terraform-google-cloud-functions icon indicating copy to clipboard operation
terraform-google-cloud-functions copied to clipboard

Published 20 hours ago verified publisher icon GoogleCloudPlatform

Metadata

Deploys Cloud Functions (Gen 2)

Terraform Google Cloud Functions (Gen 2) module

The Terraform module handles the deployment of Cloud Functions (Gen 2) on GCP.

The resources/services/activations/deletions that this module will create/trigger are:

  • Deploy Cloud Functions (2nd Gen) with provided source code and trigger
  • Provide Cloud Functions Invoker or Developer roles to the users and service accounts

Assumptions and Prerequisites

This module assumes that below mentioned prerequisites are in place before consuming the module.

  • APIs are enabled
  • Permissions are available

Usage

Basic usage of this module is as follows:

module "cloud_functions2" {
  source  = "GoogleCloudPlatform/cloud-functions/google"
  version = "~> 0.4"

  # Required variables
  function_name  = "<FUNCTION_NAME>"
  project_id     = "<PROJECT_ID>"
  location       = "<LOCATION>"
  runtime        = "<RUNTIME>"
  entrypoint     = "<ENTRYPOINT>"
  storage_source = {
    bucket      = "<BUCKET_NAME>"
    object      = "<ARCHIVE_PATH>"
    generation  = "<GCS_GENERATION>"
  }
}

Functional examples are included in the examples directory.

Inputs

Name Description Type Default Required
build_env_variables User-provided build-time environment variables map(string) null no
description Short description of the function string null no
docker_repository User managed repository created in Artifact Registry optionally with a customer managed encryption key. string null no
entrypoint The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified string n/a yes
event_trigger Event triggers for the function 
object({
    trigger_region        = optional(string)
    event_type            = string
    service_account_email = string
    pubsub_topic          = optional(string)
    retry_policy          = string
    event_filters = optional(set(object({
      attribute       = string
      attribute_value = string
      operator        = optional(string)
    })))
  })
 null no
function_location The location of this cloud function string n/a yes
function_name A user-defined name of the function string n/a yes
labels A set of key/value label pairs associated with this Cloud Function map(string) null no
members Cloud Function Invoker and Developer roles for Users/SAs. Key names must be developers and/or invokers map(list(string)) {} no
project_id Project ID to create Cloud Function string n/a yes
repo_source Get the source from this location in a Cloud Source Repository 
object({
    project_id   = optional(string)
    repo_name    = string
    branch_name  = string
    dir          = optional(string)
    tag_name     = optional(string)
    commit_sha   = optional(string)
    invert_regex = optional(bool, false)
  })
 null no
runtime The runtime in which to run the function. string n/a yes
service_config Details of the service 
object({
    max_instance_count    = optional(string, 100)
    min_instance_count    = optional(string, 1)
    available_memory      = optional(string, "256M")
    available_cpu         = optional(string, 1)
    timeout_seconds       = optional(string, 60)
    runtime_env_variables = optional(map(string), null)
    runtime_secret_env_variables = optional(set(object({
      key_name   = string
      project_id = optional(string)
      secret     = string
      version    = string
    })), null)
    secret_volumes = optional(set(object({
      mount_path = string
      project_id = optional(string)
      secret     = string
      versions = set(object({
        version = string
        path    = string
      }))
    })), null)
    vpc_connector                  = optional(string, null)
    vpc_connector_egress_settings  = optional(string, null)
    ingress_settings               = optional(string, null)
    service_account_email          = optional(string, null)
    all_traffic_on_latest_revision = optional(bool, true)
  })
 {} no
storage_source Get the source from this location in Google Cloud Storage 
object({
    bucket     = string
    object     = string
    generation = optional(string, null)
  })
 null no
worker_pool Name of the Cloud Build Custom Worker Pool that should be used to build the function. string null no

Outputs

Name Description
function_name Name of the Cloud Function (Gen 2)
function_uri URI of the Cloud Function (Gen 2)

Requirements

These sections describe requirements for using this module.

Software

The following dependencies must be available:

Service Account

A service account with the following roles must be used to provision the resources of this module:

  • Storage Admin: roles/storage.admin
  • Cloud Functions Admin: roles/cloudfunctions.admin
  • Cloud Run Admin: roles/run.admin
  • Pub/Sub Admin: roles/pubsub.admin
  • Artifact Registry Admin: roles/artifactregistry.admin
  • Cloud Build Editor: roles/cloudbuild.builds.editor
  • Secret Manager Admin: roles/secretmanager.admin

The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.

APIs

A project with the following APIs enabled must be used to host the resources of this module:

  • Google Cloud Storage JSON API: storage-api.googleapis.com
  • Cloud Functions API: cloudfunctions.googleapis.com
  • Cloud Run Admin API: run.googleapis.com
  • Cloud Build API: cloudbuild.googleapis.com
  • Artifact Registry API: artifactregistry.googleapis.com
  • Pub/Sub API: pubsub.googleapis.com
  • Secret Manager API: secretmanager.googleapis.com
  • EventArc API: eventarc.googleapis.com

The Project Factory module can be used to provision a project with the necessary APIs enabled.

Contributing

Refer to the contribution guidelines for information on contributing to this module.

Security Disclosures

Please see our security disclosure process.

Metadata

30
Stars
22
Forks
Watchers

Owner

verified publisher icon GoogleCloudPlatform

Metadata

Deploys Cloud Functions (Gen 2)

Back