googleCloudRunV2Service
Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership.
To get more information about Service, see:
- API documentation
- How-to Guides
- Official Documentation
Example Usage - Cloudrunv2 Service Basic
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.cloudRunV2Service.CloudRunV2Service(this, "default", {
ingress: "INGRESS_TRAFFIC_ALL",
location: "us-central1",
name: "cloudrun-service",
template: [
{
containers: [
{
image: "us-docker.pkg.dev/cloudrun/container/hello",
},
],
},
],
});
Example Usage - Cloudrunv2 Service Sql
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleSecretManagerSecretSecret =
new google.secretManagerSecret.SecretManagerSecret(this, "secret", {
replication: [
{
automatic: true,
},
],
secret_id: "secret-1",
});
const googleSecretManagerSecretVersionSecretVersionData =
new google.secretManagerSecretVersion.SecretManagerSecretVersion(
this,
"secret-version-data",
{
secret: googleSecretManagerSecretSecret.name,
secret_data: "secret-data",
}
);
const googleSqlDatabaseInstanceInstance =
new google.sqlDatabaseInstance.SqlDatabaseInstance(this, "instance", {
database_version: "MYSQL_5_7",
deletion_protection: "true",
name: "cloudrun-sql",
region: "us-central1",
settings: [
{
tier: "db-f1-micro",
},
],
});
const dataGoogleProjectProject = new google.dataGoogleProject.DataGoogleProject(
this,
"project",
{}
);
new google.cloudRunV2Service.CloudRunV2Service(this, "default", {
depends_on: [`\${${googleSecretManagerSecretVersionSecretVersionData.fqn}}`],
ingress: "INGRESS_TRAFFIC_ALL",
location: "us-central1",
name: "cloudrun-service",
template: [
{
containers: [
{
env: [
{
name: "FOO",
value: "bar",
},
{
name: "SECRET_ENV_VAR",
value_source: [
{
secret_key_ref: [
{
secret: googleSecretManagerSecretSecret.secretId,
version: "1",
},
],
},
],
},
],
image: "us-docker.pkg.dev/cloudrun/container/hello",
volume_mounts: [
{
mount_path: "/cloudsql",
name: "cloudsql",
},
],
},
],
scaling: [
{
max_instance_count: 2,
},
],
volumes: [
{
cloud_sql_instance: [
{
instances: [googleSqlDatabaseInstanceInstance.connectionName],
},
],
name: "cloudsql",
},
],
},
],
traffic: [
{
percent: 100,
type: "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST",
},
],
});
new google.secretManagerSecretIamMember.SecretManagerSecretIamMember(
this,
"secret-access",
{
depends_on: [`\${${googleSecretManagerSecretSecret.fqn}}`],
member: `serviceAccount:\${${dataGoogleProjectProject.number}}-compute@developer.gserviceaccount.com`,
role: "roles/secretmanager.secretAccessor",
secret_id: googleSecretManagerSecretSecret.id,
}
);
Example Usage - Cloudrunv2 Service Vpcaccess
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleComputeNetworkCustomTest = new google.computeNetwork.ComputeNetwork(
this,
"custom_test",
{
auto_create_subnetworks: false,
name: "run-network",
}
);
const googleComputeSubnetworkCustomTest =
new google.computeSubnetwork.ComputeSubnetwork(this, "custom_test_1", {
ip_cidr_range: "10.2.0.0/28",
name: "run-subnetwork",
network: googleComputeNetworkCustomTest.id,
region: "us-central1",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
googleComputeSubnetworkCustomTest.overrideLogicalId("custom_test");
const googleVpcAccessConnectorConnector =
new google.vpcAccessConnector.VpcAccessConnector(this, "connector", {
machine_type: "e2-standard-4",
max_instances: 3,
min_instances: 2,
name: "run-vpc",
region: "us-central1",
subnet: [
{
name: googleComputeSubnetworkCustomTest.name,
},
],
});
new google.cloudRunV2Service.CloudRunV2Service(this, "default", {
location: "us-central1",
name: "cloudrun-service",
template: [
{
containers: [
{
image: "us-docker.pkg.dev/cloudrun/container/hello",
},
],
vpc_access: [
{
connector: googleVpcAccessConnectorConnector.id,
egress: "ALL_TRAFFIC",
},
],
},
],
});
Example Usage - Cloudrunv2 Service Probes
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.cloudRunV2Service.CloudRunV2Service(this, "default", {
location: "us-central1",
name: "cloudrun-service",
template: [
{
containers: [
{
image: "us-docker.pkg.dev/cloudrun/container/hello",
liveness_probe: [
{
http_get: [
{
path: "/",
},
],
},
],
startup_probe: [
{
failure_threshold: 1,
initial_delay_seconds: 0,
period_seconds: 3,
tcp_socket: [
{
port: 8080,
},
],
timeout_seconds: 1,
},
],
},
],
},
],
});
Example Usage - Cloudrunv2 Service Secret
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleSecretManagerSecretSecret =
new google.secretManagerSecret.SecretManagerSecret(this, "secret", {
replication: [
{
automatic: true,
},
],
secret_id: "secret-1",
});
const googleSecretManagerSecretVersionSecretVersionData =
new google.secretManagerSecretVersion.SecretManagerSecretVersion(
this,
"secret-version-data",
{
secret: googleSecretManagerSecretSecret.name,
secret_data: "secret-data",
}
);
