Creating a trigger for Container Registry that invokes Cloud Functions

Written by

Improved by

Updated at May 14, 2026

Getting started
Creating a trigger
Checking the result
See also

Create a trigger for Container Registry that invokes Cloud Functions when you create or delete Container Registry Docker images or Docker image tags.

Getting started

To create a trigger, you will need:

Function the trigger will invoke. If you do not have a function:
- Create a function.
- Create a function version.
Optionally, a dead-letter queue where to redirect the messages the function failed to process. If you do not have a queue, create one.
Service accounts with permissions to invoke the function and, optionally, write to the dead letter queue. You can use the same service account or different ones. If you do not have a service account, create one.

Registry whose Docker image events will fire the trigger. If you do not have a registry, create one.

Creating a trigger

Note

The trigger is initiated within five minutes after it is created.

Management console

CLI

Terraform

API

In the management console, select the folder where you want to create a trigger.
Go to Cloud Functions.
In the left-hand panel, select Triggers.
Click Create trigger.
Under Basic settings:
- Enter a name and description for the trigger.
- In the Type field, select Container Registry.
- In the Launched resource field, select Function.
Under Container Registry settings:
- In the Registry field, select the registry where you want to create a trigger for image events.
- In the Event types field, select events that will set off the trigger.
- Optionally, in the Docker image name field, enter the image name for filtering. To find out the Docker image name, get the list of Docker images in the registry.
- Optionally, in the Docker image tag field, enter the image tag for filtering.
Under Batch message settings, specify:
- Waiting time, s. The values may range from 1 to 60 seconds. The default value is 1 second.
- Batch size. The values may range from 1 to 100. The default value is 1.
The trigger groups events within the specified wait time period and sends them to the function. The number of events cannot exceed the specified batch size.
Under Function settings, select a function and specify:
- Function version tag.
- Service account to use for invoking the function.
Optionally, under Repeat request settings:
- In the Interval field, specify how long to wait before retrying the function if it fails. The values may range from 10 to 60 seconds. The default value is 10 seconds.
- In the Number of attempts field, specify the number of function retries before the trigger sends a message to the dead letter queue. The values may range from 1 to 5. The default value is 1.
Optionally, under Dead Letter Queue settings, select a dead-letter queue and a service account with write permissions for that queue.
Click Create trigger.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder used by default is the one specified when creating the CLI profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also specify a different folder for any command using --folder-name or --folder-id. If you access a resource by its name, the search will be limited to the default folder. If you access a resource by its ID, the search will be global, i.e., through all folders based on access permissions.

To create a trigger that invokes a function, run this command:

yc serverless trigger create container-registry \
  --name <trigger_name> \
  --registry-id <registry_ID> \
  --events 'create-image', 'delete-image', 'create-image-tag', 'delete-image-tag' \
  --batch-size <event_batch_size> \
  --batch-cutoff <maximum_wait_time> \
  --invoke-function-id <function_ID> \
  --invoke-function-service-account-id <service_account_ID> \
  --retry-attempts <number_of_retry_attempts> \
  --retry-interval <interval_between_retry_attempts> \
  --dlq-queue-id <dead-letter_queue_ID> \
  --dlq-service-account-id <service_account_ID>

Where:

--name: Trigger name.
--registry-id: Registry ID.
--events: Events that set off the trigger.

--batch-size: Event batch size. This is an optional setting. The values may range from 1 to 10. The default value is 1.
--batch-cutoff: Maximum wait time. This is an optional setting. The values may range from 1 to 60 seconds. The default value is 1 second. The trigger groups events within the batch-cutoff period and sends them to the function. The number of events cannot exceed batch-size.

--invoke-function-id: Function ID.
--invoke-function-service-account-id: ID of the service account with permissions to invoke the function.
--retry-attempts: Number of invocation retries before the trigger sends a message to the dead-letter queue. This is an optional setting. The values may range from 1 to 5. The default value is 1.
--retry-interval: Time to wait before retrying the function if it fails. This is an optional setting. The values may range from 10 to 60 seconds. The default value is 10 seconds.
--dlq-queue-id: Dead-letter queue ID. This is an optional setting.
--dlq-service-account-id: ID of the service account with write permissions for the dead-letter queue. This is an optional setting.

