Configuration options for a function that applicable at runtime.
Signature:
export interface RuntimeOptions
Properties
| Property | Type | Description |
|---|---|---|
| consumeAppCheckToken | boolean | Determines whether Firebase App Check token is consumed on request. Defaults to false. |
| enforceAppCheck | boolean | Determines whether Firebase AppCheck is enforced. |
| failurePolicy | FailurePolicy | boolean | Failure policy of the function, with boolean true being equivalent to providing an empty retry object. |
| ingressSettings | (typeof INGRESS_SETTINGS_OPTIONS)[number] | ResetValue | Ingress settings which control where this function can be called from. |
| invoker | "public" | "private" | string | string[] | Invoker to set access control on https functions. |
| labels | Record<string, string> | User labels to set on the function. |
| maxInstances | number | Expression<number> | ResetValue | Max number of actual instances allowed to be running in parallel. |
| memory | (typeof VALID_MEMORY_OPTIONS)[number] | Expression<number> | ResetValue | Amount of memory to allocate to the function. |
| minInstances | number | Expression<number> | ResetValue | Min number of actual instances to be running at a given time. |
| preserveExternalChanges | boolean | Controls whether function configuration modified outside of function source is preserved. Defaults to false. |
| secrets | (string | SecretParam)[] | |
| serviceAccount | "default" | string | Expression<string> | ResetValue | Specific service account for the function to run as. |
| timeoutSeconds | number | Expression<number> | ResetValue | Timeout for the function in seconds, possible values are 0 to 540. |
| vpcConnector | string | Expression<string> | ResetValue | Connect cloud function to specified VPC connector. |
| vpcConnectorEgressSettings | (typeof VPC_EGRESS_SETTINGS_OPTIONS)[number] | ResetValue | Egress settings for VPC connector. |
RuntimeOptions.consumeAppCheckToken
Determines whether Firebase App Check token is consumed on request. Defaults to false.
Set this to true to enable the App Check replay protection feature by consuming the App Check token on callable request. Tokens that are found to be already consumed will have the request.app.alreadyConsumed property set to true.
Tokens are only considered to be consumed if it is sent to the App Check service by setting this option to true. Other uses of the token do not consume it.
This replay protection feature requires an additional network call to the App Check backend and forces the clients to obtain a fresh attestation from the chosen attestation providers. This can therefore negatively impact performance and can potentially deplete your attestation providers' quotas faster. Use this feature only for protecting low volume, security critical, or expensive operations.
This option does not affect the enforceAppCheck option. Setting the latter to true will cause the callable function to automatically respond with a 401 Unauthorized status code when the request includes an invalid App Check token. When the request includes valid but consumed App Check tokens, requests will not be automatically rejected. Instead, the request.app.alreadyConsumed property will be set to true and pass the execution to the handler code for making further decisions, such as requiring additional security checks or rejecting the request.
Signature:
consumeAppCheckToken?: boolean;
RuntimeOptions.enforceAppCheck
Determines whether Firebase AppCheck is enforced.
When true, requests with invalid tokens autorespond with a 401 (Unauthorized) error. When false, requests with invalid tokens set context.app to undefiend.
Signature:
enforceAppCheck?: boolean;
RuntimeOptions.failurePolicy
Failure policy of the function, with boolean true being equivalent to providing an empty retry object.
Signature:
failurePolicy?: FailurePolicy | boolean;
RuntimeOptions.ingressSettings
Ingress settings which control where this function can be called from.
Signature:
ingressSettings?: (typeof INGRESS_SETTINGS_OPTIONS)[number] | ResetValue;
RuntimeOptions.invoker
Invoker to set access control on https functions.
Signature:
invoker?: "public" | "private" | string | string[];
RuntimeOptions.labels
User labels to set on the function.
Signature:
labels?: Record<string, string>;
RuntimeOptions.maxInstances
Max number of actual instances allowed to be running in parallel.
Signature:
maxInstances?: number | Expression<number> | ResetValue;
RuntimeOptions.memory
Amount of memory to allocate to the function.
Signature:
memory?: (typeof VALID_MEMORY_OPTIONS)[number] | Expression<number> | ResetValue;
RuntimeOptions.minInstances
Min number of actual instances to be running at a given time.
Instances will be billed for memory allocation and 10% of CPU allocation while idle.
Signature:
minInstances?: number | Expression<number> | ResetValue;
RuntimeOptions.preserveExternalChanges
Controls whether function configuration modified outside of function source is preserved. Defaults to false.
When setting configuration available in the underlying platform that is not yet available in the Firebase Functions SDK, we highly recommend setting preserveExternalChanges to true. Otherwise, when the Firebase Functions SDK releases a new version of the SDK with support for the missing configuration, your function's manually configured setting may inadvertently be wiped out.
Signature:
preserveExternalChanges?: boolean;
RuntimeOptions.secrets
Signature:
secrets?: (string | SecretParam)[];
RuntimeOptions.serviceAccount
Specific service account for the function to run as.
Signature:
serviceAccount?: "default" | string | Expression<string> | ResetValue;
RuntimeOptions.timeoutSeconds
Timeout for the function in seconds, possible values are 0 to 540.
Signature:
timeoutSeconds?: number | Expression<number> | ResetValue;
RuntimeOptions.vpcConnector
Connect cloud function to specified VPC connector.
Signature:
vpcConnector?: string | Expression<string> | ResetValue;
RuntimeOptions.vpcConnectorEgressSettings
Egress settings for VPC connector.
Signature:
vpcConnectorEgressSettings?: (typeof VPC_EGRESS_SETTINGS_OPTIONS)[number] | ResetValue;