Google Git
Sign in
third-party-mirror / terraform-provider-google-beta / 7018e2f3f116fdacfd66c03551fbf0c3db62170a / . / v5.18.0 / website / docs / r / cloud_run_v2_job.html.markdown
blob: 90d74c2cba0d8312d63dceb86ceb7d4c5879fb83 [file] [log] [blame]
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Cloud Run (v2 API)"
description: |-
A Cloud Run Job resource that references a container image which is run to completion.
---
# google\_cloud\_run\_v2\_job
A Cloud Run Job resource that references a container image which is run to completion.
To get more information about Job, see:
* [API documentation](https://cloud.google.com/run/docs/reference/rest/v2/projects.locations.jobs)
* How-to Guides
* [Official Documentation](https://cloud.google.com/run/docs/)
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=cloudrunv2_job_basic&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Cloudrunv2 Job Basic
```hcl
resource "google_cloud_run_v2_job" "default" {
name = "cloudrun-job"
location = "us-central1"
template {
template {
containers {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
}
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=cloudrunv2_job_limits&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Cloudrunv2 Job Limits
```hcl
resource "google_cloud_run_v2_job" "default" {
name = "cloudrun-job"
location = "us-central1"
template {
template {
containers {
image = "us-docker.pkg.dev/cloudrun/container/hello"
resources {
limits = {
cpu = "2"
memory = "1024Mi"
}
}
}
}
}
lifecycle {
ignore_changes = [
launch_stage,
]
}
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=cloudrunv2_job_sql&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Cloudrunv2 Job Sql
```hcl
resource "google_cloud_run_v2_job" "default" {
name = "cloudrun-job"
location = "us-central1"
template {
template{
volumes {
name = "cloudsql"
cloud_sql_instance {
instances = [google_sql_database_instance.instance.connection_name]
}
}
containers {
image = "us-docker.pkg.dev/cloudrun/container/hello"
env {
name = "FOO"
value = "bar"
}
env {
name = "latestdclsecret"
value_source {
secret_key_ref {
secret = google_secret_manager_secret.secret.secret_id
version = "1"
}
}
}
volume_mounts {
name = "cloudsql"
mount_path = "/cloudsql"
}
}
}
}
}
data "google_project" "project" {
}
resource "google_secret_manager_secret" "secret" {
secret_id = "secret"
replication {
auto {}
}
}
resource "google_secret_manager_secret_version" "secret-version-data" {
secret = google_secret_manager_secret.secret.name
secret_data = "secret-data"
}
resource "google_secret_manager_secret_iam_member" "secret-access" {
secret_id = google_secret_manager_secret.secret.id
role = "roles/secretmanager.secretAccessor"
member = "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com"
depends_on = [google_secret_manager_secret.secret]
}
resource "google_sql_database_instance" "instance" {
name = "cloudrun-sql"
region = "us-central1"
database_version = "MYSQL_5_7"
settings {
tier = "db-f1-micro"
}
deletion_protection = "true"
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=cloudrunv2_job_vpcaccess&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Cloudrunv2 Job Vpcaccess
```hcl
resource "google_cloud_run_v2_job" "default" {
name = "cloudrun-job"
location = "us-central1"
template {
template{
containers {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
vpc_access{
connector = google_vpc_access_connector.connector.id
egress = "ALL_TRAFFIC"
}
}
}
}
resource "google_vpc_access_connector" "connector" {
name = "run-vpc"
subnet {
name = google_compute_subnetwork.custom_test.name
}
machine_type = "e2-standard-4"
min_instances = 2
max_instances = 3
region = "us-central1"
}
resource "google_compute_subnetwork" "custom_test" {
name = "run-subnetwork"
ip_cidr_range = "10.2.0.0/28"
region = "us-central1"
network = google_compute_network.custom_test.id
}
resource "google_compute_network" "custom_test" {
name = "run-network"
auto_create_subnetworks = false
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=cloudrunv2_job_directvpc&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Cloudrunv2 Job Directvpc
```hcl
resource "google_cloud_run_v2_job" "default" {
name = "cloudrun-job"
location = "us-central1"
launch_stage = "BETA"
template {
template{
containers {
image = "us-docker.pkg.dev/cloudrun/container/job"
}
vpc_access {
network_interfaces {
network = "default"
subnetwork = "default"
tags = ["tag1", "tag2", "tag3"]
}
egress = "ALL_TRAFFIC"
}
}
}
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=cloudrunv2_job_secret&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Cloudrunv2 Job Secret
```hcl
resource "google_cloud_run_v2_job" "default" {
name = "cloudrun-job"
location = "us-central1"
template {
template {
volumes {
name = "a-volume"
secret {
secret = google_secret_manager_secret.secret.secret_id
default_mode = 292 # 0444
items {