const dataGoogleProjectProject = new google.dataGoogleProject.DataGoogleProject(
this,
"project",
{}
);
new google.cloudRunV2Service.CloudRunV2Service(this, "default", {
depends_on: [`\${${googleSecretManagerSecretVersionSecretVersionData.fqn}}`],
ingress: "INGRESS_TRAFFIC_ALL",
location: "us-central1",
name: "cloudrun-service",
template: [
{
containers: [
{
image: "us-docker.pkg.dev/cloudrun/container/hello",
volume_mounts: [
{
mount_path: "/secrets",
name: "a-volume",
},
],
},
],
volumes: [
{
name: "a-volume",
secret: [
{
default_mode: 292,
items: [
{
mode: 256,
path: "my-secret",
version: "1",
},
],
secret: googleSecretManagerSecretSecret.secretId,
},
],
},
],
},
],
});
new google.secretManagerSecretIamMember.SecretManagerSecretIamMember(
this,
"secret-access",
{
depends_on: [`\${${googleSecretManagerSecretSecret.fqn}}`],
member: `serviceAccount:\${${dataGoogleProjectProject.number}}-compute@developer.gserviceaccount.com`,
role: "roles/secretmanager.secretAccessor",
secret_id: googleSecretManagerSecretSecret.id,
}
);
Argument Reference
The following arguments are supported:
-
name- (Required) Name of the Service. -
template- (Required) The template used to create revisions for this Service. Structure is documented below.
-
revision- (Optional) The unique name for the revision. If this field is omitted, it will be automatically generated based on the Service name. -
labels- (Optional) KRM-style labels for the resource. -
annotations- (Optional) KRM-style annotations for the resource. -
scaling- (Optional) Scaling settings for this Revision. Structure is documented below. -
vpcAccess- (Optional) VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc. Structure is documented below. -
timeout- (Optional) Max allowed time for an instance to respond to a request. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". -
serviceAccount- (Optional) Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. -
containers- (Optional) Holds the single container that defines the unit of execution for this task. Structure is documented below. -
volumes- (Optional) A list of Volumes to make available to containers. Structure is documented below. -
executionEnvironment- (Optional) The sandbox environment to host this Revision. Possible values areexecutionEnvironmentGen1andexecutionEnvironmentGen2. -
encryptionKey- (Optional) A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek -
maxInstanceRequestConcurrency- (Optional) Sets the maximum number of requests that each serving instance can receive.
-
minInstanceCount- (Optional) Minimum number of serving instances that this resource should have. -
maxInstanceCount- (Optional) Maximum number of serving instances that this resource should have.
-
connector- (Optional) VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number. -
egress- (Optional) Traffic VPC egress settings. Possible values areallTrafficandprivateRangesOnly.
The containers block supports:
-
name- (Optional) Name of the container specified as a DNS_LABEL. -
image- (Required) URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images -
command- (Optional) Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -
args- (Optional) Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell -
env- (Optional) List of environment variables to set in the container. Structure is documented below. -
resources- (Optional) Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources Structure is documented below. -
ports- (Optional) List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible. If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on Structure is documented below. -
volumeMounts- (Optional) Volume to mount into the container's filesystem. Structure is documented below. -
workingDir- (Optional) Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. -
livenessProbe- (Optional) Periodic probe of container liveness. Container will be restarted if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes Structure is documented below. -
startupProbe- (Optional) Startup probe of application within the container. All other probes are disabled if a startup probe is provided, until it succeeds. Container will not be added to service endpoints if the probe fails. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes Structure is documented below.
-
name- (Required) Name of the environment variable. Must be a C_IDENTIFIER, and mnay not exceed 32768 characters. -
value- (Optional) Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "", and the maximum length is 32768 bytes -
valueSource- (Optional) Source for the environment variable's value. Structure is documented below.
The valueSource block supports:
secretKeyRef- (Optional) Selects a secret and a specific version from Cloud Secret Manager. Structure is documented below.
