gcp_cloudfunctions_function
ancestors
Type: UNORDERED_LIST_STRING
build_config
Type: STRUCT
Provider name: buildConfig
Description: Describes the Build step of the function that builds a container from the given source.
build
Type: STRING
Provider name: build
Description: Output only. The Cloud Build name of the latest successful deployment of the function.
docker_registry
Type: STRING
Provider name: dockerRegistry
Description: Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If docker_repository field is specified, this field will be automatically set as ARTIFACT_REGISTRY. If unspecified, it currently defaults to CONTAINER_REGISTRY. This field may be overridden by the backend for eligible deployments.
Possible values:
DOCKER_REGISTRY_UNSPECIFIED - Unspecified.
CONTAINER_REGISTRY - Docker images will be stored in multi-regional Container Registry repositories named gcf.
ARTIFACT_REGISTRY - Docker images will be stored in regional Artifact Registry repositories. By default, GCF will create and use repositories named gcf-artifacts in every region in which a function is deployed. But the repository to use can also be specified by the user using the docker_repository field.
docker_repository
Type: STRING
Provider name: dockerRepository
Description: User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named ‘gcf-artifacts’ for every deployed region. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be ‘DOCKER’.
entry_point
Type: STRING
Provider name: entryPoint
Description: The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named “function”. For Node.js this is name of a function exported by the module specified in source_location.
gcp_source
Type: STRUCT
Provider name: source
Description: The location of the function source code.
git_uri
Type: STRING
Provider name: gitUri
Description: If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: https://github.com///blob//
repo_source
Type: STRUCT
Provider name: repoSource
Description: If provided, get the source from this location in a Cloud Source Repository.
branch_name
Type: STRING
Provider name: branchName
Description: Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax
commit_sha
Type: STRING
Provider name: commitSha
Description: Explicit commit SHA to build.
dir
Type: STRING
Provider name: dir
Description: Directory, relative to the source root, in which to run the build. This must be a relative path. If a step’s dir is specified and is an absolute path, this value is ignored for that step’s execution. eg. helloworld (no leading slash allowed)
project_id
Type: STRING
Provider name: projectId
Description: ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed.
repo_name
Type: STRING
Provider name: repoName
Description: Name of the Cloud Source Repository.
tag_name
Type: STRING
Provider name: tagName
Description: Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax
storage_source
Type: STRUCT
Provider name: storageSource
Description: If provided, get the source from this location in Google Cloud Storage.
bucket
Type: STRING
Provider name: bucket
Description: Google Cloud Storage bucket containing the source (see Bucket Name Requirements).
generation
Type: STRING
Provider name: generation
Description: Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used.
object
Type: STRING
Provider name: object
Description: Google Cloud Storage object containing the source. This object must be a gzipped archive file (.tar.gz) containing source to build.
runtime
Type: STRING
Provider name: runtime
Description: The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the gcloud command reference.
source_provenance
Type: STRUCT
Provider name: sourceProvenance
Description: Output only. A permanent fixed identifier for source.
git_uri
Type: STRING
Provider name: gitUri
Description: A copy of the build’s source.git_uri, if exists, with any commits resolved.
resolved_repo_source
Type: STRUCT
Provider name: resolvedRepoSource
Description: A copy of the build’s source.repo_source, if exists, with any revisions resolved.
branch_name
Type: STRING
Provider name: branchName
Description: Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax
commit_sha
Type: STRING
Provider name: commitSha
Description: Explicit commit SHA to build.
dir
Type: STRING
Provider name: dir
Description: Directory, relative to the source root, in which to run the build. This must be a relative path. If a step’s dir is specified and is an absolute path, this value is ignored for that step’s execution. eg. helloworld (no leading slash allowed)
project_id
Type: STRING
Provider name: projectId
Description: ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed.
repo_name
Type: STRING
Provider name: repoName
Description: Name of the Cloud Source Repository.
tag_name
Type: STRING
Provider name: tagName
Description: Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax
resolved_storage_source
Type: STRUCT
Provider name: resolvedStorageSource
Description: A copy of the build’s source.storage_source, if exists, with any generations resolved.
bucket
Type: STRING
Provider name: bucket
Description: Google Cloud Storage bucket containing the source (see Bucket Name Requirements).
generation
Type: STRING
Provider name: generation
Description: Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used.
object
Type: STRING
Provider name: object
Description: Google Cloud Storage object containing the source. This object must be a gzipped archive file (.tar.gz) containing source to build.
worker_pool
Type: STRING
Provider name: workerPool
Description: Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is projects/{project}/locations/{region}/workerPools/{workerPool} where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project.
description
Type: STRING
Provider name: description
Description: User-provided description of a function.
environment
Type: STRING
Provider name: environment
Description: Describe whether the function is 1st Gen or 2nd Gen.