version = "1"
path = "my-secret"
mode = 256 # 0400
}
}
}
containers {
image = "us-docker.pkg.dev/cloudrun/container/hello"
volume_mounts {
name = "a-volume"
mount_path = "/secrets"
}
}
}
}
depends_on = [
google_secret_manager_secret_version.secret-version-data,
google_secret_manager_secret_iam_member.secret-access,
]
}
data "google_project" "project" {
}
resource "google_secret_manager_secret" "secret" {
secret_id = "secret"
replication {
auto {}
}
}
resource "google_secret_manager_secret_version" "secret-version-data" {
secret = google_secret_manager_secret.secret.name
secret_data = "secret-data"
}
resource "google_secret_manager_secret_iam_member" "secret-access" {
secret_id = google_secret_manager_secret.secret.id
role = "roles/secretmanager.secretAccessor"
member = "serviceAccount:${data.google_project.project.number}-compute@developer.gserviceaccount.com"
depends_on = [google_secret_manager_secret.secret]
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=cloudrunv2_job_emptydir&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Cloudrunv2 Job Emptydir
```hcl
resource "google_cloud_run_v2_job" "default" {
provider = google-beta
name = "cloudrun-job"
location = "us-central1"
launch_stage = "BETA"
template {
template {
containers {
image = "us-docker.pkg.dev/cloudrun/container/hello"
volume_mounts {
name = "empty-dir-volume"
mount_path = "/mnt"
}
}
volumes {
name = "empty-dir-volume"
empty_dir {
medium = "MEMORY"
size_limit = "128Mi"
}
}
}
}
}
```
## Argument Reference
The following arguments are supported:
* `name` -
(Required)
Name of the Job.
* `template` -
(Required)
The template used to create executions for this Job.
Structure is [documented below](#nested_template).
* `location` -
(Required)
The location of the cloud run job
<a name="nested_template"></a>The `template` block supports:
* `labels` -
(Optional)
Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter,
or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or
https://cloud.google.com/run/docs/configuring/labels.
Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected.
All system labels in v1 now have a corresponding field in v2 ExecutionTemplate.
* `annotations` -
(Optional)
Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects.
Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected.
All system annotations in v1 now have a corresponding field in v2 ExecutionTemplate.
This field follows Kubernetes annotations' namespacing, limits, and rules.
* `parallelism` -
(Optional)
Specifies the maximum desired number of tasks the execution should run at given time. Must be <= taskCount. When the job is run, if this field is 0 or unset, the maximum possible value will be used for that execution. The actual number of tasks running in steady state will be less than this number when there are fewer tasks waiting to be completed remaining, i.e. when the work left to do is less than max parallelism.
* `task_count` -
(Optional)
Specifies the desired number of tasks the execution should run. Setting to 1 means that parallelism is limited to 1 and the success of that task signals the success of the execution. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
* `template` -
(Required)
Describes the task(s) that will be created when executing an execution
Structure is [documented below](#nested_template).
<a name="nested_template"></a>The `template` block supports:
* `containers` -
(Optional)
Holds the single container that defines the unit of execution for this task.
Structure is [documented below](#nested_containers).
* `volumes` -
(Optional)
A list of Volumes to make available to containers.
Structure is [documented below](#nested_volumes).
* `timeout` -
(Optional)
Max allowed time duration the Task may be active before the system will actively try to mark it failed and kill associated containers. This applies per attempt of a task, meaning each retry can run for the full timeout.
A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".
* `service_account` -
(Optional)
Email address of the IAM service account associated with the Task of a Job. The service account represents the identity of the running task, and determines what permissions the task has. If not provided, the task will use the project's default service account.
* `execution_environment` -
(Optional)
The execution environment being used to host this Task.
Possible values are: `EXECUTION_ENVIRONMENT_GEN1`, `EXECUTION_ENVIRONMENT_GEN2`.
* `encryption_key` -
(Optional)
A reference to a customer managed encryption key (CMEK) to use to encrypt this container image. For more information, go to https://cloud.google.com/run/docs/securing/using-cmek
* `vpc_access` -
(Optional)
VPC Access configuration to use for this Task. For more information, visit https://cloud.google.com/run/docs/configuring/connecting-vpc.
Structure is [documented below](#nested_vpc_access).
