Bucket = bucket.Name,
Source = new FileAsset("./path/to/zip/file/which/contains/code"),
});
var function = new Gcp.CloudFunctions.Function("function", new()
{
Description = "My function",
Runtime = "nodejs16",
AvailableMemoryMb = 128,
SourceArchiveBucket = bucket.Name,
SourceArchiveObject = archive.Name,
TriggerHttp = true,
HttpsTriggerSecurityLevel = "SECURE_ALWAYS",
Timeout = 60,
EntryPoint = "helloGET",
Labels =
{
{ "my-label", "my-label-value" },
},
EnvironmentVariables =
{
{ "MY_ENV_VAR", "my-env-var-value" },
},
});
// IAM entry for a single user to invoke the function
var invoker = new Gcp.CloudFunctions.FunctionIamMember("invoker", new()
{
Project = function.Project,
Region = function.Region,
CloudFunction = function.Name,
Role = "roles/cloudfunctions.invoker",
Member = "user:myFunctionInvoker@example.com",
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudfunctions"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
bucket, err := storage.NewBucket(ctx, "bucket", &storage.BucketArgs{
Location: pulumi.String("US"),
})
if err != nil {
return err
}
archive, err := storage.NewBucketObject(ctx, "archive", &storage.BucketObjectArgs{
Bucket: bucket.Name,
Source: pulumi.NewFileAsset("./path/to/zip/file/which/contains/code"),
})
if err != nil {
return err
}
function, err := cloudfunctions.NewFunction(ctx, "function", &cloudfunctions.FunctionArgs{
Description: pulumi.String("My function"),
Runtime: pulumi.String("nodejs16"),
AvailableMemoryMb: pulumi.Int(128),
SourceArchiveBucket: bucket.Name,
SourceArchiveObject: archive.Name,
TriggerHttp: pulumi.Bool(true),
HttpsTriggerSecurityLevel: pulumi.String("SECURE_ALWAYS"),
Timeout: pulumi.Int(60),
EntryPoint: pulumi.String("helloGET"),
Labels: pulumi.AnyMap{
"my-label": pulumi.Any("my-label-value"),
},
EnvironmentVariables: pulumi.AnyMap{
"MY_ENV_VAR": pulumi.Any("my-env-var-value"),
},
})
if err != nil {
return err
}
_, err = cloudfunctions.NewFunctionIamMember(ctx, "invoker", &cloudfunctions.FunctionIamMemberArgs{
Project: function.Project,
Region: function.Region,
CloudFunction: function.Name,
Role: pulumi.String("roles/cloudfunctions.invoker"),
Member: pulumi.String("user:myFunctionInvoker@example.com"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.storage.BucketObject;
import com.pulumi.gcp.storage.BucketObjectArgs;
import com.pulumi.gcp.cloudfunctions.Function;
import com.pulumi.gcp.cloudfunctions.FunctionArgs;
import com.pulumi.gcp.cloudfunctions.FunctionIamMember;
import com.pulumi.gcp.cloudfunctions.FunctionIamMemberArgs;
import com.pulumi.asset.FileAsset;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucket = new Bucket("bucket", BucketArgs.builder()
.location("US")
.build());
var archive = new BucketObject("archive", BucketObjectArgs.builder()
.bucket(bucket.name())
.source(new FileAsset("./path/to/zip/file/which/contains/code"))
.build());
var function = new Function("function", FunctionArgs.builder()
.description("My function")
.runtime("nodejs16")
.availableMemoryMb(128)
.sourceArchiveBucket(bucket.name())
.sourceArchiveObject(archive.name())
.triggerHttp(true)
.httpsTriggerSecurityLevel("SECURE_ALWAYS")
.timeout(60)
.entryPoint("helloGET")
.labels(Map.of("my-label", "my-label-value"))
.environmentVariables(Map.of("MY_ENV_VAR", "my-env-var-value"))
.build());
var invoker = new FunctionIamMember("invoker", FunctionIamMemberArgs.builder()
.project(function.project())
.region(function.region())
.cloudFunction(function.name())
.role("roles/cloudfunctions.invoker")
.member("user:myFunctionInvoker@example.com")
.build());
}
}
import pulumi
import pulumi_gcp as gcp
bucket = gcp.storage.Bucket("bucket", location="US")
archive = gcp.storage.BucketObject("archive",
bucket=bucket.name,
source=pulumi.FileAsset("./path/to/zip/file/which/contains/code"))
function = gcp.cloudfunctions.Function("function",
description="My function",
runtime="nodejs16",
available_memory_mb=128,
source_archive_bucket=bucket.name,
source_archive_object=archive.name,
trigger_http=True,
https_trigger_security_level="SECURE_ALWAYS",
timeout=60,
entry_point="helloGET",
labels={
"my-label": "my-label-value",
},
environment_variables={
"MY_ENV_VAR": "my-env-var-value",
})
# IAM entry for a single user to invoke the function
invoker = gcp.cloudfunctions.FunctionIamMember("invoker",
project=function.project,
region=function.region,
cloud_function=function.name,
role="roles/cloudfunctions.invoker",
