Allowing public (unauthenticated) access

Use this option if your service is a public API or website.

You can allow unauthenticated invocations to a service by assigning the IAM Cloud Run Invoker role to the allUsers member type, at any time using the console or the gcloud command line:

Console UI

When creating a new service, you can allow unauthenticated invocations by checking the checkbox labelled Allow unauthenticated invocations.

To allow unauthenticated invocations for an existing service:

Go to the Google Cloud Console:
Go to Google Cloud Console
Select the service you want to make public.
Click Show Info Panel in the top right corner to show the Permissions tab.
In the Add members field, allUsers
Select the Cloud Run Invoker role from the Select a role drop-down menu.
Click Add.

GCloud

When creating a new service with gcloud run deploy, you are prompted to "Allow unauthenticated access".

Alternatively, when you use the gcloud run deploy command, you can specify explicitly whether or not to make your service publicly accessible:

gcloud run deploy SERVICE_NAME ... --allow-unauthenticated

To allow unauthenticated invocations for an existing service, grant the special allUsers member type the roles/run.invoker role on the service:

  gcloud run services add-iam-policy-binding SERVICE_NAME \
    --member="allUsers" \
    --role="roles/run.invoker"

Var denne side nyttig? Giv os en anmeldelse af den:

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Sidst opdateret december 4, 2019.

Allowing public (unauthenticated) access

Console UI

GCloud

Send feedback om...