» google_cloud_run_service

Note: Cloud Run as a product is in beta, however the REST API is currently still an alpha. Please use this with caution as it may change when the API moves to beta.

Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets).

The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own.

See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service

To get more information about Service, see:

» Example Usage - Cloud Run Service Basic

resource "google_cloud_run_service" "default" {
  name     = "tftest-cloudrun"
  location = "us-central1"
  provider = "google-beta"

  metadata {
    namespace = "my-project-name"
  }

  spec {
    containers {
      image = "gcr.io/cloudrun/hello"
    }
  }
}

# The Service is ready to be used when the "Ready" condition is True
# Due to Terraform and API limitations this is best accessed through a local variable
locals {
  cloud_run_status = {
    for cond in google_cloud_run_service.default.status[0].conditions :
    cond.type => cond.status
  }
}

output "isReady" {
  value = local.cloud_run_status["Ready"] == "True"
}

» Argument Reference

The following arguments are supported:

  • name - (Required) Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names

  • spec - (Required) RevisionSpec holds the desired state of the Revision (from the client). Structure is documented below.

  • metadata - (Required) Metadata associated with this Service, including name, namespace, labels, and annotations. Structure is documented below.

  • location - (Required) The location of the cloud run instance. eg us-central1

The spec block supports:

  • containers - (Required) Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md Structure is documented below.

  • container_concurrency - (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Values are:

    • 0 thread-safe, the system should manage the max concurrency. This is the default value.
    • 1 not-thread-safe. Single concurrency
    • 2-N thread-safe, max concurrency of N
  • serving_state - ServingState holds a value describing the state the resources are in for this Revision. It is expected that the system will manipulate this based on routability and load.

The containers block supports:

  • working_dir - (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.

  • args - (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

  • env_from - (Optional) List of sources to populate environment variables in the container. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Structure is documented below.

  • image - (Required) Docker image name. This is most often a reference to a container located in the container registry, such as gcr.io/cloudrun/hello More info: https://kubernetes.io/docs/concepts/containers/images

  • command - (Optional) Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

  • env - (Optional) List of environment variables to set in the container. Structure is documented below.

  • resources - (Optional) Compute Resources required by this container. Used to set values such as max memory More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources Structure is documented below.

The env_from block supports:

  • prefix - (Optional) An optional identifier to prepend to each key in the ConfigMap.

  • config_map_ref - (Optional) The ConfigMap to select from Structure is documented below.

  • secret_ref - (Optional) The Secret to select from Structure is documented below.

The config_map_ref block supports:

  • optional - (Optional) Specify whether the ConfigMap must be defined

  • local_object_reference - (Optional) The ConfigMap to select from. Structure is documented below.

The local_object_reference block supports:

The secret_ref block supports:

  • local_object_reference - (Optional) The Secret to select from. Structure is documented below.

  • optional - (Optional) Specify whether the Secret must be defined

The local_object_reference block supports:

The env block supports:

  • name - (Optional) Name of the environment variable.

  • value - (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

The resources block supports:

The metadata block supports:


  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

» Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • status - The current status of the Service. Structure is documented below.

The status block contains:

  • conditions - Array of observed Service Conditions, indicating the current ready state of the service. Structure is documented below.

  • url - From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app

  • observed_generation - ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False.

  • latest_created_revision_name - From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName.

  • latest_ready_revision_name - From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True".

The conditions block contains:

  • message - Human readable message indicating details about the current status.

  • status - Status of the condition, one of True, False, Unknown.

  • reason - One-word CamelCase reason for the condition's current status.

  • type - Type of domain mapping condition.

» Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 4 minutes.
  • update - Default is 4 minutes.
  • delete - Default is 4 minutes.

» Import

Service can be imported using any of these accepted formats:

$ terraform import -provider=google-beta google_cloud_run_service.default projects/{{project}}/locations/{{location}}/services/{{name}}
$ terraform import -provider=google-beta google_cloud_run_service.default {{project}}/{{location}}/{{name}}
$ terraform import -provider=google-beta google_cloud_run_service.default {{location}}/{{name}}

» User Project Overrides

This resource supports User Project Overrides.