yandex_serverless_container (Resource)

Allows management of a Yandex Cloud Serverless Container.

Example usageExample usage

//
// Create a new Serverless Container.
//
resource "yandex_serverless_container" "test-container" {
  name               = "some_name"
  description        = "any description"
  memory             = 256
  execution_timeout  = "15s"
  cores              = 1
  core_fraction      = 100
  service_account_id = "are1service2account3id"
  runtime {
    type = "task"
  }
  secrets {
    id                   = yandex_lockbox_secret.secret.id
    version_id           = yandex_lockbox_secret_version.secret_version.id
    key                  = "secret-key"
    environment_variable = "ENV_VARIABLE"
  }
  mounts {
    mount_point_path = "/mount/point"
    ephemeral_disk {
      size_gb = 5
    }
  }
  image {
    url = "cr.yandex/yc/test-image:v1"
  }
  log_options {
    log_group_id = "e2392vo6d1bne2aeq9fr"
    min_level    = "ERROR"
  }
  provision_policy {
    min_instances = 1
  }
}

//
// Create a new Serverless Container with Image digest.
//
resource "yandex_serverless_container" "test-container-with-digest" {
  name   = "some_name"
  memory = 128
  image {
    url    = "cr.yandex/yc/test-image:v1"
    digest = "sha256:e1d772fa8795adac847a2420c87d0d2e3d38fb02f168cab8c0b5fe2fb95c47f4"
  }
}

//
// Create a new Serverless Container with Storage mount.
//
locals {
  folder_id = "folder_id"
}

resource "yandex_serverless_container" "test-container-object-storage-mount" {
  name               = "some_name"
  memory             = 128
  service_account_id = yandex_iam_service_account.sa.id
  image {
    url = "cr.yandex/yc/test-image:v1"
  }
  mounts {
    mount_point_path = "/mount/point"
    mode             = "ro"
    object_storage {
      bucket = yandex_storage_bucket.my-bucket.bucket
    }
  }
}

// Auxiliary resources
resource "yandex_iam_service_account" "sa" {
  folder_id = local.folder_id
  name      = "test-sa"
}

resource "yandex_resourcemanager_folder_iam_member" "sa-editor" {
  folder_id = local.folder_id
  role      = "storage.editor"
  member    = "serviceAccount:${yandex_iam_service_account.sa.id}"
}

resource "yandex_iam_service_account_static_access_key" "sa-static-key" {
  service_account_id = yandex_iam_service_account.sa.id
  description        = "static access key for object storage"
}

resource "yandex_storage_bucket" "my-bucket" {
  access_key = yandex_iam_service_account_static_access_key.sa-static-key.access_key
  secret_key = yandex_iam_service_account_static_access_key.sa-static-key.secret_key
  bucket     = "bucket"
}

SchemaSchema

RequiredRequired

• image (Block List, Min: 1, Max: 1) Revision deployment image for Yandex Cloud Serverless Container. (see below for nested schema)
• memory (Number) Memory in megabytes (aligned to 128 MB).
• name (String) The resource name.

OptionalOptional

• async_invocation (Block List, Max: 1) Config for asynchronous invocations of Yandex Cloud Serverless Container. (see below for nested schema)
• concurrency (Number) Concurrency of Yandex Cloud Serverless Container.
• connectivity (Block List, Max: 1) Network access. If specified the revision will be attached to specified network. (see below for nested schema)
• core_fraction (Number) Core fraction (0...100) of the Yandex Cloud Serverless Container.
• cores (Number) Cores (1+) of the Yandex Cloud Serverless Container.
• description (String) The resource description.
• execution_timeout (String) Execution timeout in seconds (duration format) for Yandex Cloud Serverless Container.
• folder_id (String) The folder identifier that resource belongs to. If it is not provided, the default provider folder-id is used.
• labels (Map of String) A set of key/value label pairs which assigned to resource.
• log_options (Block List, Max: 1) Options for logging from Yandex Cloud Serverless Container. (see below for nested schema)
• metadata_options (Block List, Max: 1) Options set the access mode to revision's metadata endpoints. (see below for nested schema)
• mounts (Block List) Mounts for Yandex Cloud Serverless Container. (see below for nested schema)
• provision_policy (Block List, Max: 1) Provision policy. If specified the revision will have prepared instances. (see below for nested schema)
• runtime (Block List, Max: 1) Runtime for Yandex Cloud Serverless Container. (see below for nested schema)
• secrets (Block List) Secrets for Yandex Cloud Serverless Container. (see below for nested schema)
• service_account_id (String) Service account which linked to the resource.
• storage_mounts (Block List, Deprecated) (DEPRECATED, use mounts.object_storage instead) Storage mounts for Yandex Cloud Serverless Container. (see below for nested schema)
• timeouts (Block, Optional) (see below for nested schema)

Read-OnlyRead-Only

• created_at (String) The creation timestamp of the resource.
• id (String) The ID of this resource.
• revision_id (String) Last revision ID of the Yandex Cloud Serverless Container.
• url (String) Invoke URL for the Yandex Cloud Serverless Container.

