Cloud Run YAML Reference

This page describes the YAML representation of the Cloud Run service and job objects.

Cloud Run service YAML

This is the YAML representation of the Service object in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the v1 schema).

apiVersion:serving.knative.dev/v1
kind:Service
metadata:
name:SERVICE_NAME
namespace:PROJECT_NUMBER
labels:
cloud.googleapis.com/location:REGION
annotations:
run.googleapis.com/launch-stage:LAUNCH_STAGE
run.googleapis.com/description:DESCRIPTION
run.googleapis.com/ingress:INGRESS
run.googleapis.com/binary-authorization:POLICY
run.googleapis.com/binary-authorization-breakglass:JUSTIFICATION
run.googleapis.com/minScale:SERVICE_MIN_INSTANCES
run.googleapis.com/maxScale:SERVICE_MAX_INSTANCES
run.googleapis.com/function-target:FUNCTION_ENTRY_POINT
run.googleapis.com/invoker-iam-disabled:INVOKER_IAM_CHECK
run.googleapis.com/iap-enabled:IAP_ENABLED
run.googleapis.com/scalingMode:SCALING_MODE
run.googleapis.com/manualInstanceCount:MANUAL_INSTANCE_COUNT
spec:
template:
metadata:
name:REVISION_NAME
annotations:
autoscaling.knative.dev/minScale:MIN_INSTANCES
autoscaling.knative.dev/maxScale:MAX_INSTANCES
run.googleapis.com/cpu-throttling:CPU_ALLOCATION
run.googleapis.com/startup-cpu-boost:CPU_BOOST
run.googleapis.com/sessionAffinity:SESSION_AFFINITY
run.googleapis.com/cloudsql-instances:CLOUD_SQL_CONNECTION
run.googleapis.com/execution-environment:EXECUTION_ENVIRONMENT
run.googleapis.com/vpc-access-connector:SERVERLESS_VPC_CONNECTOR
run.googleapis.com/vpc-access-egress:EGRESS
run.googleapis.com/network-interfaces:VPC_NETWORK_SETTINGS_IN_JSON
run.googleapis.com/encryption-key:CMEK
run.googleapis.com/custom-audiences:'["AUDIENCE1","AUDIENCE2"]'
run.googleapis.com/container-dependencies:CONTAINER_START_ORDER
run.googleapis.com/base-images:'{"":"BASE_IMAGE"}'
spec:
containerConcurrency:MAX_CONCURRENCY
timeoutSeconds:REQUEST_TIMEOUT
nodeSelector:
run.googleapis.com/accelerator:GPU_TYPE
serviceAccountName:SERVICE_ACCOUNT_EMAIL
containers:
-image:IMAGE
name:CONTAINER_NAME
command:
-COMMAND1
-COMMAND2
args:
-ARGUMENT1
-ARGUMENT2
ports:
-name:HTTP1_OR_H2C
containerPort:PORT
env:
-name:KEY
value:VALUE
resources:
limits:
cpu:CPU_LIMIT
memory:MEMORY_LIMIT
nvidia.com/gpu:GPU_NUMBER
volumeMounts:
-name:VOLUME_NAME
mountPath:MOUNT_PATH
startupProbe:
httpGet:
path:CHECK_PATH
httpHeaders:
-name:HEADER_NAME
value:HEADER_VALUE
port:PORT
tcpSocket:
port:PORT
grpc:
service:GRPC_SERVICE
port:PORT
initialDelaySeconds:DELAY
timeoutSeconds:TIMEOUT
failureThreshold:THRESHOLD
periodSeconds:PERIOD
livenessProbe:
httpGet:
path:CHECK_PATH
port:PORT
httpHeaders:
-name:HEADER_NAME
value:HEADER_VALUE
grpc:
service:GRPC_SERVICE
port:PORT
initialDelaySeconds:DELAY
timeoutSeconds:TIMEOUT
failureThreshold:THRESHOLD
periodSeconds:PERIOD
readinessProbe:
httpGet:
path:CHECK_PATH
port:PORT
grpc:
service:GRPC_SERVICE
port:PORT
timeoutSeconds:TIMEOUT
successThreshold:SUCCESS_THRESHOLD
failureThreshold:FAILURE_THRESHOLD
periodSeconds:PERIOD
-image:SIDECAR_IMAGE
name:SIDECAR_NAME
volumes:
-name:VOLUME_NAME
secret:
secretName:SECRET
items:
-key:SECRET_VERSION
path:PATH
-name:VOLUME_NAME
emptyDir:
sizeLimit:IN_MEMORY_VOLUME_SIZE
medium:Memory
-name:VOLUME_NAME
csi:
driver:gcsfuse.run.googleapis.com
readOnly:IS_READ_ONLY
volumeAttributes:
bucketName:BUCKET_NAME
mountOptions:OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE
-name:VOLUME_NAME
nfs:
server:IP_ADDRESS
path:NFS_PATH
readonly:IS_READ_ONLY
runtimeClassName:BASE_IMAGE_UPDATE
traffic:
-percent:PERCENT_TO_LATEST
latestRevision:true
-percent:PERCENT_TO_REVISION
revisionName:REVISION_NAME
-tag:TAG
revisionName:REVISION_NAME

With:

  • LAUNCH_STAGE: Set to BETA to use Preview features.
  • REVISION_NAME: Optional name for the revision to be created.
  • CONTAINER_NAME: Optional name for the container within a revision. Automatically generated if not supplied by the user.

