Contact UsGet started

Making a function public

Written by
Updated at May 5, 2025

To allow any user to invoke a function without passing an authorization header, make it public.

  1. In the management console, select the folder containing the function.
  2. Select Cloud Functions.
  3. Select the function you want to make public.
  4. On the Overview page, enable Public function.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

To make a function public, run the command:

yc serverless function allow-unauthenticated-invoke <function_name>

Result:

done (1s)

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the documentation on the Terraform website or mirror website.

If you do not have Terraform yet, install it and configure its Yandex Cloud provider.

To make a function public:

  1. Describe the properties of the function access rights in a configuration file:

    resource "yandex_function_iam_binding" "function-iam" {
  function_id = "<function_ID>"
  role        = "functions.functionInvoker"
  members = [
    "system:allUsers",
  ]
}

    Where:

    • function_id: Function ID. To find out the function ID, get a list of functions in the folder.

    • role: Role to assign.

    • members: List of users to assign the role to.

      To make a function public, assign the functions.functionInvoker role to all unauthorized users (All users public group).

    For more information about the yandex_function_iam_binding resource parameters, see the provider documentation.

  2. Check the configuration using this command:

    terraform validate

    If the configuration is correct, you will get this message:

    Success! The configuration is valid.

  3. Run this command:

    terraform plan

    The terminal will display a list of resources with parameters. No changes will be made at this step. If the configuration contains any errors, Terraform will point them out.

  4. Apply the configuration changes:

    terraform apply

  5. Confirm the changes: type yes into the terminal and press Enter.

    You can check the assignment of the function role using the management console or this CLI command:

    yc serverless function list-access-bindings <function_name>

To make a function public, use the setAccessBindings REST API method for the Function resource or the FunctionService/SetAccessBindings gRPC API call.

Previous
Configuring metadata service parameters
Next
Making a function private