--- title: Getting Started with Datadog description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > Infrastructure > Datadog Resource Catalog --- # gcp_cloudfunctions_function{% #gcp_cloudfunctions_function %} ## `ancestors`{% #ancestors %} **Type**: `UNORDERED_LIST_STRING` ## `build_config`{% #build_config %} **Type**: `STRUCT`**Provider name**: `buildConfig`**Description**: Describes the Build step of the function that builds a container from the given source. - `automatic_update_policy`**Type**: `STRUCT`**Provider name**: `automaticUpdatePolicy` - `build`**Type**: `STRING`**Provider name**: `build`**Description**: Output only. The Cloud Build name of the latest successful deployment of the function. - `docker_registry`**Type**: `STRING`**Provider name**: `dockerRegistry`**Description**: Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. Deprecated: Container Registry option will no longer be available after March 2025: [https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr](https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr) Please use Artifact Registry instead, which is the default choice. If unspecified, it defaults to `ARTIFACT_REGISTRY`. If `docker_repository` field is specified, this field should either be left unspecified or set to `ARTIFACT_REGISTRY`.**Possible values**: - `DOCKER_REGISTRY_UNSPECIFIED` - Unspecified. - `CONTAINER_REGISTRY` - Docker images will be stored in multi-regional Container Registry repositories named `gcf`. - `ARTIFACT_REGISTRY` - Docker images will be stored in regional Artifact Registry repositories. By default, GCF will create and use repositories named `gcf-artifacts` in every region in which a function is deployed. But the repository to use can also be specified by the user using the `docker_repository` field. - `docker_repository`**Type**: `STRING`**Provider name**: `dockerRepository`**Description**: Repository in Artifact Registry to which the function docker image will be pushed after it is built by Cloud Build. If specified by user, it is created and managed by user with a customer managed encryption key. Otherwise, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Repository format must be 'DOCKER'. - `entry_point`**Type**: `STRING`**Provider name**: `entryPoint`**Description**: The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in `source_location`. - `gcp_source`**Type**: `STRUCT`**Provider name**: `source`**Description**: The location of the function source code. - `git_uri`**Type**: `STRING`**Provider name**: `gitUri`**Description**: If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: [https://github.com///blob//](https://github.com///blob//) - `repo_source`**Type**: `STRUCT`**Provider name**: `repoSource`**Description**: If provided, get the source from this location in a Cloud Source Repository. - `branch_name`**Type**: `STRING`**Provider name**: `branchName`**Description**: Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `commit_sha`**Type**: `STRING`**Provider name**: `commitSha`**Description**: Explicit commit SHA to build. - `dir`**Type**: `STRING`**Provider name**: `dir`**Description**: Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed) - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. - `repo_name`**Type**: `STRING`**Provider name**: `repoName`**Description**: Name of the Cloud Source Repository. - `tag_name`**Type**: `STRING`**Provider name**: `tagName`**Description**: Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `storage_source`**Type**: `STRUCT`**Provider name**: `storageSource`**Description**: If provided, get the source from this location in Google Cloud Storage. - `bucket`**Type**: `STRING`**Provider name**: `bucket`**Description**: Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - `generation`**Type**: `STRING`**Provider name**: `generation`**Description**: Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used. - `object`**Type**: `STRING`**Provider name**: `object`**Description**: Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build. - `source_upload_url`**Type**: `STRING`**Provider name**: `sourceUploadUrl`**Description**: When the specified storage bucket is a 1st gen function uploard url bucket, this field should be set as the generated upload url for 1st gen deployment. - `on_deploy_update_policy`**Type**: `STRUCT`**Provider name**: `onDeployUpdatePolicy` - `runtime_version`**Type**: `STRING`**Provider name**: `runtimeVersion`**Description**: Output only. contains the runtime version which was used during latest function deployment. - `runtime`**Type**: `STRING`**Provider name**: `runtime`**Description**: The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime). - `service_account`**Type**: `STRING`**Provider