cloudfunctions.v1beta1.function
"Function is the Schema for the Functions API. Creates a new Cloud Function."
Index
fn new(name)obj metadatafn withAnnotations(annotations)fn withAnnotationsMixin(annotations)fn withClusterName(clusterName)fn withCreationTimestamp(creationTimestamp)fn withDeletionGracePeriodSeconds(deletionGracePeriodSeconds)fn withDeletionTimestamp(deletionTimestamp)fn withFinalizers(finalizers)fn withFinalizersMixin(finalizers)fn withGenerateName(generateName)fn withGeneration(generation)fn withLabels(labels)fn withLabelsMixin(labels)fn withName(name)fn withNamespace(namespace)fn withOwnerReferences(ownerReferences)fn withOwnerReferencesMixin(ownerReferences)fn withResourceVersion(resourceVersion)fn withSelfLink(selfLink)fn withUid(uid)
obj specfn withDeletionPolicy(deletionPolicy)fn withManagementPolicies(managementPolicies)fn withManagementPoliciesMixin(managementPolicies)obj spec.forProviderfn withAvailableMemoryMb(availableMemoryMb)fn withBuildEnvironmentVariables(buildEnvironmentVariables)fn withBuildEnvironmentVariablesMixin(buildEnvironmentVariables)fn withBuildWorkerPool(buildWorkerPool)fn withDescription(description)fn withDockerRegistry(dockerRegistry)fn withDockerRepository(dockerRepository)fn withEntryPoint(entryPoint)fn withEnvironmentVariables(environmentVariables)fn withEnvironmentVariablesMixin(environmentVariables)fn withEventTrigger(eventTrigger)fn withEventTriggerMixin(eventTrigger)fn withHttpsTriggerSecurityLevel(httpsTriggerSecurityLevel)fn withHttpsTriggerUrl(httpsTriggerUrl)fn withIngressSettings(ingressSettings)fn withKmsKeyName(kmsKeyName)fn withLabels(labels)fn withLabelsMixin(labels)fn withMaxInstances(maxInstances)fn withMinInstances(minInstances)fn withProject(project)fn withRegion(region)fn withRuntime(runtime)fn withSecretEnvironmentVariables(secretEnvironmentVariables)fn withSecretEnvironmentVariablesMixin(secretEnvironmentVariables)fn withSecretVolumes(secretVolumes)fn withSecretVolumesMixin(secretVolumes)fn withServiceAccountEmail(serviceAccountEmail)fn withSourceArchiveBucket(sourceArchiveBucket)fn withSourceArchiveObject(sourceArchiveObject)fn withSourceRepository(sourceRepository)fn withSourceRepositoryMixin(sourceRepository)fn withTimeout(timeout)fn withTriggerHttp(triggerHttp)fn withVpcConnector(vpcConnector)fn withVpcConnectorEgressSettings(vpcConnectorEgressSettings)obj spec.forProvider.eventTriggerobj spec.forProvider.secretEnvironmentVariablesobj spec.forProvider.secretVolumesobj spec.forProvider.sourceArchiveBucketRefobj spec.forProvider.sourceArchiveBucketSelectorobj spec.forProvider.sourceArchiveObjectRefobj spec.forProvider.sourceArchiveObjectSelectorobj spec.forProvider.sourceRepository
obj spec.initProviderfn withAvailableMemoryMb(availableMemoryMb)fn withBuildEnvironmentVariables(buildEnvironmentVariables)fn withBuildEnvironmentVariablesMixin(buildEnvironmentVariables)fn withBuildWorkerPool(buildWorkerPool)fn withDescription(description)fn withDockerRegistry(dockerRegistry)fn withDockerRepository(dockerRepository)fn withEntryPoint(entryPoint)fn withEnvironmentVariables(environmentVariables)fn withEnvironmentVariablesMixin(environmentVariables)fn withEventTrigger(eventTrigger)fn withEventTriggerMixin(eventTrigger)fn withHttpsTriggerSecurityLevel(httpsTriggerSecurityLevel)fn withHttpsTriggerUrl(httpsTriggerUrl)fn withIngressSettings(ingressSettings)fn withKmsKeyName(kmsKeyName)fn withLabels(labels)fn withLabelsMixin(labels)fn withMaxInstances(maxInstances)fn withMinInstances(minInstances)fn withProject(project)fn withRuntime(runtime)fn withSecretEnvironmentVariables(secretEnvironmentVariables)fn withSecretEnvironmentVariablesMixin(secretEnvironmentVariables)fn withSecretVolumes(secretVolumes)fn withSecretVolumesMixin(secretVolumes)fn withServiceAccountEmail(serviceAccountEmail)fn withSourceRepository(sourceRepository)fn withSourceRepositoryMixin(sourceRepository)fn withTimeout(timeout)fn withTriggerHttp(triggerHttp)fn withVpcConnector(vpcConnector)fn withVpcConnectorEgressSettings(vpcConnectorEgressSettings)obj spec.initProvider.eventTriggerobj spec.initProvider.secretEnvironmentVariablesobj spec.initProvider.secretVolumesobj spec.initProvider.sourceRepository
