google_cloud_run_v2_job

A Cloud Run Job resource that references a container image which is run to completion.

To get more information about Job, see:

Open in Cloud Shell

Example Usage - Cloudrunv2 Job Basic

resource "google_cloud_run_v2_job" "default" {
  name     = "cloudrun-job"
  location = "us-central1"

  template {
    template {
      containers {
        image = "us-docker.pkg.dev/cloudrun/container/hello"
      }
    }
  }
}
Open in Cloud Shell

Example Usage - Cloudrunv2 Job Limits

resource "google_cloud_run_v2_job" "default" {
  name     = "cloudrun-job"
  location = "us-central1"

  template {
    template {
      containers {
        image = "us-docker.pkg.dev/cloudrun/container/hello"
        resources {
          limits = {
            cpu    = "2"
            memory = "1024Mi"
          }
        }
      }
    }
  }

  lifecycle {
    ignore_changes = [
      launch_stage,
    ]
  }
}
Open in Cloud Shell

Example Usage - Cloudrunv2 Job Sql

resource "google_cloud_run_v2_job" "default" {
  name     = "cloudrun-job"
  location = "us-central1"

  template {
    template{
      volumes {
        name = "cloudsql"
        cloud_sql_instance {
          instances = [google_sql_database_instance.instance.connection_name]
        }
      }

      containers {
        image = "us-docker.pkg.dev/cloudrun/container/hello"

        env {
          name = "FOO"
          value = "bar"
        }
        env {
          name = "latestdclsecret"
          value_source {
            secret_key_ref {
              secret = google_secret_manager_secret.secret.secret_id
              version = "1"
            }
          }
        }
        volume_mounts {
          name = "cloudsql"
          mount_path = "/cloudsql"
        }
      }
    }
  }
}

data "google_project" "project" {
}

resource "google_secret_manager_secret" "secret" {
  secret_id = "secret"
  replication {
    auto {}
  }
}

resource "google_secret_manager_secret_version" "secret-version-data" {
  secret = google_secret_manager_secret.secret.name
  secret_data = "secret-data"
}

resource "google_secret_manager_secret_iam_member" "secret-access" {
  secret_id = google_secret_manager_secret.secret.id
  role      = "roles/secretmanager.secretAccessor"
  member    = "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com"
  depends_on = [google_secret_manager_secret.secret]
}

resource "google_sql_database_instance" "instance" {
  name             = "cloudrun-sql"
  region           = "us-central1"
  database_version = "MYSQL_5_7"
  settings {
    tier = "db-f1-micro"
  }

  deletion_protection  = "true"
}
Open in Cloud Shell

Example Usage - Cloudrunv2 Job Vpcaccess

resource "google_cloud_run_v2_job" "default" {
  name     = "cloudrun-job"
  location = "us-central1"

  template {
    template{
      containers {
        image = "us-docker.pkg.dev/cloudrun/container/hello"
      }
      vpc_access{
        connector = google_vpc_access_connector.connector.id
        egress = "ALL_TRAFFIC"
      }
    }
  }
}

resource "google_vpc_access_connector" "connector" {
  name          = "run-vpc"
  subnet {
    name = google_compute_subnetwork.custom_test.name
  }
  machine_type = "e2-standard-4"
  min_instances = 2
  max_instances = 3
  region        = "us-central1"
}
resource "google_compute_subnetwork" "custom_test" {
  name          = "run-subnetwork"
  ip_cidr_range = "10.2.0.0/28"
  region        = "us-central1"
  network       = google_compute_network.custom_test.id
}
resource "google_compute_network" "custom_test" {
  name                    = "run-network"
  auto_create_subnetworks = false
}
Open in Cloud Shell

Example Usage - Cloudrunv2 Job Directvpc

resource "google_cloud_run_v2_job" "default" {
  name     = "cloudrun-job"
  location = "us-central1"
  launch_stage = "GA"
  template {
    template{
      containers {
        image = "us-docker.pkg.dev/cloudrun/container/job"
      }
      vpc_access {
        network_interfaces {
          network = "default"
          subnetwork = "default"
          tags = ["tag1", "tag2", "tag3"]
        }
      }
    }
  }
}
Open in Cloud Shell

Example Usage - Cloudrunv2 Job Secret

resource "google_cloud_run_v2_job" "default" {
  name     = "cloudrun-job"
  location = "us-central1"

  template {
    template {
      volumes {
        name = "a-volume"
        secret {
          secret = google_secret_manager_secret.secret.secret_id
          default_mode = 292 # 0444
          items {
            version = "1"
            path = "my-secret"
            mode = 256 # 0400
          }
        }
      }
      containers {
        image = "us-docker.pkg.dev/cloudrun/container/hello"
        volume_mounts {
          name = "a-volume"
          mount_path = "/secrets"
        }
      }
    }
  }

  depends_on = [
    google_secret_manager_secret_version.secret-version-data,
    google_secret_manager_secret_iam_member.secret-access,
  ]
}

data "google_project" "project" {
}

resource "google_secret_manager_secret" "secret" {
  secret_id = "secret"
  replication {
    auto {}
  }
}

resource "google_secret_manager_secret_version" "secret-version-data" {
  secret = google_secret_manager_secret.secret.name
  secret_data = "secret-data"
}

resource "google_secret_manager_secret_iam_member" "secret-access" {
  secret_id = google_secret_manager_secret.secret.id
  role      = "roles/secretmanager.secretAccessor"
  member    = "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com"
  depends_on = [google_secret_manager_secret.secret]
}
Open in Cloud Shell

Example Usage - Cloudrunv2 Job Emptydir

resource "google_cloud_run_v2_job" "default" {
  provider = google-beta
  name     = "cloudrun-job"
  location = "us-central1"
  launch_stage = "BETA"
  template {
    template {
      containers {
        image = "us-docker.pkg.dev/cloudrun/container/hello"
    volume_mounts {
      name = "empty-dir-volume"
      mount_path = "/mnt"
    }
      }
      volumes {
        name = "empty-dir-volume"
    empty_dir {
      medium = "MEMORY"
      size_limit = "128Mi"
    }
      }
    }
  }
}

Argument Reference

The following arguments are supported:

The template block supports:

The template block supports:

The containers block supports:

The env block supports:

The value_source block supports:

The secret_key_ref block supports:

The resources block supports:

The ports block supports:

The volume_mounts block supports:

The volumes block supports:

The secret block supports:

The items block supports:

The cloud_sql_instance block supports:

The empty_dir block supports:

The gcs block supports:

The nfs block supports:

The vpc_access block supports:

The network_interfaces block supports:


The binary_authorization block supports:

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

The terminal_condition block contains:

The conditions block contains:

The latest_created_execution block contains:

Timeouts

This resource provides the following Timeouts configuration options:

Import

Job can be imported using any of these accepted formats:

In Terraform v1.5.0 and later, use an import block to import Job using one of the formats above. For example:

import {
  id = "projects/{{project}}/locations/{{location}}/jobs/{{name}}"
  to = google_cloud_run_v2_job.default
}

When using the terraform import command, Job can be imported using one of the formats above. For example:

$ terraform import google_cloud_run_v2_job.default projects/{{project}}/locations/{{location}}/jobs/{{name}}
$ terraform import google_cloud_run_v2_job.default {{project}}/{{location}}/{{name}}
$ terraform import google_cloud_run_v2_job.default {{location}}/{{name}}

User Project Overrides

This resource supports User Project Overrides.