name**: `serviceAccount`**Description**: Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. - `source_provenance`**Type**: `STRUCT`**Provider name**: `sourceProvenance`**Description**: Output only. A permanent fixed identifier for source. - `git_uri`**Type**: `STRING`**Provider name**: `gitUri`**Description**: A copy of the build's `source.git_uri`, if exists, with any commits resolved. - `resolved_repo_source`**Type**: `STRUCT`**Provider name**: `resolvedRepoSource`**Description**: A copy of the build's `source.repo_source`, if exists, with any revisions resolved. - `branch_name`**Type**: `STRING`**Provider name**: `branchName`**Description**: Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `commit_sha`**Type**: `STRING`**Provider name**: `commitSha`**Description**: Explicit commit SHA to build. - `dir`**Type**: `STRING`**Provider name**: `dir`**Description**: Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed) - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. - `repo_name`**Type**: `STRING`**Provider name**: `repoName`**Description**: Name of the Cloud Source Repository. - `tag_name`**Type**: `STRING`**Provider name**: `tagName`**Description**: Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `resolved_storage_source`**Type**: `STRUCT`**Provider name**: `resolvedStorageSource`**Description**: A copy of the build's `source.storage_source`, if exists, with any generations resolved. - `bucket`**Type**: `STRING`**Provider name**: `bucket`**Description**: Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - `generation`**Type**: `STRING`**Provider name**: `generation`**Description**: Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used. - `object`**Type**: `STRING`**Provider name**: `object`**Description**: Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build. - `source_upload_url`**Type**: `STRING`**Provider name**: `sourceUploadUrl`**Description**: When the specified storage bucket is a 1st gen function uploard url bucket, this field should be set as the generated upload url for 1st gen deployment. - `source_token`**Type**: `STRING`**Provider name**: `sourceToken`**Description**: An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments. - `worker_pool`**Type**: `STRING`**Provider name**: `workerPool`**Description**: Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent ([service-@gcf-admin-robot.iam.gserviceaccount.com](mailto:service-@gcf-admin-robot.iam.gserviceaccount.com)) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project. ## `create_time`{% #create_time %} **Type**: `TIMESTAMP`**Provider name**: `createTime`**Description**: Output only. The create timestamp of a Cloud Function. This is only applicable to 2nd Gen functions. ## `description`{% #description %} **Type**: `STRING`**Provider name**: `description`**Description**: User-provided description of a function. ## `environment`{% #environment %} **Type**: `STRING`**Provider name**: `environment`**Description**: Describe whether the function is 1st Gen or 2nd Gen.**Possible values**: - `ENVIRONMENT_UNSPECIFIED` - Unspecified - `GEN_1` - Gen 1 - `GEN_2` - Gen 2 ## `event_trigger`{% #event_trigger %} **Type**: `STRUCT`**Provider name**: `eventTrigger`**Description**: An Eventarc trigger managed by Google Cloud Functions that fires events in response to a condition in another service. - `channel`**Type**: `STRING`**Provider name**: `channel`**Description**: Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners. - `event_filters`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `eventFilters`**Description**: Criteria used to filter events. - `attribute`**Type**: `STRING`**Provider name**: `attribute`**Description**: Required. The name of a CloudEvents attribute. - `operator`**Type**: `STRING`**Provider name**: `operator`**Description**: Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`. - `value`**Type**: `STRING`**Provider name**: `value`**Description**: Required. The value for the attribute. - `event_type`**Type**: `STRING`**Provider name**: `eventType`**Description**: Required. The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`. - `pubsub_topic`**Type**: `STRING`**Provider name**: `pubsubTopic`**Description**: Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion. - `retry_policy`**Type**: `STRING`**Provider name**: `retryPolicy`**Description**: Optional. If unset, then defaults to ignoring failures (i.e. not retrying them).