obj spec.providerConfigRefobj spec.providerRefobj spec.publishConnectionDetailsToobj spec.writeConnectionSecretToRef
Fields
fn new
new(name)
new returns an instance of Function
obj metadata
"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create."
fn metadata.withAnnotations
withAnnotations(annotations)
"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"
fn metadata.withAnnotationsMixin
withAnnotationsMixin(annotations)
"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"
Note: This function appends passed data to existing values
fn metadata.withClusterName
withClusterName(clusterName)
"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request."
fn metadata.withCreationTimestamp
withCreationTimestamp(creationTimestamp)
"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."
fn metadata.withDeletionGracePeriodSeconds
withDeletionGracePeriodSeconds(deletionGracePeriodSeconds)
"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only."
fn metadata.withDeletionTimestamp
withDeletionTimestamp(deletionTimestamp)
"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."
fn metadata.withFinalizers
withFinalizers(finalizers)
"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."
fn metadata.withFinalizersMixin
withFinalizersMixin(finalizers)
"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."
Note: This function appends passed data to existing values
fn metadata.withGenerateName
withGenerateName(generateName)
"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"
fn metadata.withGeneration
withGeneration(generation)
"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only."
fn metadata.withLabels
withLabels(labels)
"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"
fn metadata.withLabelsMixin
withLabelsMixin(labels)
"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"
Note: This function appends passed data to existing values
fn metadata.withName
withName(name)
"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names"
fn metadata.withNamespace
withNamespace(namespace)
"Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"
fn metadata.withOwnerReferences
withOwnerReferences(ownerReferences)
"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."
fn metadata.withOwnerReferencesMixin
withOwnerReferencesMixin(ownerReferences)
"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."
Note: This function appends passed data to existing values
fn metadata.withResourceVersion
withResourceVersion(resourceVersion)
"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
fn metadata.withSelfLink
withSelfLink(selfLink)
"SelfLink is a URL representing this object. Populated by the system. Read-only.\n\nDEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release."
fn metadata.withUid
withUid(uid)
"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids"
obj spec
"FunctionSpec defines the desired state of Function"
fn spec.withDeletionPolicy
withDeletionPolicy(deletionPolicy)
"DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either \"Delete\" or \"Orphan\" the external resource. This field is planned to be deprecated in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223"
fn spec.withManagementPolicies
withManagementPolicies(managementPolicies)
"THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md"
fn spec.withManagementPoliciesMixin
withManagementPoliciesMixin(managementPolicies)
"THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md"
Note: This function appends passed data to existing values
obj spec.forProvider
fn spec.forProvider.withAvailableMemoryMb
withAvailableMemoryMb(availableMemoryMb)
"Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc."
fn spec.forProvider.withBuildEnvironmentVariables
withBuildEnvironmentVariables(buildEnvironmentVariables)
"A set of key/value environment variable pairs available during build time."
fn spec.forProvider.withBuildEnvironmentVariablesMixin
withBuildEnvironmentVariablesMixin(buildEnvironmentVariables)
"A set of key/value environment variable pairs available during build time."