member="user:myFunctionInvoker@example.com")
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const bucket = new gcp.storage.Bucket("bucket", {location: "US"});
const archive = new gcp.storage.BucketObject("archive", {
bucket: bucket.name,
source: new pulumi.asset.FileAsset("./path/to/zip/file/which/contains/code"),
});
const _function = new gcp.cloudfunctions.Function("function", {
description: "My function",
runtime: "nodejs16",
availableMemoryMb: 128,
sourceArchiveBucket: bucket.name,
sourceArchiveObject: archive.name,
triggerHttp: true,
httpsTriggerSecurityLevel: "SECURE_ALWAYS",
timeout: 60,
entryPoint: "helloGET",
labels: {
"my-label": "my-label-value",
},
environmentVariables: {
MY_ENV_VAR: "my-env-var-value",
},
});
// IAM entry for a single user to invoke the function
const invoker = new gcp.cloudfunctions.FunctionIamMember("invoker", {
project: _function.project,
region: _function.region,
cloudFunction: _function.name,
role: "roles/cloudfunctions.invoker",
member: "user:myFunctionInvoker@example.com",
});
resources:
bucket:
type: gcp:storage:Bucket
properties:
location: US
archive:
type: gcp:storage:BucketObject
properties:
bucket: ${bucket.name}
source:
fn::FileAsset: ./path/to/zip/file/which/contains/code
function:
type: gcp:cloudfunctions:Function
properties:
description: My function
runtime: nodejs16
availableMemoryMb: 128
sourceArchiveBucket: ${bucket.name}
sourceArchiveObject: ${archive.name}
triggerHttp: true
httpsTriggerSecurityLevel: SECURE_ALWAYS
timeout: 60
entryPoint: helloGET
labels:
my-label: my-label-value
environmentVariables:
MY_ENV_VAR: my-env-var-value
# IAM entry for a single user to invoke the function
invoker:
type: gcp:cloudfunctions:FunctionIamMember
properties:
project: ${function.project}
region: ${function.region}
cloudFunction: ${function.name}
role: roles/cloudfunctions.invoker
member: user:myFunctionInvoker@example.com
Create Function Resource
new Function(name: string, args: FunctionArgs, opts?: CustomResourceOptions);
@overload
def Function(resource_name: str,
opts: Optional[ResourceOptions] = None,
available_memory_mb: Optional[int] = None,
build_environment_variables: Optional[Mapping[str, Any]] = None,
build_worker_pool: Optional[str] = None,
description: Optional[str] = None,
docker_registry: Optional[str] = None,
docker_repository: Optional[str] = None,
entry_point: Optional[str] = None,
environment_variables: Optional[Mapping[str, Any]] = None,
event_trigger: Optional[FunctionEventTriggerArgs] = None,
https_trigger_security_level: Optional[str] = None,
https_trigger_url: Optional[str] = None,
ingress_settings: Optional[str] = None,
kms_key_name: Optional[str] = None,
labels: Optional[Mapping[str, Any]] = None,
max_instances: Optional[int] = None,
min_instances: Optional[int] = None,
name: Optional[str] = None,
project: Optional[str] = None,
region: Optional[str] = None,
runtime: Optional[str] = None,
secret_environment_variables: Optional[Sequence[FunctionSecretEnvironmentVariableArgs]] = None,
secret_volumes: Optional[Sequence[FunctionSecretVolumeArgs]] = None,
service_account_email: Optional[str] = None,
source_archive_bucket: Optional[str] = None,
source_archive_object: Optional[str] = None,
source_repository: Optional[FunctionSourceRepositoryArgs] = None,
timeout: Optional[int] = None,
trigger_http: Optional[bool] = None,
vpc_connector: Optional[str] = None,
vpc_connector_egress_settings: Optional[str] = None)
@overload
def Function(resource_name: str,
args: FunctionArgs,
opts: Optional[ResourceOptions] = None)
func NewFunction(ctx *Context, name string, args FunctionArgs, opts ...ResourceOption) (*Function, error)
public Function(string name, FunctionArgs args, CustomResourceOptions? opts = null)
public Function(String name, FunctionArgs args)
public Function(String name, FunctionArgs args, CustomResourceOptions options)
type: gcp:cloudfunctions:Function
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Function Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Function resource accepts the following input properties:
- Runtime string
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- Available
Memory intMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- Build
Environment Dictionary<string, object>Variables A set of key/value environment variable pairs available during build time.
- Build
Worker stringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- Description string
Description of the function.