Possible values:
ENVIRONMENT_UNSPECIFIED - Unspecified
GEN_1 - Gen 1
GEN_2 - Gen 2
event_trigger
Type: STRUCT
Provider name: eventTrigger
Description: An Eventarc trigger managed by Google Cloud Functions that fires events in response to a condition in another service.
channel
Type: STRING
Provider name: channel
Description: Optional. The name of the channel associated with the trigger in projects/{project}/locations/{location}/channels/{channel} format. You must provide a channel to receive events from Eventarc SaaS partners.
event_filters
Type: UNORDERED_LIST_STRUCT
Provider name: eventFilters
Description: Criteria used to filter events.
attribute
Type: STRING
Provider name: attribute
Description: Required. The name of a CloudEvents attribute.
operator
Type: STRING
Provider name: operator
Description: Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is match-path-pattern.
value
Type: STRING
Provider name: value
Description: Required. The value for the attribute.
event_type
Type: STRING
Provider name: eventType
Description: Required. The type of event to observe. For example: google.cloud.audit.log.v1.written or google.cloud.pubsub.topic.v1.messagePublished.
pubsub_topic
Type: STRING
Provider name: pubsubTopic
Description: Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: projects/{project}/topics/{topic}. This is only valid for events of type google.cloud.pubsub.topic.v1.messagePublished. The topic provided here will not be deleted at function deletion.
retry_policy
Type: STRING
Provider name: retryPolicy
Description: Optional. If unset, then defaults to ignoring failures (i.e. not retrying them).
Possible values:
RETRY_POLICY_UNSPECIFIED - Not specified.
RETRY_POLICY_DO_NOT_RETRY - Do not retry.
RETRY_POLICY_RETRY - Retry on any failure, retry up to 7 days with an exponential backoff (capped at 10 seconds).
service_account_email
Type: STRING
Provider name: serviceAccountEmail
Description: Optional. The email of the trigger’s service account. The service account must have permission to invoke Cloud Run services, the permission is run.routes.invoke. If empty, defaults to the Compute Engine default service account: {project_number}-compute@developer.gserviceaccount.com.
trigger
Type: STRING
Provider name: trigger
Description: Output only. The resource name of the Eventarc trigger. The format of this field is projects/{project}/locations/{region}/triggers/{trigger}.
trigger_region
Type: STRING
Provider name: triggerRegion
Description: The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function.
kms_key_name
Type: STRING
Provider name: kmsKeyName
Description: [Preview] Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}.
labels
Type: UNORDERED_LIST_STRING
name
Type: STRING
Provider name: name
Description: A user-defined name of the function. Function names must be unique globally and match pattern projects/*/locations/*/functions/*
organization_id
Type: STRING
parent
Type: STRING
project_id
Type: STRING
project_number
Type: STRING
resource_name
Type: STRING
satisfies_pzs
Type: BOOLEAN
Provider name: satisfiesPzs
Description: Output only. Reserved for future use.
service_config
Type: STRUCT
Provider name: serviceConfig
Description: Describes the Service being deployed. Currently deploys services to Cloud Run (fully managed).
all_traffic_on_latest_revision
Type: BOOLEAN
Provider name: allTrafficOnLatestRevision
Description: Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic.
available_cpu
Type: STRING
Provider name: availableCpu
Description: [Preview] The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements Example: “1” indicates 1 vCPU
available_memory
Type: STRING
Provider name: availableMemory
Description: The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go a full description.
ingress_settings
Type: STRING
Provider name: ingressSettings
Description: The ingress settings for the function, controlling what traffic can reach it.
Possible values:
INGRESS_SETTINGS_UNSPECIFIED - Unspecified.
ALLOW_ALL - Allow HTTP traffic from public and private sources.