Note: This function appends passed data to existing values
fn spec.forProvider.withBuildWorkerPool
withBuildWorkerPool(buildWorkerPool)
fn spec.forProvider.withDescription
withDescription(description)
"Description of the function."
fn spec.forProvider.withDockerRegistry
withDockerRegistry(dockerRegistry)
"Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY."
fn spec.forProvider.withDockerRepository
withDockerRepository(dockerRepository)
"User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means."
fn spec.forProvider.withEntryPoint
withEntryPoint(entryPoint)
"Name of the function that will be executed when the Google Cloud Function is triggered."
fn spec.forProvider.withEnvironmentVariables
withEnvironmentVariables(environmentVariables)
"A set of key/value environment variable pairs to assign to the function."
fn spec.forProvider.withEnvironmentVariablesMixin
withEnvironmentVariablesMixin(environmentVariables)
"A set of key/value environment variable pairs to assign to the function."
Note: This function appends passed data to existing values
fn spec.forProvider.withEventTrigger
withEventTrigger(eventTrigger)
"A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http."
fn spec.forProvider.withEventTriggerMixin
withEventTriggerMixin(eventTrigger)
"A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http."
Note: This function appends passed data to existing values
fn spec.forProvider.withHttpsTriggerSecurityLevel
withHttpsTriggerSecurityLevel(httpsTriggerSecurityLevel)
"The security level for the function. The following options are available:"
fn spec.forProvider.withHttpsTriggerUrl
withHttpsTriggerUrl(httpsTriggerUrl)
"URL which triggers function execution. Returned only if trigger_http is used."
fn spec.forProvider.withIngressSettings
withIngressSettings(ingressSettings)
"String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function."
fn spec.forProvider.withKmsKeyName
withKmsKeyName(kmsKeyName)
"Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key"
fn spec.forProvider.withLabels
withLabels(labels)
"A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements."
fn spec.forProvider.withLabelsMixin
withLabelsMixin(labels)
"A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements."
Note: This function appends passed data to existing values
fn spec.forProvider.withMaxInstances
withMaxInstances(maxInstances)
"The limit on the maximum number of function instances that may coexist at a given time."
fn spec.forProvider.withMinInstances
withMinInstances(minInstances)
"The limit on the minimum number of function instances that may coexist at a given time."
fn spec.forProvider.withProject
withProject(project)
"Project of the function. If it is not provided, the provider project is used."
fn spec.forProvider.withRegion
withRegion(region)
"Region of function. If it is not provided, the provider region is used."
fn spec.forProvider.withRuntime
withRuntime(runtime)
"The runtime in which the function is going to run. Eg. \"nodejs16\", \"python39\", \"dotnet3\", \"go116\", \"java11\", \"ruby30\", \"php74\", etc. Check the official doc for the up-to-date list."
fn spec.forProvider.withSecretEnvironmentVariables
withSecretEnvironmentVariables(secretEnvironmentVariables)
"Secret environment variables configuration. Structure is documented below."
fn spec.forProvider.withSecretEnvironmentVariablesMixin
withSecretEnvironmentVariablesMixin(secretEnvironmentVariables)
"Secret environment variables configuration. Structure is documented below."
Note: This function appends passed data to existing values
fn spec.forProvider.withSecretVolumes
withSecretVolumes(secretVolumes)
"Secret volumes configuration. Structure is documented below."
fn spec.forProvider.withSecretVolumesMixin
withSecretVolumesMixin(secretVolumes)
"Secret volumes configuration. Structure is documented below."
Note: This function appends passed data to existing values
fn spec.forProvider.withServiceAccountEmail
withServiceAccountEmail(serviceAccountEmail)
"If provided, the self-provided service account to run the function with."
fn spec.forProvider.withSourceArchiveBucket
withSourceArchiveBucket(sourceArchiveBucket)
"The GCS bucket containing the zip archive which contains the function."
fn spec.forProvider.withSourceArchiveObject
withSourceArchiveObject(sourceArchiveObject)
"The source archive object (file) in archive bucket."