- Docker
Registry string Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- Docker
Repository string User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- Entry
Point string Name of the function that will be executed when the Google Cloud Function is triggered.
- Environment
Variables Dictionary<string, object> A set of key/value environment variable pairs to assign to the function.
- Event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- Https
Trigger stringSecurity Level The security level for the function. The following options are available:
- Https
Trigger stringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- Ingress
Settings string String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- Kms
Key stringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- Labels Dictionary<string, object>
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- Max
Instances int The limit on the maximum number of function instances that may coexist at a given time.
- Min
Instances int The limit on the minimum number of function instances that may coexist at a given time.
- Name string
A user-defined name of the function. Function names must be unique globally.
- Project string
Project of the function. If it is not provided, the provider project is used.
- Region string
Region of function. If it is not provided, the provider region is used.
- Secret
Environment List<FunctionVariables Secret Environment Variable Args> Secret environment variables configuration. Structure is documented below.
- Secret
Volumes List<FunctionSecret Volume Args> Secret volumes configuration. Structure is documented below.
- Service
Account stringEmail If provided, the self-provided service account to run the function with.
- Source
Archive stringBucket The GCS bucket containing the zip archive which contains the function.
- Source
Archive stringObject The source archive object (file) in archive bucket.
- Source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- Timeout int
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- Trigger
Http bool Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- Vpc
Connector string The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- Vpc
Connector stringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- Runtime string
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- Available
Memory intMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- Build
Environment map[string]interface{}Variables A set of key/value environment variable pairs available during build time.
- Build
Worker stringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- Description string
Description of the function.
- Docker
Registry string Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- Docker
Repository string User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- Entry
Point string Name of the function that will be executed when the Google Cloud Function is triggered.
- Environment
Variables map[string]interface{} A set of key/value environment variable pairs to assign to the function.
- Event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- Https
Trigger stringSecurity Level The security level for the function. The following options are available:
- Https
Trigger stringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- Ingress
Settings string String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- Kms
Key stringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- Labels map[string]interface{}
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- Max
Instances int The limit on the maximum number of function instances that may coexist at a given time.
- Min
Instances int The limit on the minimum number of function instances that may coexist at a given time.
- Name string
A user-defined name of the function. Function names must be unique globally.
- Project string
Project of the function. If it is not provided, the provider project is used.
- Region string
Region of function. If it is not provided, the provider region is used.
- Secret
Environment []FunctionVariables Secret Environment Variable Args Secret environment variables configuration. Structure is documented below.
- Secret
Volumes []FunctionSecret Volume Args Secret volumes configuration. Structure is documented below.
- Service
Account stringEmail If provided, the self-provided service account to run the function with.
- Source
Archive stringBucket The GCS bucket containing the zip archive which contains the function.
- Source
Archive stringObject The source archive object (file) in archive bucket.
- Source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- Timeout int
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- Trigger
Http bool Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- Vpc
Connector string The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- Vpc
Connector stringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- runtime String
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- available
Memory IntegerMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build
Environment Map<String,Object>Variables A set of key/value environment variable pairs available during build time.
- build
Worker StringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description String
Description of the function.
- docker
Registry String Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker
Repository String User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry
Point String Name of the function that will be executed when the Google Cloud Function is triggered.
- environment
Variables Map<String,Object> A set of key/value environment variable pairs to assign to the function.
- event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https
Trigger StringSecurity Level The security level for the function. The following options are available:
- https
Trigger StringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress
Settings String String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms
Key StringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels Map<String,Object>
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max
Instances Integer The limit on the maximum number of function instances that may coexist at a given time.
- min
Instances Integer The limit on the minimum number of function instances that may coexist at a given time.
- name String
A user-defined name of the function. Function names must be unique globally.
- project String
Project of the function. If it is not provided, the provider project is used.
- region String
Region of function. If it is not provided, the provider region is used.
- secret
Environment List<FunctionVariables Secret Environment Variable Args> Secret environment variables configuration. Structure is documented below.
- secret
Volumes List<FunctionSecret Volume Args> Secret volumes configuration. Structure is documented below.
- service
Account StringEmail If provided, the self-provided service account to run the function with.
- source
Archive StringBucket The GCS bucket containing the zip archive which contains the function.
- source
Archive StringObject The source archive object (file) in archive bucket.
- source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- timeout Integer
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger
Http Boolean Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc
Connector String The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc
Connector StringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- runtime string
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- available
Memory numberMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build
Environment {[key: string]: any}Variables A set of key/value environment variable pairs available during build time.
- build
Worker stringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description string
Description of the function.
- docker
Registry string Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker
Repository string User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry
Point string Name of the function that will be executed when the Google Cloud Function is triggered.
- environment
Variables {[key: string]: any} A set of key/value environment variable pairs to assign to the function.
- event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https
Trigger stringSecurity Level The security level for the function. The following options are available:
- https
Trigger stringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress
Settings string String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms
Key stringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels {[key: string]: any}
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max
Instances number The limit on the maximum number of function instances that may coexist at a given time.
