Implementa Cloud Functions (2nd gen) con el activador de Cloud Storage mediante Terraform
Organiza tus páginas con colecciones
Guarda y categoriza el contenido según tus preferencias.
Configuración completa de Terraform para implementar una función de Cloud Functions (2nd gen) controlada por eventos con recursos
Muestra de código
Salvo que se indique lo contrario, el contenido de esta página está sujeto a la licencia Atribución 4.0 de Creative Commons, y los ejemplos de código están sujetos a la licencia Apache 2.0. Para obtener más información, consulta las políticas del sitio de Google Developers. Java es una marca registrada de Oracle o sus afiliados.
[[["Fácil de comprender","easyToUnderstand","thumb-up"],["Resolvió mi problema","solvedMyProblem","thumb-up"],["Otro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Información o código de muestra incorrectos","incorrectInformationOrSampleCode","thumb-down"],["Faltan la información o los ejemplos que necesito","missingTheInformationSamplesINeed","thumb-down"],["Problema de traducción","translationIssue","thumb-down"],["Otro","otherDown","thumb-down"]],[],[[["\u003cp\u003eThis Terraform configuration deploys an event-driven Cloud Function (2nd gen) that responds to finalized object events in a specified Google Cloud Storage bucket.\u003c/p\u003e\n"],["\u003cp\u003eThe configuration creates two Google Cloud Storage buckets: one to store the function's source code and another to act as the event trigger for the function.\u003c/p\u003e\n"],["\u003cp\u003eThe Terraform setup includes the creation of a service account for the function and event trigger, with necessary IAM roles for invoking the function, receiving events, and accessing Artifact Registry.\u003c/p\u003e\n"],["\u003cp\u003eThe Cloud Function's build and service configurations are defined, specifying runtime, memory, timeout, environment variables, and ingress settings, along with the connection to the source code.\u003c/p\u003e\n"],["\u003cp\u003eThe configuration ensures the Google Cloud Storage service account has the necessary Pub/Sub Publisher role to enable CloudEvent triggers, alongside the creation of the appropriate event trigger.\u003c/p\u003e\n"]]],[],null,["# Deploy Cloud Function 2nd gen with Cloud Storage trigger using Terraform\n\nFull terraform config to deploy an event-driven Cloud Function 2nd gen with resources\n\nCode sample\n-----------\n\n### Terraform\n\n\nTo learn how to apply or remove a Terraform configuration, see\n[Basic Terraform commands](/docs/terraform/basic-commands).\n\n\nFor more information, see the\n[Terraform provider reference documentation](https://registry.terraform.io/providers/hashicorp/google/latest/docs).\n\n\n terraform {\n required_providers {\n google = {\n source = \"hashicorp/google\"\n version = \"\u003e= 4.34.0\"\n }\n }\n }\n\n resource \"random_id\" \"bucket_prefix\" {\n byte_length = 8\n }\n\n resource \"google_storage_bucket\" \"source_bucket\" {\n name = \"${random_id.bucket_prefix.hex}-gcf-source-bucket\"\n location = \"US\"\n uniform_bucket_level_access = true\n }\n\n data \"archive_file\" \"default\" {\n type = \"zip\"\n output_path = \"/tmp/function-source.zip\"\n source_dir = \"function-source/\"\n }\n\n resource \"google_storage_bucket_object\" \"default\" {\n name = \"function-source.zip\"\n bucket = google_storage_bucket.source_bucket.name\n source = data.archive_file.default.output_path # Path to the zipped function source code\n }\n\n resource \"google_storage_bucket\" \"trigger_bucket\" {\n name = \"${random_id.bucket_prefix.hex}-gcf-trigger-bucket\"\n location = \"us-central1\" # The trigger must be in the same location as the bucket\n uniform_bucket_level_access = true\n }\n\n data \"google_storage_project_service_account\" \"default\" {\n }\n\n # To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n # (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n data \"google_project\" \"project\" {\n }\n\n resource \"google_project_iam_member\" \"gcs_pubsub_publishing\" {\n project = data.google_project.project.project_id\n role = \"roles/pubsub.publisher\"\n member = \"serviceAccount:${data.google_storage_project_service_account.default.email_address}\"\n }\n\n resource \"google_service_account\" \"account\" {\n account_id = \"gcf-sa\"\n display_name = \"Test Service Account - used for both the cloud function and eventarc trigger in the test\"\n }\n\n # Permissions on the service account used by the function and Eventarc trigger\n resource \"google_project_iam_member\" \"invoking\" {\n project = data.google_project.project.project_id\n role = \"roles/run.invoker\"\n member = \"serviceAccount:${google_service_account.account.email}\"\n depends_on = [google_project_iam_member.gcs_pubsub_publishing]\n }\n\n resource \"google_project_iam_member\" \"event_receiving\" {\n project = data.google_project.project.project_id\n role = \"roles/eventarc.eventReceiver\"\n member = \"serviceAccount:${google_service_account.account.email}\"\n depends_on = [google_project_iam_member.invoking]\n }\n\n resource \"google_project_iam_member\" \"artifactregistry_reader\" {\n project = data.google_project.project.project_id\n role = \"roles/artifactregistry.reader\"\n member = \"serviceAccount:${google_service_account.account.email}\"\n depends_on = [google_project_iam_member.event_receiving]\n }\n\n resource \"google_cloudfunctions2_function\" \"default\" {\n depends_on = [\n google_project_iam_member.event_receiving,\n google_project_iam_member.artifactregistry_reader,\n ]\n name = \"function\"\n location = \"us-central1\"\n description = \"a new function\"\n\n build_config {\n runtime = \"nodejs22\"\n entry_point = \"entryPoint\" # Set the entry point in the code\n environment_variables = {\n BUILD_CONFIG_TEST = \"build_test\"\n }\n source {\n storage_source {\n bucket = google_storage_bucket.source_bucket.name\n object = google_storage_bucket_object.default.name\n }\n }\n }\n\n service_config {\n max_instance_count = 3\n min_instance_count = 1\n available_memory = \"256M\"\n timeout_seconds = 60\n environment_variables = {\n SERVICE_CONFIG_TEST = \"config_test\"\n }\n ingress_settings = \"ALLOW_INTERNAL_ONLY\"\n all_traffic_on_latest_revision = true\n service_account_email = google_service_account.account.email\n }\n\n event_trigger {\n trigger_region = \"us-central1\" # The trigger must be in the same location as the bucket\n event_type = \"google.cloud.storage.object.v1.finalized\"\n retry_policy = \"RETRY_POLICY_RETRY\"\n service_account_email = google_service_account.account.email\n event_filters {\n attribute = \"bucket\"\n value = google_storage_bucket.trigger_bucket.name\n }\n }\n }\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=functions)."]]