fn spec.forProvider.withSourceRepository
withSourceRepository(sourceRepository)
"Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*"
fn spec.forProvider.withSourceRepositoryMixin
withSourceRepositoryMixin(sourceRepository)
"Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*"
Note: This function appends passed data to existing values
fn spec.forProvider.withTimeout
withTimeout(timeout)
"Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds."
fn spec.forProvider.withTriggerHttp
withTriggerHttp(triggerHttp)
"Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger."
fn spec.forProvider.withVpcConnector
withVpcConnector(vpcConnector)
"The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects//locations//connectors/*."
fn spec.forProvider.withVpcConnectorEgressSettings
withVpcConnectorEgressSettings(vpcConnectorEgressSettings)
"The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value."
obj spec.forProvider.eventTrigger
"A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http."
fn spec.forProvider.eventTrigger.withEventType
withEventType(eventType)
"The type of event to observe. For example: \"google.storage.object.finalize\". See the documentation on calling Cloud Functions for a full reference of accepted triggers."
fn spec.forProvider.eventTrigger.withFailurePolicy
withFailurePolicy(failurePolicy)
"Specifies policy for failed executions. Structure is documented below."
fn spec.forProvider.eventTrigger.withFailurePolicyMixin
withFailurePolicyMixin(failurePolicy)
"Specifies policy for failed executions. Structure is documented below."
Note: This function appends passed data to existing values
fn spec.forProvider.eventTrigger.withResource
withResource(resource)
"Required. The name or partial URI of the resource from which to observe events. For example, \"myBucket\" or \"projects/my-project/topics/my-topic\
obj spec.forProvider.eventTrigger.failurePolicy
"Specifies policy for failed executions. Structure is documented below."
fn spec.forProvider.eventTrigger.failurePolicy.withRetry
withRetry(retry)
"Whether the function should be retried on failure. Defaults to false."
obj spec.forProvider.secretEnvironmentVariables
"Secret environment variables configuration. Structure is documented below."
fn spec.forProvider.secretEnvironmentVariables.withKey
withKey(key)
"Name of the environment variable."
fn spec.forProvider.secretEnvironmentVariables.withProjectId
withProjectId(projectId)
"Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function."
fn spec.forProvider.secretEnvironmentVariables.withSecret
withSecret(secret)
"ID of the secret in secret manager (not the full resource name)."
fn spec.forProvider.secretEnvironmentVariables.withVersion
withVersion(version)
"Version of the secret (version number or the string \"latest\"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start."
obj spec.forProvider.secretVolumes
"Secret volumes configuration. Structure is documented below."
fn spec.forProvider.secretVolumes.withMountPath
withMountPath(mountPath)
"The path within the container to mount the secret volume. For example, setting the mount_path as \"/etc/secrets\" would mount the secret value files under the \"/etc/secrets\" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: \"/etc/secrets\" Restricted mount paths: \"/cloudsql\", \"/dev/log\", \"/pod\", \"/proc\", \"/var/log\"."
fn spec.forProvider.secretVolumes.withProjectId
withProjectId(projectId)
"Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function."
fn spec.forProvider.secretVolumes.withSecret
withSecret(secret)
"ID of the secret in secret manager (not the full resource name)."
fn spec.forProvider.secretVolumes.withVersions
withVersions(versions)
"List of secret versions to mount for this secret. If empty, the \"latest\" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below."
fn spec.forProvider.secretVolumes.withVersionsMixin
withVersionsMixin(versions)
"List of secret versions to mount for this secret. If empty, the \"latest\" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below."
Note: This function appends passed data to existing values
obj spec.forProvider.secretVolumes.versions
"List of secret versions to mount for this secret. If empty, the \"latest\" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below."
fn spec.forProvider.secretVolumes.versions.withPath
withPath(path)
"Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as \"/etc/secrets\" and path as \"/secret_foo\" would mount the secret value file at \"/etc/secrets/secret_foo\"."
fn spec.forProvider.secretVolumes.versions.withVersion
withVersion(version)
"Version of the secret (version number or the string \"latest\"). It is preferable to use \"latest\" version with secret volumes as secret value changes are reflected immediately."
obj spec.forProvider.sourceArchiveBucketRef
"Reference to a Bucket in storage to populate sourceArchiveBucket."