- min
Instances number The limit on the minimum number of function instances that may coexist at a given time.
- name string
A user-defined name of the function. Function names must be unique globally.
- project string
Project of the function. If it is not provided, the provider project is used.
- region string
Region of function. If it is not provided, the provider region is used.
- secret
Environment FunctionVariables Secret Environment Variable Args[] Secret environment variables configuration. Structure is documented below.
- secret
Volumes FunctionSecret Volume Args[] Secret volumes configuration. Structure is documented below.
- service
Account stringEmail If provided, the self-provided service account to run the function with.
- source
Archive stringBucket The GCS bucket containing the zip archive which contains the function.
- source
Archive stringObject The source archive object (file) in archive bucket.
- source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- timeout number
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger
Http boolean Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc
Connector string The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc
Connector stringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- runtime str
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- available_
memory_ intmb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build_
environment_ Mapping[str, Any]variables A set of key/value environment variable pairs available during build time.
- build_
worker_ strpool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description str
Description of the function.
- docker_
registry str Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker_
repository str User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry_
point str Name of the function that will be executed when the Google Cloud Function is triggered.
- environment_
variables Mapping[str, Any] A set of key/value environment variable pairs to assign to the function.
- event_
trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https_
trigger_ strsecurity_ level The security level for the function. The following options are available:
- https_
trigger_ strurl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress_
settings str String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms_
key_ strname Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels Mapping[str, Any]
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max_
instances int The limit on the maximum number of function instances that may coexist at a given time.
- min_
instances int The limit on the minimum number of function instances that may coexist at a given time.
- name str
A user-defined name of the function. Function names must be unique globally.
- project str
Project of the function. If it is not provided, the provider project is used.
- region str
Region of function. If it is not provided, the provider region is used.
- secret_
environment_ Sequence[Functionvariables Secret Environment Variable Args] Secret environment variables configuration. Structure is documented below.
- secret_
volumes Sequence[FunctionSecret Volume Args] Secret volumes configuration. Structure is documented below.
- service_
account_ stremail If provided, the self-provided service account to run the function with.
- source_
archive_ strbucket The GCS bucket containing the zip archive which contains the function.
- source_
archive_ strobject The source archive object (file) in archive bucket.
- source_
repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- timeout int
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger_
http bool Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc_
connector str The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc_
connector_ stregress_ settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- runtime String
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- available
Memory NumberMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build
Environment Map<Any>Variables A set of key/value environment variable pairs available during build time.
- build
Worker StringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description String
Description of the function.
- docker
Registry String Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker
Repository String User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry
Point String Name of the function that will be executed when the Google Cloud Function is triggered.
- environment
Variables Map<Any> A set of key/value environment variable pairs to assign to the function.
- event
Trigger Property Map A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https
Trigger StringSecurity Level The security level for the function. The following options are available:
- https
Trigger StringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress
Settings String String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms
Key StringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels Map<Any>
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max
Instances Number The limit on the maximum number of function instances that may coexist at a given time.
- min
Instances Number The limit on the minimum number of function instances that may coexist at a given time.
- name String
A user-defined name of the function. Function names must be unique globally.
- project String
Project of the function. If it is not provided, the provider project is used.
- region String
Region of function. If it is not provided, the provider region is used.
- secret
Environment List<Property Map>Variables Secret environment variables configuration. Structure is documented below.
- secret
Volumes List<Property Map> Secret volumes configuration. Structure is documented below.
- service
Account StringEmail If provided, the self-provided service account to run the function with.
- source
Archive StringBucket The GCS bucket containing the zip archive which contains the function.
- source
Archive StringObject The source archive object (file) in archive bucket.
