yandex_function (Resource)
Статья создана
Обновлена 7 августа 2025 г.
- Example usage
- Schema
- Required
- Optional
- Read-Only
- Nested Schema for async_invocation
- Nested Schema for async_invocation.ymq_failure_target
- Nested Schema for async_invocation.ymq_success_target
- Nested Schema for connectivity
- Nested Schema for content
- Nested Schema for log_options
- Nested Schema for metadata_options
- Nested Schema for mounts
- Nested Schema for mounts.ephemeral_disk
- Nested Schema for mounts.object_storage
- Nested Schema for package
- Nested Schema for secrets
- Nested Schema for storage_mounts
- Nested Schema for timeouts
- Import
Allows management of Yandex Cloud Function
Example usage
//
// Create a new Yandex Cloud Function
//
resource "yandex_function" "test-function" {
name = "some_name"
description = "any description"
user_hash = "any_user_defined_string"
runtime = "python37"
entrypoint = "main"
memory = "128"
execution_timeout = "10"
service_account_id = "ajeih**********838kk"
tags = ["my_tag"]
secrets {
id = yandex_lockbox_secret.secret.id
version_id = yandex_lockbox_secret_version.secret_version.id
key = "secret-key"
environment_variable = "ENV_VARIABLE"
}
content {
zip_filename = "function.zip"
}
mounts {
name = "mnt"
ephemeral_disk {
size_gb = 32
}
}
async_invocation {
retries_count = "3"
service_account_id = "ajeih**********838kk"
ymq_failure_target {
service_account_id = "ajeqr**********qb76m"
arn = "yrn:yc:ymq:ru-central1:b1glr**********9hsfp:fail"
}
ymq_success_target {
service_account_id = "ajeqr**********qb76m"
arn = "yrn:yc:ymq:ru-central1:b1glr**********9hsfp:success"
}
}
log_options {
log_group_id = "e2392**********eq9fr"
min_level = "ERROR"
}
}
//
// Create a new Yandex Cloud Function with mounted Object Storage Bucket.
//
resource "yandex_function" "test-function" {
name = "some_name"
user_hash = "v1"
runtime = "python37"
entrypoint = "index.handler"
memory = "128"
execution_timeout = "10"
service_account_id = yandex_iam_service_account.sa.id
content {
zip_filename = "function.zip"
}
mounts {
name = "mnt"
mode = "ro"
object_storage {
bucket = yandex_storage_bucket.my-bucket.bucket
}
}
}
locals {
folder_id = "folder_id"
}
resource "yandex_iam_service_account" "sa" {
folder_id = local.folder_id
name = "test-sa"
}
resource "yandex_resourcemanager_folder_iam_member" "sa-editor" {
folder_id = local.folder_id
role = "storage.editor"
member = "serviceAccount:${yandex_iam_service_account.sa.id}"
}
resource "yandex_iam_service_account_static_access_key" "sa-static-key" {
service_account_id = yandex_iam_service_account.sa.id
description = "static access key for object storage"
}
resource "yandex_storage_bucket" "my-bucket" {
access_key = yandex_iam_service_account_static_access_key.sa-static-key.access_key
secret_key = yandex_iam_service_account_static_access_key.sa-static-key.secret_key
bucket = "bucket"
}
Schema
Required
entrypoint(String) Entrypoint for Yandex Cloud Function.memory(Number) Memory in megabytes (aligned to 128MB) for Yandex Cloud Function.name(String) The resource name.runtime(String) Runtime for Yandex Cloud Function.user_hash(String) User-defined string for current function version. User must change this string any times when function changed. Function will be updated when hash is changed.
Optional
async_invocation(Block List, Max: 1) Config for asynchronous invocations of Yandex Cloud Function. (see below for nested schema)concurrency(Number) The maximum number of requests processed by a function instance at the same time.connectivity(Block List, Max: 1) Function version connectivity. If specified the version will be attached to specified network. (see below for nested schema)content(Block List, Max: 1) Version deployment content for Yandex Cloud Function code. Can be only onepackageorcontentsection. Eitherpackageorcontentsection must be specified. (see below for nested schema)description(String) The resource description.environment(Map of String) A set of key/value environment variables for Yandex Cloud Function. Each key must begin with a letter (A-Z, a-z).execution_timeout(String) Execution timeout in seconds for Yandex Cloud Function.folder_id(String) The folder identifier that resource belongs to. If it is not provided, the default providerfolder-idis used.labels(Map of String) A set of key/value label pairs which assigned to resource.log_options(Block List, Max: 1) Options for logging from Yandex Cloud Function. (see below for nested schema)metadata_options(Block List, Max: 1) Options set the access mode to function's metadata endpoints. (see below for nested schema)mounts(Block List) Mounts for Yandex Cloud Function. (see below for nested schema)package(Block List, Max: 1) Version deployment package for Yandex Cloud Function code. Can be only onepackageorcontentsection. Eitherpackageorcontentsection must be specified. (see below for nested schema)secrets(Block List) Secrets for Yandex Cloud Function. (see below for nested schema)service_account_id(String) Service account which linked to the resource.storage_mounts(Block List, Deprecated) (DEPRECATED, usemounts -> object_storageinstead). Storage mounts for Yandex Cloud Function. (see below for nested schema)tags(Set of String) Tags for Yandex Cloud Function. Tag$latestisn't returned.timeouts(Block, Optional) (see below for nested schema)tmpfs_size(Number) Tmpfs size for Yandex Cloud Function.