fn spec.forProvider.sourceArchiveBucketRef.withName
withName(name)
"Name of the referenced object."
obj spec.forProvider.sourceArchiveBucketRef.policy
"Policies for referencing."
fn spec.forProvider.sourceArchiveBucketRef.policy.withResolution
withResolution(resolution)
"Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved."
fn spec.forProvider.sourceArchiveBucketRef.policy.withResolve
withResolve(resolve)
"Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile."
obj spec.forProvider.sourceArchiveBucketSelector
"Selector for a Bucket in storage to populate sourceArchiveBucket."
fn spec.forProvider.sourceArchiveBucketSelector.withMatchControllerRef
withMatchControllerRef(matchControllerRef)
"MatchControllerRef ensures an object with the same controller reference as the selecting object is selected."
fn spec.forProvider.sourceArchiveBucketSelector.withMatchLabels
withMatchLabels(matchLabels)
"MatchLabels ensures an object with matching labels is selected."
fn spec.forProvider.sourceArchiveBucketSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"MatchLabels ensures an object with matching labels is selected."
Note: This function appends passed data to existing values
obj spec.forProvider.sourceArchiveBucketSelector.policy
"Policies for selection."
fn spec.forProvider.sourceArchiveBucketSelector.policy.withResolution
withResolution(resolution)
"Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved."
fn spec.forProvider.sourceArchiveBucketSelector.policy.withResolve
withResolve(resolve)
"Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile."
obj spec.forProvider.sourceArchiveObjectRef
"Reference to a BucketObject in storage to populate sourceArchiveObject."
fn spec.forProvider.sourceArchiveObjectRef.withName
withName(name)
"Name of the referenced object."
obj spec.forProvider.sourceArchiveObjectRef.policy
"Policies for referencing."
fn spec.forProvider.sourceArchiveObjectRef.policy.withResolution
withResolution(resolution)
"Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved."
fn spec.forProvider.sourceArchiveObjectRef.policy.withResolve
withResolve(resolve)
"Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile."
obj spec.forProvider.sourceArchiveObjectSelector
"Selector for a BucketObject in storage to populate sourceArchiveObject."
fn spec.forProvider.sourceArchiveObjectSelector.withMatchControllerRef
withMatchControllerRef(matchControllerRef)
"MatchControllerRef ensures an object with the same controller reference as the selecting object is selected."
fn spec.forProvider.sourceArchiveObjectSelector.withMatchLabels
withMatchLabels(matchLabels)
"MatchLabels ensures an object with matching labels is selected."
fn spec.forProvider.sourceArchiveObjectSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"MatchLabels ensures an object with matching labels is selected."
Note: This function appends passed data to existing values
obj spec.forProvider.sourceArchiveObjectSelector.policy
"Policies for selection."
fn spec.forProvider.sourceArchiveObjectSelector.policy.withResolution
withResolution(resolution)
"Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved."
fn spec.forProvider.sourceArchiveObjectSelector.policy.withResolve
withResolve(resolve)
"Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile."
obj spec.forProvider.sourceRepository
"Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*"
fn spec.forProvider.sourceRepository.withUrl
withUrl(url)
"The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:"
obj spec.initProvider
"THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. InitProvider holds the same fields as ForProvider, with the exception of Identifier and other resource reference fields. The fields that are in InitProvider are merged into ForProvider when the resource is created. The same fields are also added to the terraform ignore_changes hook, to avoid updating them after creation. This is useful for fields that are required on creation, but we do not desire to update them after creation, for example because of an external controller is managing them, like an autoscaler."
fn spec.initProvider.withAvailableMemoryMb
withAvailableMemoryMb(availableMemoryMb)
"Memory (in MB), available to the function. Default value is 256. Possible values include 128, 256, 512, 1024, etc."
fn spec.initProvider.withBuildEnvironmentVariables
withBuildEnvironmentVariables(buildEnvironmentVariables)
"A set of key/value environment variable pairs available during build time."
fn spec.initProvider.withBuildEnvironmentVariablesMixin
withBuildEnvironmentVariablesMixin(buildEnvironmentVariables)
"A set of key/value environment variable pairs available during build time."