- source
Repository Property Map Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- timeout Number
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger
Http Boolean Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc
Connector String The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc
Connector StringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
Outputs
All input properties are implicitly available as output properties. Additionally, the Function resource produces the following output properties:
Look up Existing Function Resource
Get an existing Function resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FunctionState, opts?: CustomResourceOptions): Function
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
available_memory_mb: Optional[int] = None,
build_environment_variables: Optional[Mapping[str, Any]] = None,
build_worker_pool: Optional[str] = None,
description: Optional[str] = None,
docker_registry: Optional[str] = None,
docker_repository: Optional[str] = None,
entry_point: Optional[str] = None,
environment_variables: Optional[Mapping[str, Any]] = None,
event_trigger: Optional[FunctionEventTriggerArgs] = None,
https_trigger_security_level: Optional[str] = None,
https_trigger_url: Optional[str] = None,
ingress_settings: Optional[str] = None,
kms_key_name: Optional[str] = None,
labels: Optional[Mapping[str, Any]] = None,
max_instances: Optional[int] = None,
min_instances: Optional[int] = None,
name: Optional[str] = None,
project: Optional[str] = None,
region: Optional[str] = None,
runtime: Optional[str] = None,
secret_environment_variables: Optional[Sequence[FunctionSecretEnvironmentVariableArgs]] = None,
secret_volumes: Optional[Sequence[FunctionSecretVolumeArgs]] = None,
service_account_email: Optional[str] = None,
source_archive_bucket: Optional[str] = None,
source_archive_object: Optional[str] = None,
source_repository: Optional[FunctionSourceRepositoryArgs] = None,
status: Optional[str] = None,
timeout: Optional[int] = None,
trigger_http: Optional[bool] = None,
vpc_connector: Optional[str] = None,
vpc_connector_egress_settings: Optional[str] = None) -> Function
func GetFunction(ctx *Context, name string, id IDInput, state *FunctionState, opts ...ResourceOption) (*Function, error)
public static Function Get(string name, Input<string> id, FunctionState? state, CustomResourceOptions? opts = null)
public static Function get(String name, Output<String> id, FunctionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Available
Memory intMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- Build
Environment Dictionary<string, object>Variables A set of key/value environment variable pairs available during build time.
- Build
Worker stringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- Description string
Description of the function.
- Docker
Registry string Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- Docker
Repository string User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- Entry
Point string Name of the function that will be executed when the Google Cloud Function is triggered.
- Environment
Variables Dictionary<string, object> A set of key/value environment variable pairs to assign to the function.
- Event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- Https
Trigger stringSecurity Level The security level for the function. The following options are available:
- Https
Trigger stringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- Ingress
Settings string String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- Kms
Key stringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- Labels Dictionary<string, object>
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- Max
Instances int The limit on the maximum number of function instances that may coexist at a given time.
- Min
Instances int The limit on the minimum number of function instances that may coexist at a given time.
- Name string
A user-defined name of the function. Function names must be unique globally.
- Project string
Project of the function. If it is not provided, the provider project is used.
- Region string
Region of function. If it is not provided, the provider region is used.
- Runtime string
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- Secret
Environment List<FunctionVariables Secret Environment Variable Args> Secret environment variables configuration. Structure is documented below.
- Secret
Volumes List<FunctionSecret Volume Args> Secret volumes configuration. Structure is documented below.
- Service
Account stringEmail If provided, the self-provided service account to run the function with.
- Source
Archive stringBucket The GCS bucket containing the zip archive which contains the function.
- Source
Archive stringObject The source archive object (file) in archive bucket.
- Source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- Status string
Describes the current stage of a deployment.
- Timeout int
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- Trigger
Http bool Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- Vpc
Connector string The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- Vpc
Connector stringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- Available
Memory intMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- Build
Environment map[string]interface{}Variables A set of key/value environment variable pairs available during build time.
- Build
Worker stringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- Description string
Description of the function.
- Docker
Registry string Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- Docker
Repository string User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- Entry
Point string Name of the function that will be executed when the Google Cloud Function is triggered.
- Environment
Variables map[string]interface{} A set of key/value environment variable pairs to assign to the function.
- Event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- Https
Trigger stringSecurity Level The security level for the function. The following options are available:
- Https
Trigger stringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- Ingress
Settings string String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- Kms
Key stringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- Labels map[string]interface{}
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- Max
Instances int The limit on the maximum number of function instances that may coexist at a given time.
- Min
Instances int The limit on the minimum number of function instances that may coexist at a given time.
- Name string
A user-defined name of the function. Function names must be unique globally.
- Project string
Project of the function. If it is not provided, the provider project is used.
- Region string
Region of function. If it is not provided, the provider region is used.
- Runtime string
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- Secret
Environment []FunctionVariables Secret Environment Variable Args Secret environment variables configuration. Structure is documented below.
- Secret
Volumes []FunctionSecret Volume Args Secret volumes configuration. Structure is documented below.
- Service
Account stringEmail If provided, the self-provided service account to run the function with.
- Source
Archive stringBucket The GCS bucket containing the zip archive which contains the function.
- Source
Archive stringObject The source archive object (file) in archive bucket.
- Source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- Status string
Describes the current stage of a deployment.
- Timeout int
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- Trigger
Http bool Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- Vpc
Connector string The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- Vpc
Connector stringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- available
Memory IntegerMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build
Environment Map<String,Object>Variables A set of key/value environment variable pairs available during build time.
- build
Worker StringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description String
Description of the function.
- docker
Registry String Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker
Repository String User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry
Point String Name of the function that will be executed when the Google Cloud Function is triggered.
- environment
Variables Map<String,Object> A set of key/value environment variable pairs to assign to the function.
- event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https
Trigger StringSecurity Level The security level for the function. The following options are available:
- https
Trigger StringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress
Settings String String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms
Key StringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels Map<String,Object>
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max
Instances Integer The limit on the maximum number of function instances that may coexist at a given time.