**Possible values**: - `RETRY_POLICY_UNSPECIFIED` - Not specified. - `RETRY_POLICY_DO_NOT_RETRY` - Do not retry. - `RETRY_POLICY_RETRY` - Retry on any failure, retry up to 7 days with an exponential backoff (capped at 10 seconds). - `service`**Type**: `STRING`**Provider name**: `service`**Description**: Optional. The hostname of the service that 1st Gen function should be observed. If no string is provided, the default service implementing the API will be used. For example, `storage.googleapis.com` is the default for all event types in the `google.storage` namespace. The field is only applicable to 1st Gen functions. - `service_account_email`**Type**: `STRING`**Provider name**: `serviceAccountEmail`**Description**: Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`. - `trigger`**Type**: `STRING`**Provider name**: `trigger`**Description**: Output only. The resource name of the Eventarc trigger. The format of this field is `projects/{project}/locations/{region}/triggers/{trigger}`. - `trigger_region`**Type**: `STRING`**Provider name**: `triggerRegion`**Description**: The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function. ## `kms_key_name`{% #kms_key_name %} **Type**: `STRING`**Provider name**: `kmsKeyName`**Description**: Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. ## `labels`{% #labels %} **Type**: `UNORDERED_LIST_STRING` ## `name`{% #name %} **Type**: `STRING`**Provider name**: `name`**Description**: A user-defined name of the function. Function names must be unique globally and match pattern `projects/*/locations/*/functions/*` ## `organization_id`{% #organization_id %} **Type**: `STRING` ## `parent`{% #parent %} **Type**: `STRING` ## `project_id`{% #project_id %} **Type**: `STRING` ## `project_number`{% #project_number %} **Type**: `STRING` ## `region_id`{% #region_id %} **Type**: `STRING` ## `resource_name`{% #resource_name %} **Type**: `STRING` ## `satisfies_pzi`{% #satisfies_pzi %} **Type**: `BOOLEAN`**Provider name**: `satisfiesPzi`**Description**: Output only. Reserved for future use. ## `satisfies_pzs`{% #satisfies_pzs %} **Type**: `BOOLEAN`**Provider name**: `satisfiesPzs`**Description**: Output only. Reserved for future use. ## `service_config`{% #service_config %} **Type**: `STRUCT`**Provider name**: `serviceConfig`**Description**: Describes the Service being deployed. Currently deploys services to Cloud Run (fully managed). - `all_traffic_on_latest_revision`**Type**: `BOOLEAN`**Provider name**: `allTrafficOnLatestRevision`**Description**: Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic. - `available_cpu`**Type**: `STRING`**Provider name**: `availableCpu`**Description**: The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see [https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements](https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements) Example: "1" indicates 1 vCPU - `available_memory`**Type**: `STRING`**Provider name**: `availableMemory`**Description**: The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See [https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go](https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go) a full description. - `binary_authorization_policy`**Type**: `STRING`**Provider name**: `binaryAuthorizationPolicy`**Description**: Optional. The binary authorization policy to be checked when deploying the Cloud Run service. - `ingress_settings`**Type**: `STRING`**Provider name**: `ingressSettings`**Description**: The ingress settings for the function, controlling what traffic can reach it.**Possible values**: - `INGRESS_SETTINGS_UNSPECIFIED` - Unspecified. - `ALLOW_ALL` - Allow HTTP traffic from public and private sources. - `ALLOW_INTERNAL_ONLY` - Allow HTTP traffic from only private VPC sources. - `ALLOW_INTERNAL_AND_GCLB` - Allow HTTP traffic from private VPC sources and through GCLB. - `max_instance_count`**Type**: `INT32`**Provider name**: `maxInstanceCount`**Description**: The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details. - `max_instance_request_concurrency`**Type**: `INT32`**Provider name**: `maxInstanceRequestConcurrency`**Description**: Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1. - `min_instance_count`**Type**: `INT32`**Provider name**: `minInstanceCount`**Description**: The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case. - `revision`**Type**: `STRING`**Provider name**: `revision`**Description**: Output only. The name of service revision. - `secret_volumes`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `secretVolumes`**Description**: Secret volumes configuration. - `mount_path`**Type**: `STRING`**Provider name**: `mountPath`**Description**: The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function. - `secret`**Type**: `STRING`**Provider name**: `secret`**Description**: Name of the secret in secret manager (not the full resource name). - `versions`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `versions`**Description**: List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point. - `path`**Type**: `STRING`**Provider name**: `path`**Description**: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately. - `security_level`**Type**: `STRING`**Provider name**: `securityLevel`**Description**: Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY.**Possible values**: - `SECURITY_LEVEL_UNSPECIFIED` - Unspecified. - `SECURE_ALWAYS` - Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect. - `SECURE_OPTIONAL` - Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly. - `service`**Type**: `STRING`**Provider name**: `service`**Description**: Output only. Name of the service associated with a Function. The format of this field is `projects/{project}/locations/{region}/services/{service}` - `service_account_email`**Type**: `STRING`**Provider name**: `serviceAccountEmail`**Description**: The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`. - `timeout_seconds`**Type**: `INT32`**Provider name**: `timeoutSeconds`**Description**: The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds. - `uri`**Type**: `STRING`**Provider name**: `uri`**Description**: Output only. URI of the Service deployed. - `vpc_connector`**Type**: `STRING`**Provider name**: `vpcConnector`**Description**: The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`. - `vpc_connector_egress_settings`**Type**: `STRING`**Provider name**: `vpcConnectorEgressSettings`**Description**: The egress settings for the connector, controlling what traffic is diverted through it.**Possible values**: - `VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED` - Unspecified. - `PRIVATE_RANGES_ONLY` - Use the VPC Access Connector only for private IP space from RFC1918. - `ALL_TRAFFIC` - Force the use of VPC Access Connector for all egress traffic from the function. ## `state`{% #state %} **Type**: `STRING`**Provider name**: `state`**Description**: Output only. State of the function.**Possible values**: - `STATE_UNSPECIFIED` - Not specified. Invalid state. - `ACTIVE` - Function has been successfully deployed and is serving. - `FAILED` - Function deployment failed and the function is not serving. - `DEPLOYING` - Function is being created or updated. - `DELETING` - Function is being deleted. - `UNKNOWN` - Function deployment failed and the function serving state is undefined. The function should be updated or deleted to move it out of this state. - `DETACHING` - Function is being detached. - `DETACH_FAILED` - Function detach failed and the function is still serving. ## `state_messages`{% #state_messages %} **Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `stateMessages`**Description**: Output only. State Messages for this Cloud Function. - `message`**Type**: `STRING`**Provider name**: `message`**Description**: The message. - `severity`**Type**: `STRING`**Provider name**: `severity`**Description**: Severity of the state message.**Possible values**: - `SEVERITY_UNSPECIFIED` - Not specified. Invalid severity. - `ERROR` - ERROR-level severity. - `WARNING` - WARNING-level severity. - `INFO` - INFO-level severity. - `type`**Type**: `STRING`**Provider name**: `type`**Description**: One-word CamelCase type of the state message. ## `tags`{% #tags %} **Type**: `UNORDERED_LIST_STRING` ## `update_time`{% #update_time %} **Type**: `TIMESTAMP`**Provider name**: `updateTime`**Description**: Output only. The last update timestamp of a Cloud Function. ## `upgrade_info`{% #upgrade_info %} **Type**: `STRUCT`**Provider name**: `upgradeInfo`**Description**: Output only. UpgradeInfo for this Cloud Function - `build_config`**Type**: `STRUCT`**Provider name**: `buildConfig`**Description**: Describes the Build step of the function that builds a container to prepare for 2nd gen upgrade. - `automatic_update_policy`**Type**: `STRUCT`**Provider name**: `automaticUpdatePolicy` - `build`**Type**: `STRING`**Provider name**: `build`**Description**: Output only. The Cloud Build name of the latest successful deployment of the function. - `docker_registry`**Type**: `STRING`**Provider name**: `dockerRegistry`**Description**: Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. Deprecated: Container Registry option will no longer be available after March 2025: [https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr](https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr) Please use Artifact Registry instead, which is the default choice. If unspecified, it defaults to `ARTIFACT_REGISTRY`. If `docker_repository` field is specified, this field should either be left unspecified or set to `ARTIFACT_REGISTRY`.