The State of Cloud Functions (mid 19)
💬 Google Next 19 in a Nutshell
Amid the fanfare of the Google Cloud Run release were significant releases in the Cloud Functions space. This overview will get you up to speed with the latest features.
📈 Scaling Behaviour (Max Instances)
Specify the maximum number of concurrent instances for a particular Cloud Function. This allows you to throttle the number of requests you can serve to avoid depleting or overloading a downstream service’s resources.
🆔 Per Function IAM Identities
By default, all Cloud Functions share the same role derived from the same AppEngine Service Account. To accommodate the least-privilege access practice, you can now assign a named service account with the correct roles to EACH function!
🔑 HTTP Auth (IAM)
For some services that call HTTP endpoints (Cloud Scheduler, Cloud PubSub, Cloud Tasks), GCP will insert an OIDC JWT token in the header on behalf of the sender so you can validate the IAM role & permissions in the receiver.
Also noteworthy, GCP services will automatically validate this token before forwarding payloads to your code (Cloud Functions & Cloud Run).
🔐 Serverless VPC Access
Enables you to send requests from your Cloud Function to resources in your VPC network using internal IP addresses. Just create a VPC Connector, assign your Cloud Function’s Service Account the correct role & configure it to use the VPC Connector.
🌏 New Regions
London & Hong Kong have been added!
🏃 New Runtimes
The default runtimes have been updated to newer LTS versions.
Additionally, a Java 8 runtime is available in alpha (sign up here).
Most of these releases were highly requested features or shown as works in progress at Next18, so it’s good to see Google is listening and delivering.
Stay tuned for an in-depth look at FaaS on GCP and how some new libraries will positively effect future runtime support, development & portability.
If you found this useful, please share with your friends & colleagues.