- min
Instances Integer The limit on the minimum number of function instances that may coexist at a given time.
- name String
A user-defined name of the function. Function names must be unique globally.
- project String
Project of the function. If it is not provided, the provider project is used.
- region String
Region of function. If it is not provided, the provider region is used.
- runtime String
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- secret
Environment List<FunctionVariables Secret Environment Variable Args> Secret environment variables configuration. Structure is documented below.
- secret
Volumes List<FunctionSecret Volume Args> Secret volumes configuration. Structure is documented below.
- service
Account StringEmail If provided, the self-provided service account to run the function with.
- source
Archive StringBucket The GCS bucket containing the zip archive which contains the function.
- source
Archive StringObject The source archive object (file) in archive bucket.
- source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- status String
Describes the current stage of a deployment.
- timeout Integer
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger
Http Boolean Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc
Connector String The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc
Connector StringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- available
Memory numberMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build
Environment {[key: string]: any}Variables A set of key/value environment variable pairs available during build time.
- build
Worker stringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description string
Description of the function.
- docker
Registry string Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker
Repository string User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry
Point string Name of the function that will be executed when the Google Cloud Function is triggered.
- environment
Variables {[key: string]: any} A set of key/value environment variable pairs to assign to the function.
- event
Trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https
Trigger stringSecurity Level The security level for the function. The following options are available:
- https
Trigger stringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress
Settings string String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms
Key stringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels {[key: string]: any}
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max
Instances number The limit on the maximum number of function instances that may coexist at a given time.
- min
Instances number The limit on the minimum number of function instances that may coexist at a given time.
- name string
A user-defined name of the function. Function names must be unique globally.
- project string
Project of the function. If it is not provided, the provider project is used.
- region string
Region of function. If it is not provided, the provider region is used.
- runtime string
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- secret
Environment FunctionVariables Secret Environment Variable Args[] Secret environment variables configuration. Structure is documented below.
- secret
Volumes FunctionSecret Volume Args[] Secret volumes configuration. Structure is documented below.
- service
Account stringEmail If provided, the self-provided service account to run the function with.
- source
Archive stringBucket The GCS bucket containing the zip archive which contains the function.
- source
Archive stringObject The source archive object (file) in archive bucket.
- source
Repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- status string
Describes the current stage of a deployment.
- timeout number
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger
Http boolean Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc
Connector string The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc
Connector stringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- available_
memory_ intmb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build_
environment_ Mapping[str, Any]variables A set of key/value environment variable pairs available during build time.
- build_
worker_ strpool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description str
Description of the function.
- docker_
registry str Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker_
repository str User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry_
point str Name of the function that will be executed when the Google Cloud Function is triggered.
- environment_
variables Mapping[str, Any] A set of key/value environment variable pairs to assign to the function.
- event_
trigger FunctionEvent Trigger Args A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https_
trigger_ strsecurity_ level The security level for the function. The following options are available:
- https_
trigger_ strurl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress_
settings str String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms_
key_ strname Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels Mapping[str, Any]
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max_
instances int The limit on the maximum number of function instances that may coexist at a given time.
- min_
instances int The limit on the minimum number of function instances that may coexist at a given time.
- name str
A user-defined name of the function. Function names must be unique globally.
- project str
Project of the function. If it is not provided, the provider project is used.
- region str
Region of function. If it is not provided, the provider region is used.
- runtime str
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- secret_
environment_ Sequence[Functionvariables Secret Environment Variable Args] Secret environment variables configuration. Structure is documented below.
- secret_
volumes Sequence[FunctionSecret Volume Args] Secret volumes configuration. Structure is documented below.
- service_
account_ stremail If provided, the self-provided service account to run the function with.
- source_
archive_ strbucket The GCS bucket containing the zip archive which contains the function.
- source_
archive_ strobject The source archive object (file) in archive bucket.
- source_
repository FunctionSource Repository Args Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- status str
Describes the current stage of a deployment.
- timeout int
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger_
http bool Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc_
connector str The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc_
connector_ stregress_ settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
- available
Memory NumberMb Memory (in MB), available to the function. Default value is
256
. Possible values include128
,256
,512
,1024
, etc.- build
Environment Map<Any>Variables A set of key/value environment variable pairs available during build time.
- build
Worker StringPool Name of the Cloud Build Custom Worker Pool that should be used to build the function.
- description String
Description of the function.
- docker
Registry String Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.
- docker
Repository String User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.
- entry
Point String Name of the function that will be executed when the Google Cloud Function is triggered.
- environment
Variables Map<Any> A set of key/value environment variable pairs to assign to the function.
