0

We have an HTTP triggered Cloud Function that has permissions set up via IAM. From our Python App Engine, how do we invoke the cloud function using a GCP Service Account?

Using the cloud functions service, we are able to call:

functions_service.projects().locations().functions().call(name=function_name)

This works, as the service adds the Bearer Authentication HTTP header. However, according to the docs (here and here), using the call() method to invoke the cloud function means we have a strict rate limit of 16/100s which is not suitable for production.

If we try calling the cloud function directly, via the https://[region]-[projectId].cloudfunctions.net/[functionName] URL, it does not authenticate (responds with 401), even with the Bearer Authentication HTTP header described above.

Gwyn Howell
  • 5,365
  • 2
  • 31
  • 48
Jack Tidbury
  • 41
  • 2
  • Where are you seeing this quota limit? The invoke quota is 100,000,000 per 100 seconds. https://cloud.google.com/functions/quotas#rate_limits – John Hanley Feb 28 '20 at 19:10
  • @JohnHanley in the link you provided under "API calls (CALL)" – Gwyn Howell Mar 02 '20 at 19:42
  • For what you mention, what you are trying to achieve is similar to [this](https://stackoverflow.com/questions/54777411/calling-cloud-function-from-app-engine-runtime-python-3-7), if you need to use a service account, I would recommend just to authenticate it in the application when you are going to call the function – rsalinas Mar 03 '20 at 09:50

0 Answers0