The secretKeyRef block supports:
-
secret- (Required) The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project. -
version- (Optional) The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version.
-
limits- (Optional) Only memory and CPU are supported. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go -
cpuIdle- (Optional) Determines whether CPU should be throttled or not outside of requests.
-
name- (Optional) If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c". -
containerPort- (Optional) Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536.
The volumeMounts block supports:
-
name- (Required) This must match the Name of a Volume. -
mountPath- (Required) Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run
The livenessProbe block supports:
-
initialDelaySeconds- (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -
timeoutSeconds- (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -
periodSeconds- (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds -
failureThreshold- (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. -
httpGet- (Optional) HTTPGet specifies the http request to perform. Structure is documented below. -
tcpSocket- (Optional, Deprecated) TCPSocket specifies an action involving a TCP port. This field is not supported in liveness probe currently. Structure is documented below. -
grpc- (Optional) GRPC specifies an action involving a GRPC port. Structure is documented below.
-
path- (Optional) Path to access on the HTTP server. Defaults to '/'. -
httpHeaders- (Optional) Custom headers to set in the request. HTTP allows repeated headers. Structure is documented below.
The httpHeaders block supports:
-
name- (Required) The header field name -
value- (Optional) The header field value
port- (Optional) Port number to access on the container. Must be in the range 1 to 65535. If not specified, defaults to 8080.
-
port- (Optional) Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. -
service- (Optional) The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
The startupProbe block supports:
-
initialDelaySeconds- (Optional) Number of seconds after the container has started before the probe is initiated. Defaults to 0 seconds. Minimum value is 0. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -
timeoutSeconds- (Optional) Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Maximum value is 3600. Must be smaller than periodSeconds. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -
periodSeconds- (Optional) How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Maximum value for liveness probe is 3600. Maximum value for startup probe is 240. Must be greater or equal than timeoutSeconds -
failureThreshold- (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. -
httpGet- (Optional) HTTPGet specifies the http request to perform. Exactly one of HTTPGet or TCPSocket must be specified. Structure is documented below. -
tcpSocket- (Optional) TCPSocket specifies an action involving a TCP port. Exactly one of HTTPGet or TCPSocket must be specified. Structure is documented below. -
grpc- (Optional) GRPC specifies an action involving a GRPC port. Structure is documented below.
-
path- (Optional) Path to access on the HTTP server. Defaults to '/'. -
httpHeaders- (Optional) Custom headers to set in the request. HTTP allows repeated headers. Structure is documented below.
The httpHeaders block supports:
-
name- (Required) The header field name -
value- (Optional) The header field value
port- (Optional) Port number to access on the container. Must be in the range 1 to 65535. If not specified, defaults to 8080.
-
port- (Optional) Port number to access on the container. Number must be in the range 1 to 65535. If not specified, defaults to the same value as container.ports[0].containerPort. -
service- (Optional) The name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
-
name- (Required) Volume's name. -
secret- (Optional) Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret Structure is documented below. -
cloudSqlInstance- (Optional) For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Structure is documented below.
-
secret- (Required) The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project. -
defaultMode- (Optional) Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting. -
items- (Optional) If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version. Structure is documented below.
-
path- (Required) The relative path of the secret in the container. -
version- (Optional) The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version -
mode- (Required) Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used.
The cloudSqlInstance block supports:
instances- (Optional) The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance}
-
description- (Optional) User-provided description of the Service. This field currently has a 512-character limit. -
labels- (Optional) Map of string keys and values that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels Cloud Run will populate some labels with 'run.googleapis.com' or 'serving.knative.dev' namespaces. Those labels are read-only, and user changes will not be preserved. -
annotations- (Optional) Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. Cloud Run will populate some annotations using 'run.googleapis.com' or 'serving.knative.dev' namespaces. This field follows Kubernetes annotations' namespacing, limits, and rules. More info: https://kubernetes.io/docs/user-guide/annotations -
client- (Optional) Arbitrary identifier for the API client. -
clientVersion- (Optional) Arbitrary version identifier for the API client. -
ingress- (Optional) Provides the ingress settings for this Service. On output, returns the currently observed ingress settings, or INGRESS_TRAFFIC_UNSPECIFIED if no revision is active. Possible values areingressTrafficAll,ingressTrafficInternalOnly, andingressTrafficInternalLoadBalancer. -
launchStage- (Optional) The launch stage as defined by Google Cloud Platform Launch Stages. Cloud Run supports ALPHA, BETA, and GA. If no value is specified, GA is assumed. Possible values areunimplemented,prelaunch,earlyAccess,alpha,beta,ga, anddeprecated. -
binaryAuthorization- (Optional) Settings for the Binary Authorization feature. Structure is documented below. -
traffic- (Optional) Specifies how to distribute traffic over a collection of Revisions belonging to the Service. If traffic is empty or not provided, defaults to 100% traffic to the latest Ready Revision. Structure is documented below. -
location- (Optional) The location of the cloud run service -
project- (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
The binaryAuthorization block supports:
-
breakglassJustification- (Optional) If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass -
useDefault- (Optional) If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
-
type- (Optional) The allocation type for this traffic target. Possible values aretrafficTargetAllocationTypeLatestandtrafficTargetAllocationTypeRevision. -
revision- (Optional) Revision to which to send this portion of traffic, if traffic allocation is by revision. -
percent- (Optional) Specifies percent of the traffic to this Revision. This defaults to zero if unspecified. -
tag- (Optional) Indicates a string to be part of the URI to exclusively reference this target.
