Namespace Pulumi.Gcp.CloudFunctions
Classes
Function
Creates a new Cloud Function. For more information see the official documentation and API.
Warning: As of November 1, 2019, newly created Functions are private-by-default and will require appropriate IAM permissions to be invoked. See below examples for how to set up the appropriate permissions, or view the Cloud Functions IAM resources for Cloud Functions.
Example Usage - Public Function
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var bucket = new Gcp.Storage.Bucket("bucket", new Gcp.Storage.BucketArgs
{
});
var archive = new Gcp.Storage.BucketObject("archive", new Gcp.Storage.BucketObjectArgs
{
Bucket = bucket.Name,
Source = new FileAsset("./path/to/zip/file/which/contains/code"),
});
var function = new Gcp.CloudFunctions.Function("function", new Gcp.CloudFunctions.FunctionArgs
{
Description = "My function",
Runtime = "nodejs10",
AvailableMemoryMb = 128,
SourceArchiveBucket = bucket.Name,
SourceArchiveObject = archive.Name,
TriggerHttp = true,
EntryPoint = "helloGET",
});
// IAM entry for all users to invoke the function
var invoker = new Gcp.CloudFunctions.FunctionIamMember("invoker", new Gcp.CloudFunctions.FunctionIamMemberArgs
{
Project = function.Project,
Region = function.Region,
CloudFunction = function.Name,
Role = "roles/cloudfunctions.invoker",
Member = "allUsers",
});
}
}
Example Usage - Single User
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var bucket = new Gcp.Storage.Bucket("bucket", new Gcp.Storage.BucketArgs
{
});
var archive = new Gcp.Storage.BucketObject("archive", new Gcp.Storage.BucketObjectArgs
{
Bucket = bucket.Name,
Source = new FileAsset("./path/to/zip/file/which/contains/code"),
});
var function = new Gcp.CloudFunctions.Function("function", new Gcp.CloudFunctions.FunctionArgs
{
Description = "My function",
Runtime = "nodejs10",
AvailableMemoryMb = 128,
SourceArchiveBucket = bucket.Name,
SourceArchiveObject = archive.Name,
TriggerHttp = true,
Timeout = 60,
EntryPoint = "helloGET",
Labels =
{
{ "my-label", "my-label-value" },
},
EnvironmentVariables =
{
{ "MY_ENV_VAR", "my-env-var-value" },
},
});
// IAM entry for a single user to invoke the function
var invoker = new Gcp.CloudFunctions.FunctionIamMember("invoker", new Gcp.CloudFunctions.FunctionIamMemberArgs
{
Project = function.Project,
Region = function.Region,
CloudFunction = function.Name,
Role = "roles/cloudfunctions.invoker",
Member = "user:myFunctionInvoker@example.com",
});
}
}
FunctionArgs
FunctionIamBinding
Three different resources help you manage your IAM policy for Cloud Functions CloudFunction. Each of these resources serves a different use case:
gcp.cloudfunctions.FunctionIamPolicy: Authoritative. Sets the IAM policy for the cloudfunction and replaces any existing policy already attached.gcp.cloudfunctions.FunctionIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the cloudfunction are preserved.gcp.cloudfunctions.FunctionIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the cloudfunction are preserved.
Note:
gcp.cloudfunctions.FunctionIamPolicycannot be used in conjunction withgcp.cloudfunctions.FunctionIamBindingandgcp.cloudfunctions.FunctionIamMemberor they will fight over what your policy should be.
Note:
gcp.cloudfunctions.FunctionIamBindingresources can be used in conjunction withgcp.cloudfunctions.FunctionIamMemberresources only if they do not grant privilege to the same role.