* `max_retries` -
(Optional)
Number of retries allowed per Task, before marking this Task failed.
<a name="nested_containers"></a>The `containers` block supports:
* `name` -
(Optional)
Name of the container specified as a DNS_LABEL.
* `image` -
(Required)
URL of the Container image in Google Container Registry or Google Artifact Registry. More info: https://kubernetes.io/docs/concepts/containers/images
* `command` -
(Optional)
Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
* `args` -
(Optional)
Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
* `env` -
(Optional)
List of environment variables to set in the container.
Structure is [documented below](#nested_env).
* `resources` -
(Optional)
Compute Resource requirements by this container. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
Structure is [documented below](#nested_resources).
* `ports` -
(Optional)
List of ports to expose from the container. Only a single port can be specified. The specified ports must be listening on all interfaces (0.0.0.0) within the container to be accessible.
If omitted, a port number will be chosen and passed to the container through the PORT environment variable for the container to listen on
Structure is [documented below](#nested_ports).
* `volume_mounts` -
(Optional)
Volume to mount into the container's filesystem.
Structure is [documented below](#nested_volume_mounts).
* `working_dir` -
(Optional)
Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image.
<a name="nested_env"></a>The `env` block supports:
* `name` -
(Required)
Name of the environment variable. Must be a C_IDENTIFIER, and mnay not exceed 32768 characters.
* `value` -
(Optional)
Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "", and the maximum length is 32768 bytes
* `value_source` -
(Optional)
Source for the environment variable's value.
Structure is [documented below](#nested_value_source).
<a name="nested_value_source"></a>The `value_source` block supports:
* `secret_key_ref` -
(Optional)
Selects a secret and a specific version from Cloud Secret Manager.
Structure is [documented below](#nested_secret_key_ref).
<a name="nested_secret_key_ref"></a>The `secret_key_ref` block supports:
* `secret` -
(Required)
The name of the secret in Cloud Secret Manager. Format: {secretName} if the secret is in the same project. projects/{project}/secrets/{secretName} if the secret is in a different project.
* `version` -
(Required)
The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version.
<a name="nested_resources"></a>The `resources` block supports:
* `limits` -
(Optional)
Only memory and CPU are supported. Use key `cpu` for CPU limit and `memory` for memory limit. Note: The only supported values for CPU are '1', '2', '4', and '8'. Setting 4 CPU requires at least 2Gi of memory. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
<a name="nested_ports"></a>The `ports` block supports:
* `name` -
(Optional)
If specified, used to specify which protocol to use. Allowed values are "http1" and "h2c".
* `container_port` -
(Optional)
Port number the container listens on. This must be a valid TCP port number, 0 < containerPort < 65536.
<a name="nested_volume_mounts"></a>The `volume_mounts` block supports:
* `name` -
(Required)
This must match the Name of a Volume.
* `mount_path` -
(Required)
Path within the container at which the volume should be mounted. Must not contain ':'. For Cloud SQL volumes, it can be left empty, or must otherwise be /cloudsql. All instances defined in the Volume will be available as /cloudsql/[instance]. For more information on Cloud SQL volumes, visit https://cloud.google.com/sql/docs/mysql/connect-run
<a name="nested_volumes"></a>The `volumes` block supports:
* `name` -
(Required)
Volume's name.
* `secret` -
(Optional)
Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
Structure is [documented below](#nested_secret).
* `cloud_sql_instance` -
(Optional)
For Cloud SQL volumes, contains the specific instances that should be mounted. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run.
Structure is [documented below](#nested_cloud_sql_instance).
* `empty_dir` -
(Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
Ephemeral storage used as a shared volume.
Structure is [documented below](#nested_empty_dir).
<a name="nested_secret"></a>The `secret` block supports:
* `secret` -
(Required)
The name of the secret in Cloud Secret Manager. Format: {secret} if the secret is in the same project. projects/{project}/secrets/{secret} if the secret is in a different project.
* `default_mode` -
(Optional)
Integer representation of mode bits to use on created files by default. Must be a value between 0000 and 0777 (octal), defaulting to 0444. Directories within the path are not affected by this setting.
* `items` -
(Optional)
If unspecified, the volume will expose a file whose name is the secret, relative to VolumeMount.mount_path. If specified, the key will be used as the version to fetch from Cloud Secret Manager and the path will be the name of the file exposed in the volume. When items are defined, they must specify a path and a version.
Structure is [documented below](#nested_items).
<a name="nested_items"></a>The `items` block supports:
* `path` -
(Required)
The relative path of the secret in the container.