Note: This function appends passed data to existing values
fn spec.initProvider.withBuildWorkerPool
withBuildWorkerPool(buildWorkerPool)
fn spec.initProvider.withDescription
withDescription(description)
"Description of the function."
fn spec.initProvider.withDockerRegistry
withDockerRegistry(dockerRegistry)
"Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY."
fn spec.initProvider.withDockerRepository
withDockerRepository(dockerRepository)
"User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, Container Registry will be used by default, unless specified otherwise by other means."
fn spec.initProvider.withEntryPoint
withEntryPoint(entryPoint)
"Name of the function that will be executed when the Google Cloud Function is triggered."
fn spec.initProvider.withEnvironmentVariables
withEnvironmentVariables(environmentVariables)
"A set of key/value environment variable pairs to assign to the function."
fn spec.initProvider.withEnvironmentVariablesMixin
withEnvironmentVariablesMixin(environmentVariables)
"A set of key/value environment variable pairs to assign to the function."
Note: This function appends passed data to existing values
fn spec.initProvider.withEventTrigger
withEventTrigger(eventTrigger)
"A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http."
fn spec.initProvider.withEventTriggerMixin
withEventTriggerMixin(eventTrigger)
"A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http."
Note: This function appends passed data to existing values
fn spec.initProvider.withHttpsTriggerSecurityLevel
withHttpsTriggerSecurityLevel(httpsTriggerSecurityLevel)
"The security level for the function. The following options are available:"
fn spec.initProvider.withHttpsTriggerUrl
withHttpsTriggerUrl(httpsTriggerUrl)
"URL which triggers function execution. Returned only if trigger_http is used."
fn spec.initProvider.withIngressSettings
withIngressSettings(ingressSettings)
"String value that controls what traffic can reach the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Check ingress documentation to see the impact of each settings value. Changes to this field will recreate the cloud function."
fn spec.initProvider.withKmsKeyName
withKmsKeyName(kmsKeyName)
"Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}. If specified, you must also provide an artifact registry repository using the docker_repository field that was created with the same KMS crypto key. Before deploying, please complete all pre-requisites described in https://cloud.google.com/functions/docs/securing/cmek#granting_service_accounts_access_to_the_key"
fn spec.initProvider.withLabels
withLabels(labels)
"A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements."
fn spec.initProvider.withLabelsMixin
withLabelsMixin(labels)
"A set of key/value label pairs to assign to the function. Label keys must follow the requirements at https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements."
Note: This function appends passed data to existing values
fn spec.initProvider.withMaxInstances
withMaxInstances(maxInstances)
"The limit on the maximum number of function instances that may coexist at a given time."
fn spec.initProvider.withMinInstances
withMinInstances(minInstances)
"The limit on the minimum number of function instances that may coexist at a given time."
fn spec.initProvider.withProject
withProject(project)
"Project of the function. If it is not provided, the provider project is used."
fn spec.initProvider.withRuntime
withRuntime(runtime)
"The runtime in which the function is going to run. Eg. \"nodejs16\", \"python39\", \"dotnet3\", \"go116\", \"java11\", \"ruby30\", \"php74\", etc. Check the official doc for the up-to-date list."
fn spec.initProvider.withSecretEnvironmentVariables
withSecretEnvironmentVariables(secretEnvironmentVariables)
"Secret environment variables configuration. Structure is documented below."
fn spec.initProvider.withSecretEnvironmentVariablesMixin
withSecretEnvironmentVariablesMixin(secretEnvironmentVariables)
"Secret environment variables configuration. Structure is documented below."
Note: This function appends passed data to existing values
fn spec.initProvider.withSecretVolumes
withSecretVolumes(secretVolumes)
"Secret volumes configuration. Structure is documented below."
fn spec.initProvider.withSecretVolumesMixin
withSecretVolumesMixin(secretVolumes)
"Secret volumes configuration. Structure is documented below."