google_cloudfunctions_function_iam_policy
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Binding =
{
{
{ "role", "roles/viewer" },
{ "members",
{
"user:jane@example.com",
} },
},
},
}));
var policy = new Gcp.CloudFunctions.FunctionIamPolicy("policy", new Gcp.CloudFunctions.FunctionIamPolicyArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
PolicyData = admin.Apply(admin => admin.PolicyData),
});
}
}
google_cloudfunctions_function_iam_binding
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var binding = new Gcp.CloudFunctions.FunctionIamBinding("binding", new Gcp.CloudFunctions.FunctionIamBindingArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
Role = "roles/viewer",
Members =
{
"user:jane@example.com",
},
});
}
}
google_cloudfunctions_function_iam_member
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var member = new Gcp.CloudFunctions.FunctionIamMember("member", new Gcp.CloudFunctions.FunctionIamMemberArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
Role = "roles/viewer",
Member = "user:jane@example.com",
});
}
}
FunctionIamBindingArgs
FunctionIamBindingState
FunctionIamMember
Three different resources help you manage your IAM policy for Cloud Functions CloudFunction. Each of these resources serves a different use case:
gcp.cloudfunctions.FunctionIamPolicy: Authoritative. Sets the IAM policy for the cloudfunction and replaces any existing policy already attached.gcp.cloudfunctions.FunctionIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the cloudfunction are preserved.gcp.cloudfunctions.FunctionIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the cloudfunction are preserved.
Note:
gcp.cloudfunctions.FunctionIamPolicycannot be used in conjunction withgcp.cloudfunctions.FunctionIamBindingandgcp.cloudfunctions.FunctionIamMemberor they will fight over what your policy should be.
Note:
gcp.cloudfunctions.FunctionIamBindingresources can be used in conjunction withgcp.cloudfunctions.FunctionIamMemberresources only if they do not grant privilege to the same role.
google_cloudfunctions_function_iam_policy
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Binding =
{
{
{ "role", "roles/viewer" },
{ "members",
{
"user:jane@example.com",
} },
},
},
}));
var policy = new Gcp.CloudFunctions.FunctionIamPolicy("policy", new Gcp.CloudFunctions.FunctionIamPolicyArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
PolicyData = admin.Apply(admin => admin.PolicyData),
});
}
}
google_cloudfunctions_function_iam_binding
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var binding = new Gcp.CloudFunctions.FunctionIamBinding("binding", new Gcp.CloudFunctions.FunctionIamBindingArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
Role = "roles/viewer",
Members =
{
"user:jane@example.com",
},
});
}
}
google_cloudfunctions_function_iam_member
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var member = new Gcp.CloudFunctions.FunctionIamMember("member", new Gcp.CloudFunctions.FunctionIamMemberArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
Role = "roles/viewer",
Member = "user:jane@example.com",
});
}
}
FunctionIamMemberArgs
FunctionIamMemberState
FunctionIamPolicy
Three different resources help you manage your IAM policy for Cloud Functions CloudFunction. Each of these resources serves a different use case:
gcp.cloudfunctions.FunctionIamPolicy: Authoritative. Sets the IAM policy for the cloudfunction and replaces any existing policy already attached.gcp.cloudfunctions.FunctionIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the cloudfunction are preserved.gcp.cloudfunctions.FunctionIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the cloudfunction are preserved.
Note:
gcp.cloudfunctions.FunctionIamPolicycannot be used in conjunction withgcp.cloudfunctions.FunctionIamBindingandgcp.cloudfunctions.FunctionIamMemberor they will fight over what your policy should be.
Note:
gcp.cloudfunctions.FunctionIamBindingresources can be used in conjunction withgcp.cloudfunctions.FunctionIamMemberresources only if they do not grant privilege to the same role.
google_cloudfunctions_function_iam_policy
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Binding =
{
{
{ "role", "roles/viewer" },
{ "members",
{
"user:jane@example.com",
} },
},
},
}));
var policy = new Gcp.CloudFunctions.FunctionIamPolicy("policy", new Gcp.CloudFunctions.FunctionIamPolicyArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
PolicyData = admin.Apply(admin => admin.PolicyData),
});
}
}
google_cloudfunctions_function_iam_binding
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var binding = new Gcp.CloudFunctions.FunctionIamBinding("binding", new Gcp.CloudFunctions.FunctionIamBindingArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
Role = "roles/viewer",
Members =
{
"user:jane@example.com",
},
});
}
}
google_cloudfunctions_function_iam_member
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var member = new Gcp.CloudFunctions.FunctionIamMember("member", new Gcp.CloudFunctions.FunctionIamMemberArgs
{
Project = google_cloudfunctions_function.Function.Project,
Region = google_cloudfunctions_function.Function.Region,
CloudFunction = google_cloudfunctions_function.Function.Name,
Role = "roles/viewer",
Member = "user:jane@example.com",
});
}
}