'Google Cloud Functions Deploy "allow unauthenticated invocations..."
Whenever I have to deploy a new python function using the gcloud sdk I get this message
Allow unauthenticated invocations of new function [function-name]?
(y/N)?
WARNING: Function created with limited-access IAM policy. To enable unauthorized access consider
"gcloud alpha functions add-iam-policy-binding function-name --region=europe-west1 --member=allUsers --role=roles/cloudfunctions.invoker"
Is there any flag I can add to the command to make it a NO when deploying?
This is a sample command I use to deploy one function:
gcloud functions deploy function-name --region=europe-west1 --entry-point function-entry-point --trigger-resource "projects/my-project/databases/(default)/documents/user_ids/{user_id}" --trigger-event providers/cloud.firestore/eventTypes/document.create --runtime python37 --timeout 60 --project my-project
Solution 1:[1]
- Select the service
- Click Show Info Panel to display the Permissions tab.
- In the Add members field, allUsers
- Select the Cloud Functions Invoker from roles
- Add
or
gcloud functions add-iam-policy-binding FUNCTION \
--member='serviceAccount:FUNCTION_IDENTITY' \
--role='roles/cloudfunctions.invoker'
gcloud run services add-iam-policy-binding [SERVICE_NAME] \
--member="allUsers" \
--role="roles/cloudfunctions.invoker"
Solution 2:[2]
I just encountered this problem as well and discovered that you can supply --no-allow-unauthenticated to pre-emptively answer "no" to this question.
gcloud functions deploy MyFunction \
--runtime=go116 --trigger-http --no-allow-unauthenticated
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | |
| Solution 2 | David |