pulumi-gcp-kotlin/com.pulumi.gcp.cloudfunctions.kotlin/Function

Function

class Function : KotlinCustomResource

Creates a new Cloud Function. For more information see:

Warning: As of November 1, 2019, newly created Functions are private-by-default and will require appropriate IAM permissions to be invoked. See below examples for how to set up the appropriate permissions, or view the Cloud Functions IAM resources for Cloud Functions.

Example Usage

Public Function

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.storage.BucketObject;
import com.pulumi.gcp.storage.BucketObjectArgs;
import com.pulumi.gcp.cloudfunctions.Function;
import com.pulumi.gcp.cloudfunctions.FunctionArgs;
import com.pulumi.gcp.cloudfunctions.FunctionIamMember;
import com.pulumi.gcp.cloudfunctions.FunctionIamMemberArgs;
import com.pulumi.asset.FileAsset;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var bucket = new Bucket("bucket", BucketArgs.builder()
            .location("US")
            .build());
        var archive = new BucketObject("archive", BucketObjectArgs.builder()
            .bucket(bucket.name())
            .source(new FileAsset("./path/to/zip/file/which/contains/code"))
            .build());
        var function = new Function("function", FunctionArgs.builder()
            .description("My function")
            .runtime("nodejs16")
            .availableMemoryMb(128)
            .sourceArchiveBucket(bucket.name())
            .sourceArchiveObject(archive.name())
            .triggerHttp(true)
            .entryPoint("helloGET")
            .build());
        var invoker = new FunctionIamMember("invoker", FunctionIamMemberArgs.builder()
            .project(function.project())
            .region(function.region())
            .cloudFunction(function.name())
            .role("roles/cloudfunctions.invoker")
            .member("allUsers")
            .build());
    }
}
Content copied to clipboard

Single User

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.storage.BucketObject;
import com.pulumi.gcp.storage.BucketObjectArgs;
import com.pulumi.gcp.cloudfunctions.Function;
import com.pulumi.gcp.cloudfunctions.FunctionArgs;
import com.pulumi.gcp.cloudfunctions.FunctionIamMember;
import com.pulumi.gcp.cloudfunctions.FunctionIamMemberArgs;
import com.pulumi.asset.FileAsset;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var bucket = new Bucket("bucket", BucketArgs.builder()
            .location("US")
            .build());
        var archive = new BucketObject("archive", BucketObjectArgs.builder()
            .bucket(bucket.name())
            .source(new FileAsset("./path/to/zip/file/which/contains/code"))
            .build());
        var function = new Function("function", FunctionArgs.builder()
            .description("My function")
            .runtime("nodejs16")
            .availableMemoryMb(128)
            .sourceArchiveBucket(bucket.name())
            .sourceArchiveObject(archive.name())
            .triggerHttp(true)
            .httpsTriggerSecurityLevel("SECURE_ALWAYS")
            .timeout(60)
            .entryPoint("helloGET")
            .labels(Map.of("my-label", "my-label-value"))
            .environmentVariables(Map.of("MY_ENV_VAR", "my-env-var-value"))
            .build());
        var invoker = new FunctionIamMember("invoker", FunctionIamMemberArgs.builder()
            .project(function.project())
            .region(function.region())
            .cloudFunction(function.name())
            .role("roles/cloudfunctions.invoker")
            .member("user:myFunctionInvoker@example.com")
            .build());
    }
}
Content copied to clipboard

Import

Functions can be imported using the name or {{project}}/{{region}}/name, e.g.

$ pulumi import gcp:cloudfunctions/function:Function default function-test
Content copied to clipboard
$ pulumi import gcp:cloudfunctions/function:Function default {{project}}/{{region}}/function-test
Content copied to clipboard

Properties

Link copied to clipboard
val availableMemoryMb: Output<Int>?

Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc.

Link copied to clipboard
val buildEnvironmentVariables: Output<Map<String, Any>>?

A set of key/value environment variable pairs available during build time.

Link copied to clipboard
val buildWorkerPool: Output<String>?

Name of the Cloud Build Custom Worker Pool that should be used to build the function.

Link copied to clipboard
val description: Output<String>?

Description of the function.

Link copied to clipboard
val dockerRegistry: Output<String>

Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY.

Link copied to clipboard
val dockerRepository: Output<String>?

User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means.

Link copied to clipboard
val entryPoint: Output<String>?

Name of the function that will be executed when the Google Cloud Function is triggered.

Link copied to clipboard
val environmentVariables: Output<Map<String, Any>>?

A set of key/value environment variable pairs to assign to the function.

Link copied to clipboard
val eventTrigger: Output<FunctionEventTrigger>

A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http.

Link copied to clipboard
val httpsTriggerSecurityLevel: Output<String>

The security level for the function. The following options are available:

Link copied to clipboard
val httpsTriggerUrl: Output<String>

URL which triggers function execution. Returned only if trigger_http is used.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val ingressSettings: Output<String>?

String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function.

Link copied to clipboard
val kmsKeyName: Output<String>?

Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key

Link copied to clipboard
val labels: Output<Map<String, Any>>?

A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements.

Link copied to clipboard
val maxInstances: Output<Int>

The limit on the maximum number of function instances that may coexist at a given time.

Link copied to clipboard
val minInstances: Output<Int>?

The limit on the minimum number of function instances that may coexist at a given time.

Link copied to clipboard
val name: Output<String>

A user-defined name of the function. Function names must be unique globally.

Link copied to clipboard
val project: Output<String>

Project of the function. If it is not provided, the provider project is used.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val region: Output<String>

Region of function. If it is not provided, the provider region is used.

Link copied to clipboard
val runtime: Output<String>

The runtime in which the function is going to run. Eg. "nodejs16", "python39", "dotnet3", "go116", "java11", "ruby30", "php74", etc. Check the official doc for the up-to-date list.

Link copied to clipboard
val secretEnvironmentVariables: Output<List<FunctionSecretEnvironmentVariable>>?

Secret environment variables configuration. Structure is documented below.

Link copied to clipboard
val secretVolumes: Output<List<FunctionSecretVolume>>?

Secret volumes configuration. Structure is documented below.

Link copied to clipboard
val serviceAccountEmail: Output<String>

If provided, the self-provided service account to run the function with.

Link copied to clipboard
val sourceArchiveBucket: Output<String>?

The GCS bucket containing the zip archive which contains the function.

Link copied to clipboard
val sourceArchiveObject: Output<String>?

The source archive object (file) in archive bucket.

Link copied to clipboard
val sourceRepository: Output<FunctionSourceRepository>?

Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*

Link copied to clipboard
val status: Output<String>

Describes the current stage of a deployment.

Link copied to clipboard
val timeout: Output<Int>?

Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds.

Link copied to clipboard
val triggerHttp: Output<Boolean>?

Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger.

Link copied to clipboard
val urn: Output<String>
Link copied to clipboard
val vpcConnector: Output<String>?

The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects/*/locations/*/connectors/*. //*/

Link copied to clipboard
val vpcConnectorEgressSettings: Output<String>

The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value.