Note: This function appends passed data to existing values
fn spec.initProvider.withServiceAccountEmail
withServiceAccountEmail(serviceAccountEmail)
"If provided, the self-provided service account to run the function with."
fn spec.initProvider.withSourceRepository
withSourceRepository(sourceRepository)
"Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*"
fn spec.initProvider.withSourceRepositoryMixin
withSourceRepositoryMixin(sourceRepository)
"Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*"
Note: This function appends passed data to existing values
fn spec.initProvider.withTimeout
withTimeout(timeout)
"Timeout (in seconds) for the function. Default value is 60 seconds. Cannot be more than 540 seconds."
fn spec.initProvider.withTriggerHttp
withTriggerHttp(triggerHttp)
"Boolean variable. Any HTTP request (of a supported type) to the endpoint will trigger function execution. Supported HTTP request types are: POST, PUT, GET, DELETE, and OPTIONS. Endpoint is returned as https_trigger_url. Cannot be used with event_trigger."
fn spec.initProvider.withVpcConnector
withVpcConnector(vpcConnector)
"The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects//locations//connectors/*."
fn spec.initProvider.withVpcConnectorEgressSettings
withVpcConnectorEgressSettings(vpcConnectorEgressSettings)
"The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. Defaults to PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value."
obj spec.initProvider.eventTrigger
"A source that fires events in response to a condition in another service. Structure is documented below. Cannot be used with trigger_http."
fn spec.initProvider.eventTrigger.withEventType
withEventType(eventType)
"The type of event to observe. For example: \"google.storage.object.finalize\". See the documentation on calling Cloud Functions for a full reference of accepted triggers."
fn spec.initProvider.eventTrigger.withFailurePolicy
withFailurePolicy(failurePolicy)
"Specifies policy for failed executions. Structure is documented below."
fn spec.initProvider.eventTrigger.withFailurePolicyMixin
withFailurePolicyMixin(failurePolicy)
"Specifies policy for failed executions. Structure is documented below."
Note: This function appends passed data to existing values
fn spec.initProvider.eventTrigger.withResource
withResource(resource)
"Required. The name or partial URI of the resource from which to observe events. For example, \"myBucket\" or \"projects/my-project/topics/my-topic\
obj spec.initProvider.eventTrigger.failurePolicy
"Specifies policy for failed executions. Structure is documented below."
fn spec.initProvider.eventTrigger.failurePolicy.withRetry
withRetry(retry)
"Whether the function should be retried on failure. Defaults to false."
obj spec.initProvider.secretEnvironmentVariables
"Secret environment variables configuration. Structure is documented below."
fn spec.initProvider.secretEnvironmentVariables.withKey
withKey(key)
"Name of the environment variable."
fn spec.initProvider.secretEnvironmentVariables.withProjectId
withProjectId(projectId)
"Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function."
fn spec.initProvider.secretEnvironmentVariables.withSecret
withSecret(secret)
"ID of the secret in secret manager (not the full resource name)."
fn spec.initProvider.secretEnvironmentVariables.withVersion
withVersion(version)
"Version of the secret (version number or the string \"latest\"). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new clones start."
obj spec.initProvider.secretVolumes
"Secret volumes configuration. Structure is documented below."
fn spec.initProvider.secretVolumes.withMountPath
withMountPath(mountPath)
"The path within the container to mount the secret volume. For example, setting the mount_path as \"/etc/secrets\" would mount the secret value files under the \"/etc/secrets\" directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: \"/etc/secrets\" Restricted mount paths: \"/cloudsql\", \"/dev/log\", \"/pod\", \"/proc\", \"/var/log\"."
fn spec.initProvider.secretVolumes.withProjectId
withProjectId(projectId)
"Project identifier (due to a known limitation, only project number is supported by this field) of the project that contains the secret. If not set, it will be populated with the function's project, assuming that the secret exists in the same project as of the function."
fn spec.initProvider.secretVolumes.withSecret
withSecret(secret)
"ID of the secret in secret manager (not the full resource name)."
fn spec.initProvider.secretVolumes.withVersions
withVersions(versions)
"List of secret versions to mount for this secret. If empty, the \"latest\" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below."
fn spec.initProvider.secretVolumes.withVersionsMixin
withVersionsMixin(versions)
"List of secret versions to mount for this secret. If empty, the \"latest\" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below."