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
id- an identifier for the resource with formatprojects/{{project}}/locations/{{location}}/services/{{name}} -
uid- Server assigned unique identifier for the trigger. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted. -
generation- A number that monotonically increases every time the user modifies the desired state. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. -
observedGeneration- The generation of this Service currently serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. Please note that unlike v1, this is an int64 value. As with most Google APIs, its JSON representation will be a string instead of an integer. -
terminalCondition- The Condition of this Service, containing its readiness status, and detailed error information in case it did not reach a serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. Structure is documented below. -
conditions- The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Service does not reach its Serving state. See comments in reconciling for additional information on reconciliation process in Cloud Run. Structure is documented below. -
latestReadyRevision- Name of the latest revision that is serving traffic. See comments in reconciling for additional information on reconciliation process in Cloud Run. -
latestCreatedRevision- Name of the last created revision. See comments in reconciling for additional information on reconciliation process in Cloud Run. -
trafficStatuses- Detailed status information for corresponding traffic targets. See comments in reconciling for additional information on reconciliation process in Cloud Run. Structure is documented below. -
uri- The main URI in which this Service is serving traffic. -
reconciling- Returns true if the Service is currently being acted upon by the system to bring it into the desired state. When a new Service is created, or an existing one is updated, Cloud Run will asynchronously perform all necessary steps to bring the Service to the desired serving state. This process is called reconciliation. While reconciliation is in process, observedGeneration, latest_ready_revison, trafficStatuses, and uri will have transient values that might mismatch the intended state: Once reconciliation is over (and this field is false), there are two possible outcomes: reconciliation succeeded and the serving state matches the Service, or there was an error, and reconciliation failed. This state can be found in terminalCondition.state. If reconciliation succeeded, the following fields will match: traffic and trafficStatuses, observedGeneration and generation, latestReadyRevision and latestCreatedRevision. If reconciliation failed, trafficStatuses, observedGeneration, and latestReadyRevision will have the state of the last serving revision, or empty for newly created Services. Additional information on the failure can be found in terminalCondition and conditions. -
etag- A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates.
The terminalCondition block contains:
-
type- (Output) type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. -
state- (Output) State of the condition. -
message- (Output) Human readable message indicating details about the current status. -
lastTransitionTime- (Output) Last time the condition transitioned from one status to another. -
severity- (Output) How to interpret failures of this condition, one of Error, Warning, Info -
reason- (Output) A common (service-level) reason for this condition. -
revisionReason- (Output) A reason for the revision condition. -
executionReason- (Output) A reason for the execution condition.
The conditions block contains:
-
type- (Output) type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready. -
state- (Output) State of the condition. -
message- (Output) Human readable message indicating details about the current status. -
lastTransitionTime- (Output) Last time the condition transitioned from one status to another. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". -
severity- (Output) How to interpret failures of this condition, one of Error, Warning, Info -
reason- (Output) A common (service-level) reason for this condition. -
revisionReason- (Output) A reason for the revision condition. -
executionReason- (Output) A reason for the execution condition.
The trafficStatuses block contains:
-
type- (Output) The allocation type for this traffic target. -
revision- (Output) Revision to which this traffic is sent. -
percent- (Output) Specifies percent of the traffic to this Revision. -
tag- (Output) Indicates the string used in the URI to exclusively reference this target. -
uri- (Output) Displays the target URI.
Timeouts
This resource provides the following Timeouts configuration options:
create- Default is 20 minutes.update- Default is 20 minutes.delete- Default is 20 minutes.
Import
Service can be imported using any of these accepted formats:
$ terraform import google_cloud_run_v2_service.default projects/{{project}}/locations/{{location}}/services/{{name}}
$ terraform import google_cloud_run_v2_service.default {{project}}/{{location}}/{{name}}
$ terraform import google_cloud_run_v2_service.default {{location}}/{{name}}
User Project Overrides
This resource supports User Project Overrides.