Result:

id: a1s92agr8m**********
folder_id: b1g88tflru**********
created_at: "2020-09-08T06:26:22.651656Z"
name: registry-trigger
rule:
  container_registry:
    event_type:
    - CONTAINER_REGISTRY_EVENT_TYPE_CREATE_IMAGE
    - CONTAINER_REGISTRY_EVENT_TYPE_DELETE_IMAGE
    - CONTAINER_REGISTRY_EVENT_TYPE_CREATE_IMAGE_TAG
    - CONTAINER_REGISTRY_EVENT_TYPE_DELETE_IMAGE_TAG
    registry_id: crtlds4tdfg12kil77**********
    batch_settings:
      size: "3"
      cutoff: 20s
    invoke_function:
      function_id: d4eofc7n0m**********
      function_tag: $latest
      service_account_id: aje3932acd**********
      retry_settings:
        retry_attempts: "1"
        interval: 10s
      dead_letter_queue:
        queue-id: yrn:yc:ymq:ru-central1:aoek49ghmk**********:dlq
        service-account-id: aje3932acd**********
status: ACTIVE

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the relevant documentation on the Terraform website or its mirror.

If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

To create a trigger for Container Registry:

In the Terraform configuration file, describe the resources you want to create:
```
resource "yandex_function_trigger" "my_trigger" {
  name = "<trigger_name>"
  function {
    id                 = "<function_ID>"
    service_account_id = "<service_account_ID>"
    retry_attempts     = "<number_of_retry_attempts>"
    retry_interval     = "<interval_between_retry_attempts>"
  }
  container_registry {
    registry_id      = "<registry_ID>"
    image_name       = "<image_name>"
    tag              = "<image_tag>"
    create_image     = true
    delete_image     = true
    create_image_tag = true
    delete_image_tag = true
    batch_cutoff     = "<maximum_wait_time>"
    batch_size       = "<event_batch_size>"
  }
  dlq {
    queue_id           = "<dead-letter_queue_ID>"
    service_account_id = "<service_account_ID>"
  }
}
```
Where:
- name: Trigger name. Follow these naming requirements:
  - Length: between 3 and 63 characters.
  - It can only contain lowercase Latin letters, numbers, and hyphens.
  - It must start with a letter and cannot end with a hyphen.
- description: Trigger description.
- function: Function settings:
  - id: Function ID.
  - service_account_id: ID of the service account with permissions to invoke the function.
  - retry_attempts: Number of invocation retries before the trigger sends a message to the dead-letter queue. This is an optional setting. The values may range from 1 to 5. The default value is 1.
  - retry_interval: Time to wait before retrying the function if it fails. This is an optional setting. The values may range from 10 to 60 seconds. The default value is 10 seconds.
- container_registry: Trigger settings:
  - registry_id: Registry ID.
  - image_name: Docker image name.
  - tag: Docker image tag.
  - Events that set off the trigger:
    - create_image: Trigger will invoke the function when a new Docker image is created in the registry. It can either be true or false.
    - delete_image: Trigger will invoke the function when a Docker image is deleted from the registry. It can either be true or false.
    - create_image_tag: Trigger will invoke the function when a new Docker image tag is created in the registry. It can either be true or false.
    - delete_image_tag: Trigger will invoke the function when a Docker image tag is deleted from the registry. It can either be true or false.
  - batch_cutoff: Maximum wait time. This is an optional setting. The values may range from 1 to 60 seconds. The default value is 1 second. The trigger groups events within the batch-cutoff period and sends them to the function. The number of events cannot exceed batch-size.
  - batch_size: Event batch size. This is an optional setting. The values may range from 1 to 10. The default value is 1.
- dlq: Dead-letter queue settings:
  - queue_id: Dead-letter queue ID.
  - service_account_id: ID of the service account with write permissions for the dead-letter queue.
For more information about yandex_function_trigger properties, see this provider guide.
Create the resources:
1. In the terminal, navigate to the configuration file directory.
2. Make sure the configuration is correct using this command:
```
terraform validate
```
  If the configuration is valid, you will get this message:
```
Success! The configuration is valid.
```
3. Run this command:
```
terraform plan
```
  You will see a list of resources and their properties. No changes will be made at this step. Terraform will show any errors in the configuration.
4. Apply the configuration changes:
```
terraform apply
```
5. Type yes and press Enter to confirm the changes.
Terraform will create all the required resources. You can check the new resources using the management console or this CLI command:
```
yc serverless trigger list
```

To create a trigger for Container Registry, use the create REST API method for the Trigger resource or the TriggerService/Create gRPC API call.

Checking the result

Check that the trigger works correctly. To do this, view function logs that show information on invocations.

Creating a trigger for Container Registry that invokes Cloud Functions

Getting startedGetting started

Creating a triggerCreating a trigger

Checking the resultChecking the result

See alsoSee also

Was the article helpful?

Getting started

Creating a trigger

Checking the result

See also