Read-Only
created_at(String)id(String) The ID of this resource.image_size(Number) Image size for Yandex Cloud Function.version(String) Version of Yandex Cloud Function.
Nested Schema for async_invocation
Optional:
retries_count(Number) Maximum number of retries for async invocation.service_account_id(String) Service account used for async invocation.ymq_failure_target(Block List, Max: 1) Target for unsuccessful async invocation. (see below for nested schema)ymq_success_target(Block List, Max: 1) Target for successful async invocation. (see below for nested schema)
Nested Schema for async_invocation.ymq_failure_target
Required:
arn(String) YMQ ARN.service_account_id(String) Service account used for writing result to queue.
Nested Schema for async_invocation.ymq_success_target
Required:
arn(String) YMQ ARN.service_account_id(String) Service account used for writing result to queue.
Nested Schema for connectivity
Required:
network_id(String) Network the version will have access to. It's essential to specify network with subnets in all availability zones.
Nested Schema for content
Required:
zip_filename(String) Filename to zip archive for the version.
Nested Schema for log_options
Optional:
disabled(Boolean) Is logging from function disabled.folder_id(String) Log entries are written to default log group for specified folder.log_group_id(String) Log entries are written to specified log group.min_level(String) Minimum log entry level.
Nested Schema for metadata_options
Optional:
aws_v1_http_endpoint(Number) Enables access to AWS flavored metadata (IMDSv1). Values:0- default,1- enabled,2- disabled.gce_http_endpoint(Number) Enables access to GCE flavored metadata. Values:0- default,1- enabled,2- disabled.
Nested Schema for mounts
Required:
name(String) Name of the mount point. The directory where the target is mounted will be accessible at the/function/storage/<mounts.0.name>path.
Optional:
ephemeral_disk(Block List, Max: 1) One of the available mount types. Disk available during the function execution time. (see below for nested schema)mode(String) Mount’s accessibility mode. Valid values areroandrw.object_storage(Block List, Max: 1) One of the available mount types. Object storage as a mount. (see below for nested schema)
Nested Schema for mounts.ephemeral_disk
Required:
size_gb(Number) Size of the ephemeral disk in GB.
Optional:
block_size_kb(Number) Optional block size of the ephemeral disk in KB.
Nested Schema for mounts.object_storage
Required:
bucket(String) Name of the mounting bucket.
Optional:
prefix(String) Prefix within the bucket. If you leave this field empty, the entire bucket will be mounted.
Nested Schema for package
Required:
bucket_name(String) Name of the bucket that stores the code for the version.object_name(String) Name of the object in the bucket that stores the code for the version.
Optional:
sha_256(String) SHA256 hash of the version deployment package.
Nested Schema for secrets
Required:
environment_variable(String) Function's environment variable in which secret's value will be stored. Must begin with a letter (A-Z, a-z).id(String) Secret's ID.key(String) Secret's entries key which value will be stored in environment variable.version_id(String) Secret's version ID.
Nested Schema for storage_mounts
Required:
bucket(String) Name of the mounting bucket.mount_point_name(String) Name of the mount point. The directory where the bucket is mounted will be accessible at the/function/storage/<mount_point>path.
Optional:
prefix(String) Prefix within the bucket. If you leave this field empty, the entire bucket will be mounted.read_only(Boolean) Mount the bucket in read-only mode.
Nested Schema for timeouts
Optional:
create(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).delete(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.update(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
Import
The resource can be imported by using their resource ID. For getting the resource ID you can use Yandex Cloud Web Console or YC CLI.
# terraform import yandex_function.<resource Name> <resource Id>
terraform import yandex_function.test-function d4e45**********pqvd3