Google Cloud Functions Deploy "allow unauthenticated invocations..."

19.5k Views Asked by Guanaco Devs At 01 May 2020 at 23:36

Whenever I have to deploy a new python function using the gcloud sdk I get this message

Allow unauthenticated invocations of new function [function-name]?

(y/N)?

WARNING: Function created with limited-access IAM policy. To enable unauthorized access consider

"gcloud alpha functions add-iam-policy-binding function-name --region=europe-west1 --member=allUsers --role=roles/cloudfunctions.invoker"

Is there any flag I can add to the command to make it a NO when deploying?

This is a sample command I use to deploy one function:

gcloud functions deploy function-name --region=europe-west1 --entry-point function-entry-point --trigger-resource "projects/my-project/databases/(default)/documents/user_ids/{user_id}" --trigger-event providers/cloud.firestore/eventTypes/document.create --runtime python37 --timeout 60 --project my-project

Original Q&A

There are 3 best solutions below

Dustin Ingram On 02 May 2020 at 02:23 BEST ANSWER

From https://cloud.google.com/sdk/docs/scripting-gcloud#disabling_prompts:

You can disable prompts from gcloud CLI commands by setting the disable_prompts property in your configuration to True or by using the global --quiet or -q flag.

So for your example, you could run:

gcloud functions deploy function-name --quiet --region=europe-west1 --entry-point function-entry-point --trigger-resource "projects/my-project/databases/(default)/documents/user_ids/{user_id}" --trigger-event providers/cloud.firestore/eventTypes/document.create --runtime python37 --timeout 60 --project my-project

Tiago Medici On 07 July 2021 at 13:36

Select the service
Click Show Info Panel to display the Permissions tab.
In the Add members field, allUsers
Select the Cloud Functions Invoker from roles
Add

  gcloud functions add-iam-policy-binding FUNCTION \
  --member='serviceAccount:FUNCTION_IDENTITY' \
  --role='roles/cloudfunctions.invoker'

 gcloud run services add-iam-policy-binding [SERVICE_NAME] \
    --member="allUsers" \
    --role="roles/cloudfunctions.invoker"

David On 10 February 2022 at 06:48

I just encountered this problem as well and discovered that you can supply --no-allow-unauthenticated to pre-emptively answer "no" to this question.

gcloud functions deploy MyFunction \
  --runtime=go116 --trigger-http --no-allow-unauthenticated

Google Cloud Functions Deploy "allow unauthenticated invocations..."

There are 3 best solutions below

Related Questions in PYTHON

Related Questions in GOOGLE-CLOUD-PLATFORM

Related Questions in GOOGLE-CLOUD-FUNCTIONS

Related Questions in GCLOUD

Related Questions in GCLOUD-PYTHON

Trending Questions

Popular # Hahtags

Popular Questions