* `version` -
(Required)
The Cloud Secret Manager secret version. Can be 'latest' for the latest value or an integer for a specific version
* `mode` -
(Optional)
Integer octal mode bits to use on this file, must be a value between 01 and 0777 (octal). If 0 or not set, the Volume's default mode will be used.
<a name="nested_cloud_sql_instance"></a>The `cloud_sql_instance` block supports:
* `instances` -
(Optional)
The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance}
<a name="nested_empty_dir"></a>The `empty_dir` block supports:
* `medium` -
(Optional)
The different types of medium supported for EmptyDir.
Default value is `MEMORY`.
Possible values are: `MEMORY`.
* `size_limit` -
(Optional)
Limit on the storage usable by this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. This field's values are of the 'Quantity' k8s type: https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/quantity/. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir.
<a name="nested_vpc_access"></a>The `vpc_access` block supports:
* `connector` -
(Optional)
VPC Access connector name. Format: projects/{project}/locations/{location}/connectors/{connector}, where {project} can be project id or number.
* `egress` -
(Optional)
Traffic VPC egress settings.
Possible values are: `ALL_TRAFFIC`, `PRIVATE_RANGES_ONLY`.
* `network_interfaces` -
(Optional)
Direct VPC egress settings. Currently only single network interface is supported.
Structure is [documented below](#nested_network_interfaces).
<a name="nested_network_interfaces"></a>The `network_interfaces` block supports:
* `network` -
(Optional)
The VPC network that the Cloud Run resource will be able to send traffic to. At least one of network or subnetwork must be specified. If both
network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If network is not specified, it will be
looked up from the subnetwork.
* `subnetwork` -
(Optional)
The VPC subnetwork that the Cloud Run resource will get IPs from. At least one of network or subnetwork must be specified. If both
network and subnetwork are specified, the given VPC subnetwork must belong to the given VPC network. If subnetwork is not specified, the
subnetwork with the same name with the network will be used.
* `tags` -
(Optional)
Network tags applied to this Cloud Run job.
- - -
* `labels` -
(Optional)
Unstructured key value map that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component,
environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels.
Cloud Run API v2 does not support labels with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected.
All system labels in v1 now have a corresponding field in v2 Job.
**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field `effective_labels` for all of the labels present on the resource.
* `annotations` -
(Optional)
Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects.
Cloud Run API v2 does not support annotations with `run.googleapis.com`, `cloud.googleapis.com`, `serving.knative.dev`, or `autoscaling.knative.dev` namespaces, and they will be rejected on new resources.
All system annotations in v1 now have a corresponding field in v2 Job.
This field follows Kubernetes annotations' namespacing, limits, and rules.
**Note**: This field is non-authoritative, and will only manage the annotations present in your configuration.
Please refer to the field `effective_annotations` for all of the annotations present on the resource.
* `client` -
(Optional)
Arbitrary identifier for the API client.
* `client_version` -
(Optional)
Arbitrary version identifier for the API client.
* `launch_stage` -
(Optional)
The launch stage as defined by [Google Cloud Platform Launch Stages](https://cloud.google.com/products#product-launch-stages). Cloud Run supports ALPHA, BETA, and GA.
If no value is specified, GA is assumed. Set the launch stage to a preview stage on input to allow use of preview features in that stage. On read (or output), describes whether the resource uses preview features.
For example, if ALPHA is provided as input, but only BETA and GA-level features are used, this field will be BETA on output.
Possible values are: `UNIMPLEMENTED`, `PRELAUNCH`, `EARLY_ACCESS`, `ALPHA`, `BETA`, `GA`, `DEPRECATED`.
* `binary_authorization` -
(Optional)
Settings for the Binary Authorization feature.
Structure is [documented below](#nested_binary_authorization).
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
<a name="nested_binary_authorization"></a>The `binary_authorization` block supports:
* `breakglass_justification` -
(Optional)
If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, see https://cloud.google.com/binary-authorization/docs/using-breakglass
* `use_default` -
(Optional)
If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.
## Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
* `id` - an identifier for the resource with format `projects/{{project}}/locations/{{location}}/jobs/{{name}}`
* `uid` -
Server assigned unique identifier for the Execution. The value is a UUID4 string and guaranteed to remain unchanged until the resource is deleted.
* `generation` -
A number that monotonically increases every time the user modifies the desired state.
* `create_time` -
The creation time.
* `update_time` -
The last-modified time.
* `delete_time` -
The deletion time.
* `expire_time` -
For a deleted resource, the time after which it will be permamently deleted.