**Possible values**: - `DOCKER_REGISTRY_UNSPECIFIED` - Unspecified. - `CONTAINER_REGISTRY` - Docker images will be stored in multi-regional Container Registry repositories named `gcf`. - `ARTIFACT_REGISTRY` - Docker images will be stored in regional Artifact Registry repositories. By default, GCF will create and use repositories named `gcf-artifacts` in every region in which a function is deployed. But the repository to use can also be specified by the user using the `docker_repository` field. - `docker_repository`**Type**: `STRING`**Provider name**: `dockerRepository`**Description**: Repository in Artifact Registry to which the function docker image will be pushed after it is built by Cloud Build. If specified by user, it is created and managed by user with a customer managed encryption key. Otherwise, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Repository format must be 'DOCKER'. - `entry_point`**Type**: `STRING`**Provider name**: `entryPoint`**Description**: The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in `source_location`. - `gcp_source`**Type**: `STRUCT`**Provider name**: `source`**Description**: The location of the function source code. - `git_uri`**Type**: `STRING`**Provider name**: `gitUri`**Description**: If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: [https://github.com///blob//](https://github.com///blob//) - `repo_source`**Type**: `STRUCT`**Provider name**: `repoSource`**Description**: If provided, get the source from this location in a Cloud Source Repository. - `branch_name`**Type**: `STRING`**Provider name**: `branchName`**Description**: Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `commit_sha`**Type**: `STRING`**Provider name**: `commitSha`**Description**: Explicit commit SHA to build. - `dir`**Type**: `STRING`**Provider name**: `dir`**Description**: Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed) - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. - `repo_name`**Type**: `STRING`**Provider name**: `repoName`**Description**: Name of the Cloud Source Repository. - `tag_name`**Type**: `STRING`**Provider name**: `tagName`**Description**: Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `storage_source`**Type**: `STRUCT`**Provider name**: `storageSource`**Description**: If provided, get the source from this location in Google Cloud Storage. - `bucket`**Type**: `STRING`**Provider name**: `bucket`**Description**: Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - `generation`**Type**: `STRING`**Provider name**: `generation`**Description**: Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used. - `object`**Type**: `STRING`**Provider name**: `object`**Description**: Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build. - `source_upload_url`**Type**: `STRING`**Provider name**: `sourceUploadUrl`**Description**: When the specified storage bucket is a 1st gen function uploard url bucket, this field should be set as the generated upload url for 1st gen deployment. - `on_deploy_update_policy`**Type**: `STRUCT`**Provider name**: `onDeployUpdatePolicy` - `runtime_version`**Type**: `STRING`**Provider name**: `runtimeVersion`**Description**: Output only. contains the runtime version which was used during latest function deployment. - `runtime`**Type**: `STRING`**Provider name**: `runtime`**Description**: The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime). - `service_account`**Type**: `STRING`**Provider name**: `serviceAccount`**Description**: Service account to be used for building the container. The format of this field is `projects/{projectId}/serviceAccounts/{serviceAccountEmail}`. - `source_provenance`**Type**: `STRUCT`**Provider name**: `sourceProvenance`**Description**: Output only. A permanent fixed identifier for source. - `git_uri`**Type**: `STRING`**Provider name**: `gitUri`**Description**: A copy of the build's `source.git_uri`, if exists, with any commits resolved. - `resolved_repo_source`**Type**: `STRUCT`**Provider name**: `resolvedRepoSource`**Description**: A copy of the build's `source.repo_source`, if exists, with any revisions resolved. - `branch_name`**Type**: `STRING`**Provider name**: `branchName`**Description**: Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `commit_sha`**Type**: `STRING`**Provider name**: `commitSha`**Description**: Explicit commit SHA to build. - `dir`**Type**: `STRING`**Provider name**: `dir`**Description**: Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed) - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed. - `repo_name`**Type**: `STRING`**Provider name**: `repoName`**Description**: Name of the Cloud Source Repository. - `tag_name`**Type**: `STRING`**Provider name**: `tagName`**Description**: Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at [https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax) - `resolved_storage_source`**Type**: `STRUCT`**Provider name**: `resolvedStorageSource`**Description**: A copy of the build's `source.storage_source`, if exists, with any generations resolved. - `bucket`**Type**: `STRING`**Provider name**: `bucket`**Description**: Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). - `generation`**Type**: `STRING`**Provider name**: `generation`**Description**: Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used. - `object`**Type**: `STRING`**Provider name**: `object`**Description**: Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build. - `source_upload_url`**Type**: `STRING`**Provider name**: `sourceUploadUrl`**Description**: When the specified storage bucket is a 1st gen function uploard url bucket, this field should be set as the generated upload url for 1st gen deployment. - `source_token`**Type**: `STRING`**Provider name**: `sourceToken`**Description**: An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments. - `worker_pool`**Type**: `STRING`**Provider name**: `workerPool`**Description**: Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent ([service-@gcf-admin-robot.iam.gserviceaccount.com](mailto:service-@gcf-admin-robot.iam.gserviceaccount.com)) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project. - `event_trigger`**Type**: `STRUCT`**Provider name**: `eventTrigger`**Description**: Describes the Event trigger which has been setup to prepare for 2nd gen upgrade. - `channel`**Type**: `STRING`**Provider name**: `channel`**Description**: Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners. - `event_filters`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `eventFilters`**Description**: Criteria used to filter events. - `attribute`**Type**: `STRING`**Provider name**: `attribute`**Description**: Required. The name of a CloudEvents attribute. - `operator`**Type**: `STRING`**Provider name**: `operator`**Description**: Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`. - `value`**Type**: `STRING`**Provider name**: `value`**Description**: Required. The value for the attribute. - `event_type`**Type**: `STRING`**Provider name**: `eventType`**Description**: Required. The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`. - `pubsub_topic`**Type**: `STRING`**Provider name**: `pubsubTopic`**Description**: Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion. - `retry_policy`**Type**: `STRING`**Provider name**: `retryPolicy`**Description**: Optional. If unset, then defaults to ignoring failures (i.e. not retrying them).**Possible values**: - `RETRY_POLICY_UNSPECIFIED` - Not specified. - `RETRY_POLICY_DO_NOT_RETRY` - Do not retry. - `RETRY_POLICY_RETRY` - Retry on any failure, retry up to 7 days with an exponential backoff (capped at 10 seconds). - `service`**Type**: `STRING`**Provider name**: `service`**Description**: Optional. The hostname of the service that 1st Gen function should be observed. If no string is provided, the default service implementing the API will be used. For example, `storage.googleapis.com` is the default for all event types in the `google.storage` namespace. The field is only applicable to 1st Gen functions. - `service_account_email`**Type**: `STRING`**Provider name**: `serviceAccountEmail`**Description**: Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`. - `trigger`**Type**: `STRING`**Provider name**: `trigger`**Description**: Output only. The resource name of the Eventarc trigger. The format of this field is `projects/{project}/locations/{region}/triggers/{trigger}`. - `trigger_region`**Type**: `STRING`**Provider name**: `triggerRegion`**Description**: The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function. - `service_config`**Type**: `STRUCT`**Provider name**: `serviceConfig`**Description**: Describes the Cloud Run service which has been setup to prepare for 2nd gen upgrade. - `all_traffic_on_latest_revision`**Type**: `BOOLEAN`**Provider name**: `allTrafficOnLatestRevision`**Description**: Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic. - `available_cpu`**Type**: `STRING`**Provider name**: `availableCpu`**Description**: The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see [https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements](https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements) Example: "1" indicates 1 vCPU - `available_memory`**Type**: `STRING`**Provider name**: `availableMemory`**Description**: The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See [https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go](https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go) a full description. - `binary_authorization_policy`**Type**: `STRING`**Provider name**: `binaryAuthorizationPolicy`**Description**: Optional. The binary authorization policy to be checked when deploying the Cloud Run service. - `ingress_settings`**Type**: `STRING`**Provider name**: `ingressSettings`**Description**: The ingress settings for the function, controlling what traffic can reach it.