Cloud Run job YAML

This is the YAML representation of the Job object in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the v1 schema).

apiVersion:run.googleapis.com/v1
kind:Job
metadata:
name:JOB_NAME
namespace:PROJECT_NUMBER
labels:
cloud.googleapis.com/location:REGION
annotations:
run.googleapis.com/launch-stage:LAUNCH_STAGE
run.googleapis.com/binary-authorization:POLICY
run.googleapis.com/binary-authorization-breakglass:JUSTIFICATION
spec:
template:
metadata:
annotations:
run.googleapis.com/cloudsql-instances:CLOUD_SQL_CONNECTION
run.googleapis.com/vpc-access-connector:SERVERLESS_VPC_CONNECTOR
run.googleapis.com/vpc-access-egress:EGRESS
run.googleapis.com/network-interfaces:VPC_NETWORK_SETTINGS_IN_JSON
run.googleapis.com/encryption-key:CMEK
spec:
parallelism:PARALLELISM
taskCount:TASK_COUNT
template:
spec:
maxRetries:MAX_RETRIES
timeoutSeconds:TASK_TIMEOUT
serviceAccountName:SERVICE_ACCOUNT_EMAIL
nodeSelector:
run.googleapis.com/accelerator:GPU_TYPE
containers:
-image:IMAGE
command:
-COMMAND1
-COMMAND2
args:
-ARGUMENT1
-ARGUMENT2
env:
-name:KEY
value:VALUE
resources:
limits:
cpu:CPU_LIMIT
memory:MEMORY_LIMIT
nvidia.com/gpu:GPU_NUMBER
volumeMounts:
-name:VOLUME_NAME
mountPath:MOUNT_PATH
-image:SIDECAR_IMAGE
name:SIDECAR_NAME
volumes:
-name:VOLUME_NAME
secret:
secretName:SECRET
items:
-key:SECRET_VERSION
path:PATH
-name:VOLUME_NAME
emptyDir:
sizeLimit:IN_MEMORY_VOLUME_SIZE
medium:Memory
-name:VOLUME_NAME
csi:
driver:gcsfuse.run.googleapis.com
readOnly:IS_READ_ONLY
volumeAttributes:
bucketName:BUCKET_NAME
mountOptions:OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE
-name:VOLUME_NAME
nfs:
server:IP_ADDRESS
path:NFS_PATH
readonly:IS_READ_ONLY

With:

  • LAUNCH_STAGE: Set to BETA to use Preview features.

Cloud Run worker pool YAML

This is the YAML representation of the WorkerPool object in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the v1 schema).

apiVersion:run.googleapis.com/v1
kind:WorkerPool
metadata:
name:WORKERPOOL_NAME
namespace:PROJECT_NUMBER
labels:
cloud.googleapis.com/location:REGION
annotations:
run.googleapis.com/launch-stage:LAUNCH_STAGE
run.googleapis.com/description:DESCRIPTION
run.googleapis.com/binary-authorization:POLICY
run.googleapis.com/binary-authorization-breakglass:JUSTIFICATION
run.googleapis.com/manualInstanceCount:MANUAL_INSTANCE_COUNT
spec:
template:
metadata:
name:REVISION_NAME
annotations:
run.googleapis.com/cloudsql-instances:CLOUD_SQL_CONNECTION
run.googleapis.com/vpc-access-egress:EGRESS
run.googleapis.com/network-interfaces:VPC_NETWORK_SETTINGS_IN_JSON
run.googleapis.com/encryption-key:CMEK
run.googleapis.com/container-dependencies:CONTAINER_START_ORDER
spec:
nodeSelector:
run.googleapis.com/accelerator:GPU_TYPE
serviceAccountName:SERVICE_ACCOUNT_EMAIL
containers:
-image:IMAGE
name:CONTAINER_NAME
command:
-COMMAND1
-COMMAND2
args:
-ARGUMENT1
-ARGUMENT2
env:
-name:KEY
value:VALUE
resources:
limits:
cpu:CPU_LIMIT
memory:MEMORY_LIMIT
nvidia.com/gpu:GPU_NUMBER
volumeMounts:
-name:VOLUME_NAME
mountPath:MOUNT_PATH
-image:SIDECAR_IMAGE
name:SIDECAR_NAME
volumes:
-name:VOLUME_NAME
secret:
secretName:SECRET
items:
-key:SECRET_VERSION
path:PATH
-name:VOLUME_NAME
emptyDir:
sizeLimit:IN_MEMORY_VOLUME_SIZE
medium:Memory
-name:VOLUME_NAME
csi:
driver:gcsfuse.run.googleapis.com
readOnly:IS_READ_ONLY
volumeAttributes:
bucketName:BUCKET_NAME
mountOptions:OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE
-name:VOLUME_NAME
nfs:
server:IP_ADDRESS
path:NFS_PATH
readonly:IS_READ_ONLY
instanceSplits:
-percent:PERCENT_TO_LATEST
latestRevision:true
-percent:PERCENT_TO_REVISION
revisionName:REVISION_NAME

With:

  • LAUNCH_STAGE: Set to BETA to use Preview features.
  • REVISION_NAME: Optional name for the revision to be created.
  • CONTAINER_NAME: Optional name for the container within a revision. Automatically generated if not supplied by the user.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年11月21日 UTC.