Note: This function appends passed data to existing values
obj spec.initProvider.secretVolumes.versions
"List of secret versions to mount for this secret. If empty, the \"latest\" version of the secret will be made available in a file named after the secret under the mount point. Structure is documented below."
fn spec.initProvider.secretVolumes.versions.withPath
withPath(path)
"Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as \"/etc/secrets\" and path as \"/secret_foo\" would mount the secret value file at \"/etc/secrets/secret_foo\"."
fn spec.initProvider.secretVolumes.versions.withVersion
withVersion(version)
"Version of the secret (version number or the string \"latest\"). It is preferable to use \"latest\" version with secret volumes as secret value changes are reflected immediately."
obj spec.initProvider.sourceRepository
"Represents parameters related to source repository where a function is hosted. Cannot be set alongside source_archive_bucket or source_archive_object. Structure is documented below. It must match the pattern projects/{project}/locations/{location}/repositories/{repository}.*"
fn spec.initProvider.sourceRepository.withUrl
withUrl(url)
"The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats:"
obj spec.providerConfigRef
"ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured."
fn spec.providerConfigRef.withName
withName(name)
"Name of the referenced object."
obj spec.providerConfigRef.policy
"Policies for referencing."
fn spec.providerConfigRef.policy.withResolution
withResolution(resolution)
"Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved."
fn spec.providerConfigRef.policy.withResolve
withResolve(resolve)
"Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile."
obj spec.providerRef
"ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef"
fn spec.providerRef.withName
withName(name)
"Name of the referenced object."
obj spec.providerRef.policy
"Policies for referencing."
fn spec.providerRef.policy.withResolution
withResolution(resolution)
"Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved."
fn spec.providerRef.policy.withResolve
withResolve(resolve)
"Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile."
obj spec.publishConnectionDetailsTo
"PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource."
fn spec.publishConnectionDetailsTo.withName
withName(name)
"Name is the name of the connection secret."
obj spec.publishConnectionDetailsTo.configRef
"SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret."
fn spec.publishConnectionDetailsTo.configRef.withName
withName(name)
"Name of the referenced object."
obj spec.publishConnectionDetailsTo.configRef.policy
"Policies for referencing."
fn spec.publishConnectionDetailsTo.configRef.policy.withResolution
withResolution(resolution)
"Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved."
fn spec.publishConnectionDetailsTo.configRef.policy.withResolve
withResolve(resolve)
"Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile."
obj spec.publishConnectionDetailsTo.metadata
"Metadata is the metadata for connection secret."
fn spec.publishConnectionDetailsTo.metadata.withAnnotations
withAnnotations(annotations)
"Annotations are the annotations to be added to connection secret. - For Kubernetes secrets, this will be used as \"metadata.annotations\". - It is up to Secret Store implementation for others store types."
fn spec.publishConnectionDetailsTo.metadata.withAnnotationsMixin
withAnnotationsMixin(annotations)
"Annotations are the annotations to be added to connection secret. - For Kubernetes secrets, this will be used as \"metadata.annotations\". - It is up to Secret Store implementation for others store types."
Note: This function appends passed data to existing values
fn spec.publishConnectionDetailsTo.metadata.withLabels
withLabels(labels)
"Labels are the labels/tags to be added to connection secret. - For Kubernetes secrets, this will be used as \"metadata.labels\". - It is up to Secret Store implementation for others store types."
fn spec.publishConnectionDetailsTo.metadata.withLabelsMixin
withLabelsMixin(labels)
"Labels are the labels/tags to be added to connection secret. - For Kubernetes secrets, this will be used as \"metadata.labels\". - It is up to Secret Store implementation for others store types."
Note: This function appends passed data to existing values
fn spec.publishConnectionDetailsTo.metadata.withType
withType(type)
"Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores."
obj spec.writeConnectionSecretToRef
"WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other."
fn spec.writeConnectionSecretToRef.withName
withName(name)
"Name of the secret."
fn spec.writeConnectionSecretToRef.withNamespace
withNamespace(namespace)
"Namespace of the secret."