Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Configuring metadata service parameters for a function

Written by
Updated at July 29, 2025

You can configure metadata service parameters when creating a function version.

Available options:

  • awsV1HttpEndpoint: Provides access to metadata using the AWS format (IMDSv1). It can be either enabled or disabled. If set to disabled, the metadata request will fail with error 404 Not Found. The default value is enabled.

    Note

    The awsV1HttpEndpoint parameter is enabled by default, but we recommend disabling it. The IMDSv1 format comes with a number of security vulnerabilities. Its most severe flaw is the high risk of attacks, such as SSRF. For more information, see the AWS official blog.

  • gceHttpEndpoint: Provides access to metadata using the Google Compute Engine format. It can be either enabled or disabled. If set to disabled, the metadata request will fail with error 404 Not Found. The default value is enabled.

  1. In the management console, select the folder containing the function.
  2. Select Cloud Functions.
  3. Select a function.
  4. Navigate to the Editor tab.
  5. Expand the Additional settings section.
  6. Under Metadata service parameters, configure the parameters of the function metadata service: Access metadata using the Google Compute Engine format and Access metadata using the AWS format (IMDSv1).
  7. Click Save changes.

To configure metadata service parameters for a function, run this command:

yc serverless function version create \
  --function-id=<function_ID> \
  --runtime <runtime_environment> \
  --entrypoint <entry_point> \
  --source-version-id <version_ID> \
  --metadata-options <option>=<enabled_or_disabled>

Where:

  • --function-id: ID of the function a new version of which you want to create. To find out the function ID, get a list of functions in the folder.
  • --runtime: Runtime environment.
  • entrypoint: Entry point in <function_file_name>.<handler_name> format.
  • --source-version-id: ID of the function version from which you want to copy the code. To find out the ID, get a list of function versions.
  • --metadata-options: Settings for the metadata service parameters, e.g., aws-v1-http-endpoint=disabled.

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the relevant documentation on the Terraform website or its mirror.

If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

To configure metadata service parameters for a function:

  1. Open the Terraform configuration file and add the metadata_options section to the function description:

    resource "yandex_function" "metadata_function" {
  name               = "<function_name>"
  user_hash          = "<function_hash>"
  runtime            = "<runtime_environment>"
  entrypoint         = "<entry_point>"
  memory             = "<RAM_size>"
  execution_timeout  = "<execution_timeout>"
  service_account_id = "<service_account_ID>"
  content {
    zip_filename = "<path_to_ZIP_archive>"
  }

  metadata_options {
    metadata_options.0.gce_http_endpoint = "0_or_1_or_2"
    metadata_options.0.aws_v1_http_endpoint = "0_or_1_or_2"
  }
}

    Where:

    • metadata_options: Settings for the metadata service parameters, e.g., metadata_options.0.gce_http_endpoint = "1". Specify the following:
      • 0 if you want to keep the default value.
      • 1 to enable the parameter.
      • 2 to disable the parameter.

    For more information about the yandex_function resource parameters, see this Terraform article.

  2. Apply the changes:

    1. In the terminal, go to the directory where you edited the configuration file.

    2. Make sure the configuration file is correct using this command:

      terraform validate

      If the configuration is correct, you will get this message:

      Success! The configuration is valid.

    3. Run this command:

      terraform plan

      You will see a detailed list of resources. No changes will be made at this step. If the configuration contains any errors, Terraform will show them.

    4. Apply the changes:

      terraform apply

    5. Type yes and press Enter to confirm the changes.

You can check the function update and its new configuration using the management console or this CLI command:

yc serverless function version get <function_version_ID>

To create a function version, use the createVersion REST API method for the Function resource or the FunctionService/CreateVersion gRPC API call.

Previous
Getting function version info
Next
Making a function public