- event
Trigger Property Map A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with
trigger_http
.- https
Trigger StringSecurity Level The security level for the function. The following options are available:
- https
Trigger StringUrl URL which triggers function execution. Returned only if
trigger_http
is used.- ingress
Settings String String value that controls what traffic can reach the function. Allowed values are
ALLOW_ALL
,ALLOW_INTERNAL_AND_GCLB
andALLOW_INTERNAL_ONLY
. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.- kms
Key StringName Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern
projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}
. If specified, you must also provide an artifact registry repository using thedocker_repository
field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key- labels Map<Any>
A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.
- max
Instances Number The limit on the maximum number of function instances that may coexist at a given time.
- min
Instances Number The limit on the minimum number of function instances that may coexist at a given time.
- name String
A user-defined name of the function. Function names must be unique globally.
- project String
Project of the function. If it is not provided, the provider project is used.
- region String
Region of function. If it is not provided, the provider region is used.
- runtime String
The runtime in which the function is going to run. Eg.
"nodejs16"
,"python39"
,"dotnet3"
,"go116"
,"java11"
,"ruby30"
,"php74"
, etc. Check the official doc for the up-to-date list.- secret
Environment List<Property Map>Variables Secret environment variables configuration. Structure is documented below.
- secret
Volumes List<Property Map> Secret volumes configuration. Structure is documented below.
- service
Account StringEmail If provided, the self-provided service account to run the function with.
- source
Archive StringBucket The GCS bucket containing the zip archive which contains the function.
- source
Archive StringObject The source archive object (file) in archive bucket.
- source
Repository Property Map Represents parameters related to source repository where a function is hosted. Cannot be set alongside
source_archive_bucket
orsource_archive_object
. Structure is documented below. It must match the patternprojects/{project}/locations/{location}/repositories/{repository}
.*- status String
Describes the current stage of a deployment.
- timeout Number
Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.
- trigger
Http Boolean Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as
https_trigger_url
. Cannot be used withevent_trigger
.- vpc
Connector String The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is
projects/*/locations/*/connectors/*
.- vpc
Connector StringEgress Settings The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are
ALL_TRAFFIC
andPRIVATE_RANGES_ONLY
. Defaults toPRIVATE_RANGES_ONLY
. If unset, this field preserves the previously set value.
Supporting Types
FunctionEventTrigger
- Event
Type string The type of event to observe. For example:
"google.storage.object.finalize"
. See the documentation on calling Cloud Functions for a full reference of accepted triggers.- Resource string
Required. The name or partial URI of the resource from which to observe events. For example,
"myBucket"
or"projects/my-project/topics/my-topic"
- Failure
Policy FunctionEvent Trigger Failure Policy Specifies policy for failed executions. Structure is documented below.
- Event
Type string The type of event to observe. For example:
"google.storage.object.finalize"
. See the documentation on calling Cloud Functions for a full reference of accepted triggers.- Resource string
Required. The name or partial URI of the resource from which to observe events. For example,
"myBucket"
or"projects/my-project/topics/my-topic"
- Failure
Policy FunctionEvent Trigger Failure Policy Specifies policy for failed executions. Structure is documented below.
- event
Type String The type of event to observe. For example:
"google.storage.object.finalize"
. See the documentation on calling Cloud Functions for a full reference of accepted triggers.- resource String
Required. The name or partial URI of the resource from which to observe events. For example,
"myBucket"
or"projects/my-project/topics/my-topic"
- failure
Policy FunctionEvent Trigger Failure Policy Specifies policy for failed executions. Structure is documented below.
- event
Type string The type of event to observe. For example:
"google.storage.object.finalize"
. See the documentation on calling Cloud Functions for a full reference of accepted triggers.- resource string
Required. The name or partial URI of the resource from which to observe events. For example,
"myBucket"
or"projects/my-project/topics/my-topic"
- failure
Policy FunctionEvent Trigger Failure Policy Specifies policy for failed executions. Structure is documented below.
- event_
type str The type of event to observe. For example:
"google.storage.object.finalize"
. See the documentation on calling Cloud Functions for a full reference of accepted triggers.- resource str
Required. The name or partial URI of the resource from which to observe events. For example,
"myBucket"
or"projects/my-project/topics/my-topic"
- failure_
policy FunctionEvent Trigger Failure Policy Specifies policy for failed executions. Structure is documented below.
- event
Type String The type of event to observe. For example:
"google.storage.object.finalize"
. See the documentation on calling Cloud Functions for a full reference of accepted triggers.- resource String
Required. The name or partial URI of the resource from which to observe events. For example,
"myBucket"
or"projects/my-project/topics/my-topic"
- failure
Policy Property Map Specifies policy for failed executions. Structure is documented below.
FunctionEventTriggerFailurePolicy
- Retry bool
Whether the function should be retried on failure. Defaults to
false
.
- Retry bool
Whether the function should be retried on failure. Defaults to
false
.
- retry Boolean
Whether the function should be retried on failure. Defaults to
false
.
- retry boolean
Whether the function should be retried on failure. Defaults to
false
.
