This modules makes it easy to set up a scheduled job to trigger events/run functions.
This module is meant for use with Terraform 0.13+ and tested using Terraform 1.0+. If you find incompatibilities using Terraform >=0.13, please open an issue. If you haven't upgraded and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.12.x is v1.6.0.
You can go to the examples folder, however the usage of the module could be like this in your own main.tf file:
module "scheduled-function" {
source = "terraform-google-modules/scheduled-function/google"
version = "0.1.0"
project_id = "<PROJECT ID>"
job_name="<NAME_OF_JOB>"
job_schedule="<CRON_SYNTAX_SCHEDULE>"
function_entry_point="<NAME_OF_FUNCTION>"
function_source_directory="<DIRECTORY_OF_FUNCTION_SOURCE>"
function_name="<RESOURCE_NAMES>"
region="<REGION>"
}
Then perform the following commands on the root folder:
terraform init
to get the pluginsterraform plan
to see the infrastructure planterraform apply
to apply the infrastructure buildterraform destroy
to destroy the built infrastructure
Name | Description | Type | Default | Required |
---|---|---|---|---|
bucket_force_destroy | When deleting the GCS bucket containing the cloud function, delete all objects in the bucket first. | bool |
true |
no |
bucket_name | The name to apply to the bucket. Will default to a string of -scheduled-function-XXXX> with XXXX being random characters. | string |
"" |
no |
create_bucket | Create bucket (default). Set to false to use existing one |
bool |
true |
no |
files_to_exclude_in_source_dir | Specify files to ignore when reading the source_dir | list(string) |
[] |
no |
function_available_memory_mb | The amount of memory in megabytes allotted for the function to use. | number |
256 |
no |
function_description | The description of the function. | string |
"Processes log export events provided through a Pub/Sub topic subscription." |
no |
function_docker_registry | Docker Registry to use for storing the function's Docker images. Allowed values are CONTAINER_REGISTRY (default) and ARTIFACT_REGISTRY. | string |
null |
no |
function_docker_repository | User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. | string |
null |
no |
function_entry_point | The name of a method in the function source which will be invoked when the function is executed. | string |
n/a | yes |
function_environment_variables | A set of key/value environment variable pairs to assign to the function. | map(string) |
{} |
no |
function_event_trigger_failure_policy_retry | A toggle to determine if the function should be retried on failure. | bool |
false |
no |
function_kms_key_name | Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. | string |
null |
no |
function_labels | A set of key/value label pairs to assign to the function. | map(string) |
{} |
no |
function_max_instances | The maximum number of parallel executions of the function. | number |
null |
no |
function_name | The name to apply to the function | string |
n/a | yes |
function_runtime | The runtime in which the function will be executed. | string |
"nodejs10" |
no |
function_secret_environment_variables | A list of maps which contains key, project_id, secret_name (not the full secret id) and version to assign to the function as a set of secret environment variables. | list(map(string)) |
[] |
no |
function_service_account_email | The service account to run the function as. | string |
"" |
no |
function_source_archive_bucket_labels | A set of key/value label pairs to assign to the function source archive bucket. | map(string) |
{} |
no |
function_source_dependent_files | A list of any terraform created local_file s that the module will wait for before creating the archive. |
list(object({ |
[] |
no |
function_source_directory | The contents of this directory will be archived and used as the function source. | string |
n/a | yes |
function_timeout_s | The amount of time in seconds allotted for the execution of the function. | number |
60 |
no |
grant_token_creator | Specify true if you want to add token creator role to the default Pub/Sub SA | bool |
false |
no |
ingress_settings | The ingress settings for the function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY. Changes to this field will recreate the cloud function. | string |
null |
no |
job_description | Addition text to describe the job | string |
"" |
no |
job_name | The name of the scheduled job to run | string |
null |
no |
job_schedule | The job frequency, in cron syntax | string |
"*/2 * * * *" |
no |
message_data | The data to send in the topic message. | string |
"dGVzdA==" |
no |
project_id | The ID of the project where the resources will be created | string |
n/a | yes |
region | The region in which resources will be applied. | string |
n/a | yes |
scheduler_job | An existing Cloud Scheduler job instance | object({ name = string }) |
null |
no |
time_zone | The timezone to use in scheduler | string |
"Etc/UTC" |
no |
topic_kms_key_name | The resource name of the Cloud KMS CryptoKey to be used to protect access to messages published on this topic. | string |
null |
no |
topic_labels | A set of key/value label pairs to assign to the pubsub topic. | map(string) |
{} |
no |
topic_name | Name of pubsub topic connecting the scheduled job and the function | string |
"test-topic" |
no |
vpc_connector | The VPC Network Connector that this cloud function can connect to. It should be set up as fully-qualified URI. The format of this field is projects//locations//connectors/*. | string |
null |
no |
vpc_connector_egress_settings | The egress settings for the connector, controlling what traffic is diverted through it. Allowed values are ALL_TRAFFIC and PRIVATE_RANGES_ONLY. If unset, this field preserves the previously set value. | string |
null |
no |
Name | Description |
---|---|
name | The name of the job created |
pubsub_topic_name | PubSub topic name |
scheduler_job | The Cloud Scheduler job instance |
These sections describe requirements for using this module.
The following dependencies must be available:
- Terraform >= 0.13.0
- Terraform Provider for GCP plugin v2.14
Note that this module requires App Engine being configured in the specified project/region. This is because Google Cloud Scheduler is dependent on the project being configured with App Engine. Refer to the Google Cloud Scheduler documentation information on the App Engine dependency.
The recommended way to create projects with App Engine enabled is via the Project Factory module. There is an example of how to create the project within that module
A service account with the following roles must be used to provision the resources of this module:
- Storage Admin:
roles/storage.admin
- PubSub Editor:
roles/pubsub.editor
- Cloudscheduler Admin:
roles/cloudscheduler.admin
- Cloudfunctions Developer:
roles/cloudfunctions.developer
- IAM ServiceAccount User:
roles/iam.serviceAccountUser
The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.
A project with the following APIs enabled must be used to host the resources of this module:
- Cloud Scheduler API:
cloudscheduler.googleapis.com
- Cloud PubSub API:
pubsub.googleapis.com
- Cloud Functions API:
cloudfunctions.googleapis.com
- Cloud Build API:
cloudbuild.googleapis.com
- App Engine Admin API:
appengine.googleapis.com
The Project Factory module can be used to provision a project with the necessary APIs enabled.
Refer to the contribution guidelines for information on contributing to this module.