ALLOW_INTERNAL_ONLY - Allow HTTP traffic from only private VPC sources.
ALLOW_INTERNAL_AND_GCLB - Allow HTTP traffic from private VPC sources and through GCLB.
max_instance_count
Type: INT32
Provider name: maxInstanceCount
Description: The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the Max Instances Guide for more details.
max_instance_request_concurrency
Type: INT32
Provider name: maxInstanceRequestConcurrency
Description: [Preview] Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1.
min_instance_count
Type: INT32
Provider name: minInstanceCount
Description: The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case.
revision
Type: STRING
Provider name: revision
Description: Output only. The name of service revision.
secret_volumes
Type: UNORDERED_LIST_STRUCT
Provider name: secretVolumes
Description: Secret volumes configuration.
mount_path
Type: STRING
Provider name: mountPath
Description: The path within the container to mount the secret volume. For example, setting the mount_path as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets
project_id
Type: STRING
Provider name: projectId
Description: Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function.
secret
Type: STRING
Provider name: secret
Description: Name of the secret in secret manager (not the full resource name).
versions
Type: UNORDERED_LIST_STRUCT
Provider name: versions
Description: List of secret versions to mount for this secret. If empty, the latest version of the secret will be made available in a file named after the secret under the mount point.
path
Type: STRING
Provider name: path
Description: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as ‘/etc/secrets’ and path as secret_foo would mount the secret value file at /etc/secrets/secret_foo.
version
Type: STRING
Provider name: version
Description: Version of the secret (version number or the string ’latest’). It is preferable to use latest version with secret volumes as secret value changes are reflected immediately.
security_level
Type: STRING
Provider name: securityLevel
Description: Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY.
Possible values:
SECURITY_LEVEL_UNSPECIFIED - Unspecified.
SECURE_ALWAYS - Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.
SECURE_OPTIONAL - Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.
service
Type: STRING
Provider name: service
Description: Output only. Name of the service associated with a Function. The format of this field is projects/{project}/locations/{region}/services/{service}
service_account_email
Type: STRING
Provider name: serviceAccountEmail
Description: The email of the service’s service account. If empty, defaults to {project_number}-compute@developer.gserviceaccount.com.
timeout_seconds
Type: INT32
Provider name: timeoutSeconds
Description: The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds.
uri
Type: STRING
Provider name: uri
Description: Output only. URI of the Service deployed.
vpc_connector
Type: STRING
Provider name: vpcConnector
Description: The Serverless VPC Access connector that this cloud function can connect to. The format of this field is projects/*/locations/*/connectors/*.
vpc_connector_egress_settings
Type: STRING
Provider name: vpcConnectorEgressSettings
Description: The egress settings for the connector, controlling what traffic is diverted through it.
Possible values:
VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED - Unspecified.
PRIVATE_RANGES_ONLY - Use the VPC Access Connector only for private IP space from RFC1918.
ALL_TRAFFIC - Force the use of VPC Access Connector for all egress traffic from the function.
state
Type: STRING
Provider name: state
Description: Output only. State of the function.
Possible values:
STATE_UNSPECIFIED - Not specified. Invalid state.
ACTIVE - Function has been successfully deployed and is serving.
FAILED - Function deployment failed and the function is not serving.
DEPLOYING - Function is being created or updated.
DELETING - Function is being deleted.
UNKNOWN - Function deployment failed and the function serving state is undefined. The function should be updated or deleted to move it out of this state.
state_messages
Type: UNORDERED_LIST_STRUCT
Provider name: stateMessages
Description: Output only. State Messages for this Cloud Function.
message
Type: STRING
Provider name: message
Description: The message.
severity
Type: STRING
Provider name: severity
Description: Severity of the state message.
Possible values:
SEVERITY_UNSPECIFIED - Not specified. Invalid severity.
ERROR - ERROR-level severity.
WARNING - WARNING-level severity.
INFO - INFO-level severity.
type
Type: STRING
Provider name: type
Description: One-word CamelCase type of the state message.
Type: UNORDERED_LIST_STRING
update_time
Type: TIMESTAMP
Provider name: updateTime
Description: Output only. The last update timestamp of a Cloud Function.
url
Type: STRING
Provider name: url
Description: Output only. The deployed url for the function.