- retry bool
Whether the function should be retried on failure. Defaults to
false
.
- retry Boolean
Whether the function should be retried on failure. Defaults to
false
.
FunctionSecretEnvironmentVariable
- Key string
Name of the environment variable.
- Secret string
ID of the secret in secret manager (not the full resource name).
- Version string
Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
- Project
Id string Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- Key string
Name of the environment variable.
- Secret string
ID of the secret in secret manager (not the full resource name).
- Version string
Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
- Project
Id string Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- key String
Name of the environment variable.
- secret String
ID of the secret in secret manager (not the full resource name).
- version String
Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
- project
Id String Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- key string
Name of the environment variable.
- secret string
ID of the secret in secret manager (not the full resource name).
- version string
Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
- project
Id string Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- key str
Name of the environment variable.
- secret str
ID of the secret in secret manager (not the full resource name).
- version str
Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
- project_
id str Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- key String
Name of the environment variable.
- secret String
ID of the secret in secret manager (not the full resource name).
- version String
Version of the secret (version number or the string "latest"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start.
- project
Id String Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
FunctionSecretVolume
- Mount
Path string The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
- Secret string
ID of the secret in secret manager (not the full resource name).
- Project
Id string Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- Versions
List<Function
Secret Volume Version> List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.
- Mount
Path string The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
- Secret string
ID of the secret in secret manager (not the full resource name).
- Project
Id string Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- Versions
[]Function
Secret Volume Version List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.
- mount
Path String The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
- secret String
ID of the secret in secret manager (not the full resource name).
- project
Id String Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- versions
List<Function
Secret Volume Version> List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.
- mount
Path string The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
- secret string
ID of the secret in secret manager (not the full resource name).
- project
Id string Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- versions
Function
Secret Volume Version[] List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.
- mount_
path str The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
- secret str
ID of the secret in secret manager (not the full resource name).
- project_
id str Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- versions
Sequence[Function
Secret Volume Version] List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.
- mount
Path String The path within the container to mount the secret volume. For example, setting the mount_path as "/etc/secrets" would mount the secret value files under the "/etc/secrets" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: "/etc/secrets" Restricted mount paths: "/cloudsql", "/dev/log", "/pod", "/proc", "/var/log".
- secret String
ID of the secret in secret manager (not the full resource name).
- project
Id String Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function.
- versions List<Property Map>
List of secret versions to mount for this secret. If empty, the "latest" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below.
FunctionSecretVolumeVersion
- Path string
Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
- Version string
Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
- Path string
Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
- Version string
Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
- path String
Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
- version String
Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
- path string
Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
- version string
Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
- path str
Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
- version str
Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
- path String
Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as "/etc/secrets" and path as "/secret_foo" would mount the secret value file at "/etc/secrets/secret_foo".
- version String
Version of the secret (version number or the string "latest"). It is preferable to use "latest" version with secret volumes as secret value changes are reflected immediately.
FunctionSourceRepository
- Url string
The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:
- To refer to a specific commit:
https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*
- To refer to a moveable alias (branch):
https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*
. To refer to HEAD, use themaster
moveable alias. - To refer to a specific fixed alias (tag):
https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*
- To refer to a specific commit:
- Deployed
Url string
- Url string
The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:
- To refer to a specific commit:
https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*
- To refer to a moveable alias (branch):
https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*
. To refer to HEAD, use themaster
moveable alias. - To refer to a specific fixed alias (tag):
https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*
- To refer to a specific commit:
- Deployed
Url string
- url String
The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:
- To refer to a specific commit:
https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*
- To refer to a moveable alias (branch):
https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*
. To refer to HEAD, use themaster
moveable alias. - To refer to a specific fixed alias (tag):
https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*
- To refer to a specific commit:
- deployed
Url String
- url string
The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:
- To refer to a specific commit:
https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*
- To refer to a moveable alias (branch):
https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*
. To refer to HEAD, use themaster
moveable alias. - To refer to a specific fixed alias (tag):
https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*
- To refer to a specific commit:
- deployed
Url string
- url str
The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:
- To refer to a specific commit:
https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*
- To refer to a moveable alias (branch):
https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*
. To refer to HEAD, use themaster
moveable alias. - To refer to a specific fixed alias (tag):
https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*
- To refer to a specific commit:
- deployed_
url str
- url String
The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:
- To refer to a specific commit:
https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*
- To refer to a moveable alias (branch):
https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*
. To refer to HEAD, use themaster
moveable alias. - To refer to a specific fixed alias (tag):
https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*
- To refer to a specific commit:
- deployed
Url String
Import
Functions can be imported using the name
or {{project}}/{{region}}/name
, e.g.
$ pulumi import gcp:cloudfunctions/function:Function default function-test
$ pulumi import gcp:cloudfunctions/function:Function default {{project}}/{{region}}/function-test
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-beta
Terraform Provider.