Implantar o Cloud Functions (2ª geração) com o gatilho do Cloud Storage usando o Terraform
Mantenha tudo organizado com as coleções
Salve e categorize o conteúdo com base nas suas preferências.
Configuração completa do Terraform para implantar uma Função do Cloud orientada a eventos de segunda geração com recursos
Exemplo de código
Exceto em caso de indicação contrária, o conteúdo desta página é licenciado de acordo com a Licença de atribuição 4.0 do Creative Commons, e as amostras de código são licenciadas de acordo com a Licença Apache 2.0. Para mais detalhes, consulte as políticas do site do Google Developers. Java é uma marca registrada da Oracle e/ou afiliadas.
[[["Fácil de entender","easyToUnderstand","thumb-up"],["Meu problema foi resolvido","solvedMyProblem","thumb-up"],["Outro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Informações incorretas ou exemplo de código","incorrectInformationOrSampleCode","thumb-down"],["Não contém as informações/amostras de que eu preciso","missingTheInformationSamplesINeed","thumb-down"],["Problema na tradução","translationIssue","thumb-down"],["Outro","otherDown","thumb-down"]],[],[[["\u003cp\u003eThis Terraform configuration deploys an event-driven Cloud Function (2nd gen) that responds to finalized object events in a specified Google Cloud Storage bucket.\u003c/p\u003e\n"],["\u003cp\u003eThe configuration creates two Google Cloud Storage buckets: one to store the function's source code and another to act as the event trigger for the function.\u003c/p\u003e\n"],["\u003cp\u003eThe Terraform setup includes the creation of a service account for the function and event trigger, with necessary IAM roles for invoking the function, receiving events, and accessing Artifact Registry.\u003c/p\u003e\n"],["\u003cp\u003eThe Cloud Function's build and service configurations are defined, specifying runtime, memory, timeout, environment variables, and ingress settings, along with the connection to the source code.\u003c/p\u003e\n"],["\u003cp\u003eThe configuration ensures the Google Cloud Storage service account has the necessary Pub/Sub Publisher role to enable CloudEvent triggers, alongside the creation of the appropriate event trigger.\u003c/p\u003e\n"]]],[],null,["# Deploy Cloud Function 2nd gen with Cloud Storage trigger using Terraform\n\nFull terraform config to deploy an event-driven Cloud Function 2nd gen with resources\n\nCode sample\n-----------\n\n### Terraform\n\n\nTo learn how to apply or remove a Terraform configuration, see\n[Basic Terraform commands](/docs/terraform/basic-commands).\n\n\nFor more information, see the\n[Terraform provider reference documentation](https://registry.terraform.io/providers/hashicorp/google/latest/docs).\n\n\n terraform {\n required_providers {\n google = {\n source = \"hashicorp/google\"\n version = \"\u003e= 4.34.0\"\n }\n }\n }\n\n resource \"random_id\" \"bucket_prefix\" {\n byte_length = 8\n }\n\n resource \"google_storage_bucket\" \"source_bucket\" {\n name = \"${random_id.bucket_prefix.hex}-gcf-source-bucket\"\n location = \"US\"\n uniform_bucket_level_access = true\n }\n\n data \"archive_file\" \"default\" {\n type = \"zip\"\n output_path = \"/tmp/function-source.zip\"\n source_dir = \"function-source/\"\n }\n\n resource \"google_storage_bucket_object\" \"default\" {\n name = \"function-source.zip\"\n bucket = google_storage_bucket.source_bucket.name\n source = data.archive_file.default.output_path # Path to the zipped function source code\n }\n\n resource \"google_storage_bucket\" \"trigger_bucket\" {\n name = \"${random_id.bucket_prefix.hex}-gcf-trigger-bucket\"\n location = \"us-central1\" # The trigger must be in the same location as the bucket\n uniform_bucket_level_access = true\n }\n\n data \"google_storage_project_service_account\" \"default\" {\n }\n\n # To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n # (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n data \"google_project\" \"project\" {\n }\n\n resource \"google_project_iam_member\" \"gcs_pubsub_publishing\" {\n project = data.google_project.project.project_id\n role = \"roles/pubsub.publisher\"\n member = \"serviceAccount:${data.google_storage_project_service_account.default.email_address}\"\n }\n\n resource \"google_service_account\" \"account\" {\n account_id = \"gcf-sa\"\n display_name = \"Test Service Account - used for both the cloud function and eventarc trigger in the test\"\n }\n\n # Permissions on the service account used by the function and Eventarc trigger\n resource \"google_project_iam_member\" \"invoking\" {\n project = data.google_project.project.project_id\n role = \"roles/run.invoker\"\n member = \"serviceAccount:${google_service_account.account.email}\"\n depends_on = [google_project_iam_member.gcs_pubsub_publishing]\n }\n\n resource \"google_project_iam_member\" \"event_receiving\" {\n project = data.google_project.project.project_id\n role = \"roles/eventarc.eventReceiver\"\n member = \"serviceAccount:${google_service_account.account.email}\"\n depends_on = [google_project_iam_member.invoking]\n }\n\n resource \"google_project_iam_member\" \"artifactregistry_reader\" {\n project = data.google_project.project.project_id\n role = \"roles/artifactregistry.reader\"\n member = \"serviceAccount:${google_service_account.account.email}\"\n depends_on = [google_project_iam_member.event_receiving]\n }\n\n resource \"google_cloudfunctions2_function\" \"default\" {\n depends_on = [\n google_project_iam_member.event_receiving,\n google_project_iam_member.artifactregistry_reader,\n ]\n name = \"function\"\n location = \"us-central1\"\n description = \"a new function\"\n\n build_config {\n runtime = \"nodejs22\"\n entry_point = \"entryPoint\" # Set the entry point in the code\n environment_variables = {\n BUILD_CONFIG_TEST = \"build_test\"\n }\n source {\n storage_source {\n bucket = google_storage_bucket.source_bucket.name\n object = google_storage_bucket_object.default.name\n }\n }\n }\n\n service_config {\n max_instance_count = 3\n min_instance_count = 1\n available_memory = \"256M\"\n timeout_seconds = 60\n environment_variables = {\n SERVICE_CONFIG_TEST = \"config_test\"\n }\n ingress_settings = \"ALLOW_INTERNAL_ONLY\"\n all_traffic_on_latest_revision = true\n service_account_email = google_service_account.account.email\n }\n\n event_trigger {\n trigger_region = \"us-central1\" # The trigger must be in the same location as the bucket\n event_type = \"google.cloud.storage.object.v1.finalized\"\n retry_policy = \"RETRY_POLICY_RETRY\"\n service_account_email = google_service_account.account.email\n event_filters {\n attribute = \"bucket\"\n value = google_storage_bucket.trigger_bucket.name\n }\n }\n }\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=functions)."]]