* `creator` -
Email address of the authenticated creator.
* `last_modifier` -
Email address of the last authenticated modifier.
* `observed_generation` -
The generation of this Job. See comments in reconciling for additional information on reconciliation process in Cloud Run.
* `terminal_condition` -
The Condition of this Job, containing its readiness status, and detailed error information in case it did not reach the desired state
Structure is [documented below](#nested_terminal_condition).
* `conditions` -
The Conditions of all other associated sub-resources. They contain additional diagnostics information in case the Job does not reach its desired state. See comments in reconciling for additional information on `reconciliation` process in Cloud Run.
Structure is [documented below](#nested_conditions).
* `execution_count` -
Number of executions created for this job.
* `latest_created_execution` -
Name of the last created execution.
Structure is [documented below](#nested_latest_created_execution).
* `reconciling` -
Returns true if the Job is currently being acted upon by the system to bring it into the desired state.
When a new Job is created, or an existing one is updated, Cloud Run will asynchronously perform all necessary steps to bring the Job to the desired state. This process is called reconciliation. While reconciliation is in process, observedGeneration and latest_succeeded_execution, will have transient values that might mismatch the intended state: Once reconciliation is over (and this field is false), there are two possible outcomes: reconciliation succeeded and the state matches the Job, or there was an error, and reconciliation failed. This state can be found in terminalCondition.state.
If reconciliation succeeded, the following fields will match: observedGeneration and generation, latest_succeeded_execution and latestCreatedExecution.
If reconciliation failed, observedGeneration and latest_succeeded_execution will have the state of the last succeeded execution or empty for newly created Job. Additional information on the failure can be found in terminalCondition and conditions
* `etag` -
A system-generated fingerprint for this version of the resource. May be used to detect modification conflict during updates.
* `terraform_labels` -
The combination of labels configured directly on the resource
and default labels configured on the provider.
* `effective_labels` -
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
* `effective_annotations` -
All of annotations (key/value pairs) present on the resource in GCP, including the annotations configured through Terraform, other clients and services.
<a name="nested_terminal_condition"></a>The `terminal_condition` block contains:
* `type` -
(Output)
type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
* `state` -
(Output)
State of the condition.
* `message` -
(Output)
Human readable message indicating details about the current status.
* `last_transition_time` -
(Output)
Last time the condition transitioned from one status to another.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
* `severity` -
(Output)
How to interpret failures of this condition, one of Error, Warning, Info
* `reason` -
(Output)
A common (service-level) reason for this condition.
* `revision_reason` -
(Output)
A reason for the revision condition.
* `execution_reason` -
(Output)
A reason for the execution condition.
<a name="nested_conditions"></a>The `conditions` block contains:
* `type` -
(Output)
type is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/main/docs/spec/errors.md#error-conditions-and-reporting Types common to all resources include: * "Ready": True when the Resource is ready.
* `state` -
(Output)
State of the condition.
* `message` -
(Output)
Human readable message indicating details about the current status.
* `last_transition_time` -
(Output)
Last time the condition transitioned from one status to another.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
* `severity` -
(Output)
How to interpret failures of this condition, one of Error, Warning, Info
* `reason` -
(Output)
A common (service-level) reason for this condition.
* `revision_reason` -
(Output)
A reason for the revision condition.
* `execution_reason` -
(Output)
A reason for the execution condition.
<a name="nested_latest_created_execution"></a>The `latest_created_execution` block contains:
* `name` -
(Output)
Name of the execution.
* `create_time` -
(Output)
Creation timestamp of the execution.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
* `completion_time` -
(Output)
Completion timestamp of the execution.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
## Timeouts
This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:
- `create` - Default is 20 minutes.
- `update` - Default is 20 minutes.
- `delete` - Default is 20 minutes.
## Import
Job can be imported using any of these accepted formats:
* `projects/{{project}}/locations/{{location}}/jobs/{{name}}`
* `{{project}}/{{location}}/{{name}}`
* `{{location}}/{{name}}`
In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Job using one of the formats above. For example:
```tf
import {
id = "projects/{{project}}/locations/{{location}}/jobs/{{name}}"
to = google_cloud_run_v2_job.default
}
```
When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Job can be imported using one of the formats above. For example:
```
$ terraform import google_cloud_run_v2_job.default projects/{{project}}/locations/{{location}}/jobs/{{name}}
$ terraform import google_cloud_run_v2_job.default {{project}}/{{location}}/{{name}}
$ terraform import google_cloud_run_v2_job.default {{location}}/{{name}}
```
## User Project Overrides
This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).