Nested Schema for Nested Schema for image

Required:

• url (String) URL of image that will be deployed as Yandex Cloud Serverless Container.

Optional:

• args (List of String) List of arguments for Yandex Cloud Serverless Container.
• command (List of String) List of commands for Yandex Cloud Serverless Container.
• digest (String) Digest of image that will be deployed as Yandex Cloud Serverless Container. If presented, should be equal to digest that will be resolved at server side by URL. Container will be updated on digest change even if image.0.url stays the same. If field not specified then its value will be computed.
• environment (Map of String) A set of key/value environment variable pairs for Yandex Cloud Serverless Container. Each key must begin with a letter (A-Z, a-z).
• work_dir (String) Working directory for Yandex Cloud Serverless Container.

Nested Schema for Nested Schema for async_invocation

Optional:

• service_account_id (String) Service account used for async invocation.

Nested Schema for Nested Schema for connectivity

Required:

• network_id (String) Network the revision will have access to.

Nested Schema for Nested Schema for log_options

Optional:

• disabled (Boolean) Is logging from container disabled.
• folder_id (String) Log entries are written to default log group for specified folder.
• log_group_id (String) Log entries are written to specified log group.
• min_level (String) Minimum log entry level.

Nested Schema for Nested Schema for metadata_options

Optional:

• aws_v1_http_endpoint (Number) Enables access to AWS flavored metadata (IMDSv1). Values: 0 - default, 1 - enabled, 2 - disabled.
• gce_http_endpoint (Number) Enables access to GCE flavored metadata. Values: 0- default, 1 - enabled, 2 - disabled.

Nested Schema for Nested Schema for mounts

Required:

• mount_point_path (String) Path inside the container to access the directory in which the target is mounted.

Optional:

• ephemeral_disk (Block List, Max: 1) One of the available mount types. Disk available during the function execution time. (see below for nested schema)
• mode (String) Mount’s accessibility mode. Valid values are ro and rw.
• object_storage (Block List, Max: 1) Available mount types. Object storage as a mount. (see below for nested schema)

Nested Schema for Nested Schema for mounts.ephemeral_disk

Required:

• size_gb (Number) Size of the ephemeral disk in GB.

Optional:

• block_size_kb (Number) Block size of the ephemeral disk in KB.

Nested Schema for Nested Schema for mounts.object_storage

Required:

• bucket (String) Name of the mounting bucket.

Optional:

• prefix (String) Prefix within the bucket. If you leave this field empty, the entire bucket will be mounted.

Nested Schema for Nested Schema for provision_policy

Required:

• min_instances (Number) Minimum number of prepared instances that are always ready to serve requests.

Nested Schema for Nested Schema for runtime

Required:

• type (String) Type of the runtime for Yandex Cloud Serverless Container. Valid values are http and task.

Nested Schema for Nested Schema for secrets

Required:

• environment_variable (String) Container's environment variable in which secret's value will be stored. Must begin with a letter (A-Z, a-z).
• id (String) Secret's ID.
• key (String) Secret's entries key which value will be stored in environment variable.
• version_id (String) Secret's version ID.

Nested Schema for Nested Schema for storage_mounts

Required:

• bucket (String) Name of the mounting bucket.
• mount_point_path (String) Path inside the container to access the directory in which the bucket is mounted.

Optional:

• prefix (String) Prefix within the bucket. If you leave this field empty, the entire bucket will be mounted.
• read_only (Boolean) Mount the bucket in read-only mode.

Nested Schema for Nested Schema for timeouts

Optional:

• create (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
• delete (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
• update (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).

ImportImport

The resource can be imported by using their resource ID. For getting the resource ID you can use Yandex Cloud Web Console or YC CLI.

# terraform import yandex_serverless_container.<resource Name> <resource Id>
terraform import yandex_serverless_container.test-container ...