**Possible values**: - `INGRESS_SETTINGS_UNSPECIFIED` - Unspecified. - `ALLOW_ALL` - Allow HTTP traffic from public and private sources. - `ALLOW_INTERNAL_ONLY` - Allow HTTP traffic from only private VPC sources. - `ALLOW_INTERNAL_AND_GCLB` - Allow HTTP traffic from private VPC sources and through GCLB. - `max_instance_count`**Type**: `INT32`**Provider name**: `maxInstanceCount`**Description**: The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details. - `max_instance_request_concurrency`**Type**: `INT32`**Provider name**: `maxInstanceRequestConcurrency`**Description**: Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1. - `min_instance_count`**Type**: `INT32`**Provider name**: `minInstanceCount`**Description**: The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case. - `revision`**Type**: `STRING`**Provider name**: `revision`**Description**: Output only. The name of service revision. - `secret_volumes`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `secretVolumes`**Description**: Secret volumes configuration. - `mount_path`**Type**: `STRING`**Provider name**: `mountPath`**Description**: The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function. - `secret`**Type**: `STRING`**Provider name**: `secret`**Description**: Name of the secret in secret manager (not the full resource name). - `versions`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `versions`**Description**: List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point. - `path`**Type**: `STRING`**Provider name**: `path`**Description**: Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately. - `security_level`**Type**: `STRING`**Provider name**: `securityLevel`**Description**: Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY.**Possible values**: - `SECURITY_LEVEL_UNSPECIFIED` - Unspecified. - `SECURE_ALWAYS` - Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect. - `SECURE_OPTIONAL` - Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly. - `service`**Type**: `STRING`**Provider name**: `service`**Description**: Output only. Name of the service associated with a Function. The format of this field is `projects/{project}/locations/{region}/services/{service}` - `service_account_email`**Type**: `STRING`**Provider name**: `serviceAccountEmail`**Description**: The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`. - `timeout_seconds`**Type**: `INT32`**Provider name**: `timeoutSeconds`**Description**: The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds. - `uri`**Type**: `STRING`**Provider name**: `uri`**Description**: Output only. URI of the Service deployed. - `vpc_connector`**Type**: `STRING`**Provider name**: `vpcConnector`**Description**: The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`. - `vpc_connector_egress_settings`**Type**: `STRING`**Provider name**: `vpcConnectorEgressSettings`**Description**: The egress settings for the connector, controlling what traffic is diverted through it.**Possible values**: - `VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED` - Unspecified. - `PRIVATE_RANGES_ONLY` - Use the VPC Access Connector only for private IP space from RFC1918. - `ALL_TRAFFIC` - Force the use of VPC Access Connector for all egress traffic from the function. - `upgrade_state`**Type**: `STRING`**Provider name**: `upgradeState`**Description**: UpgradeState of the function**Possible values**: - `UPGRADE_STATE_UNSPECIFIED` - Unspecified state. Most functions are in this upgrade state. - `ELIGIBLE_FOR_2ND_GEN_UPGRADE` - Functions in this state are eligible for 1st Gen -> 2nd Gen upgrade. - `UPGRADE_OPERATION_IN_PROGRESS` - An upgrade related operation is in progress. - `SETUP_FUNCTION_UPGRADE_CONFIG_SUCCESSFUL` - SetupFunctionUpgradeConfig API was successful and a 2nd Gen function has been created based on 1st Gen function instance. - `SETUP_FUNCTION_UPGRADE_CONFIG_ERROR` - SetupFunctionUpgradeConfig API was un-successful. - `ABORT_FUNCTION_UPGRADE_ERROR` - AbortFunctionUpgrade API was un-successful. - `REDIRECT_FUNCTION_UPGRADE_TRAFFIC_SUCCESSFUL` - RedirectFunctionUpgradeTraffic API was successful and traffic is served by 2nd Gen function stack. - `REDIRECT_FUNCTION_UPGRADE_TRAFFIC_ERROR` - RedirectFunctionUpgradeTraffic API was un-successful. - `ROLLBACK_FUNCTION_UPGRADE_TRAFFIC_ERROR` - RollbackFunctionUpgradeTraffic API was un-successful. - `COMMIT_FUNCTION_UPGRADE_ERROR` - CommitFunctionUpgrade API was un-successful. ## `url`{% #url %} **Type**: `STRING`**Provider name**: `url`**Description**: Output only. The deployed url for the function. ## `zone_id`{% #zone_id %} **Type**: `STRING`