Cloud Run YAML Reference
Stay organized with collections
Save and categorize content based on your preferences.
This page describes the YAML representation of the Cloud Run service and job objects.
Cloud Run service YAML
This is the YAML representation of the Service object
in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the
v1 schema).
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: SERVICE_NAME
namespace: PROJECT_NUMBER
labels:
cloud.googleapis.com/location: REGION
annotations:
run.googleapis.com/launch-stage: LAUNCH_STAGE
run.googleapis.com/description: DESCRIPTION
run.googleapis.com/ingress: INGRESS
run.googleapis.com/binary-authorization: POLICY
run.googleapis.com/binary-authorization-breakglass: JUSTIFICATION
run.googleapis.com/minScale: SERVICE_MIN_INSTANCES
run.googleapis.com/maxScale: SERVICE_MAX_INSTANCES
run.googleapis.com/function-target: FUNCTION_ENTRY_POINT
run.googleapis.com/invoker-iam-disabled: INVOKER_IAM_CHECK
run.googleapis.com/iap-enabled: IAP_ENABLED
run.googleapis.com/scalingMode: SCALING_MODE
run.googleapis.com/manualInstanceCount: MANUAL_INSTANCE_COUNT
spec:
template:
metadata:
name: REVISION_NAME
annotations:
autoscaling.knative.dev/minScale: MIN_INSTANCES
autoscaling.knative.dev/maxScale: MAX_INSTANCES
run.googleapis.com/cpu-throttling: CPU_ALLOCATION
run.googleapis.com/startup-cpu-boost: CPU_BOOST
run.googleapis.com/sessionAffinity: SESSION_AFFINITY
run.googleapis.com/cloudsql-instances: CLOUD_SQL_CONNECTION
run.googleapis.com/execution-environment: EXECUTION_ENVIRONMENT
run.googleapis.com/vpc-access-connector: SERVERLESS_VPC_CONNECTOR
run.googleapis.com/vpc-access-egress: EGRESS
run.googleapis.com/network-interfaces: VPC_NETWORK_SETTINGS_IN_JSON
run.googleapis.com/encryption-key: CMEK
run.googleapis.com/custom-audiences: '["AUDIENCE1","AUDIENCE2"]'
run.googleapis.com/container-dependencies: CONTAINER_START_ORDER
run.googleapis.com/base-images: '{"":"BASE_IMAGE"}'
spec:
containerConcurrency: MAX_CONCURRENCY
timeoutSeconds: REQUEST_TIMEOUT
nodeSelector:
run.googleapis.com/accelerator: GPU_TYPE
serviceAccountName: SERVICE_ACCOUNT_EMAIL
containers:
- image: IMAGE
name: CONTAINER_NAME
command:
- COMMAND1
- COMMAND2
args:
- ARGUMENT1
- ARGUMENT2
ports:
- name: HTTP1_OR_H2C
containerPort: PORT
env:
- name: KEY
value: VALUE
resources:
limits:
cpu: CPU_LIMIT
memory: MEMORY_LIMIT
nvidia.com/gpu: GPU_NUMBER
volumeMounts:
- name: VOLUME_NAME
mountPath: MOUNT_PATH
startupProbe:
httpGet:
path: CHECK_PATH
httpHeaders:
- name: HEADER_NAME
value: HEADER_VALUE
port: PORT
tcpSocket:
port: PORT
grpc:
service: GRPC_SERVICE
port: PORT
initialDelaySeconds: DELAY
timeoutSeconds: TIMEOUT
failureThreshold: THRESHOLD
periodSeconds: PERIOD
livenessProbe:
httpGet:
path: CHECK_PATH
port: PORT
httpHeaders:
- name: HEADER_NAME
value: HEADER_VALUE
grpc:
service: GRPC_SERVICE
port: PORT
initialDelaySeconds: DELAY
timeoutSeconds: TIMEOUT
failureThreshold: THRESHOLD
periodSeconds: PERIOD
- image: SIDECAR_IMAGE
name: SIDECAR_NAME
volumes:
- name: VOLUME_NAME
secret:
secretName: SECRET
items:
- key: SECRET_VERSION
path: PATH
- name: VOLUME_NAME
emptyDir:
sizeLimit: IN_MEMORY_VOLUME_SIZE
medium: Memory
- name: VOLUME_NAME
csi:
driver: gcsfuse.run.googleapis.com
readOnly: IS_READ_ONLY
volumeAttributes:
bucketName: BUCKET_NAME
mountOptions: OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE
- name: VOLUME_NAME
nfs:
server: IP_ADDRESS
path: NFS_PATH
readonly: IS_READ_ONLY
runtimeClassName: BASE_IMAGE_UPDATE
traffic:
- percent: PERCENT_TO_LATEST
latestRevision: true
- percent: PERCENT_TO_REVISION
revisionName: REVISION_NAME
- tag: TAG
revisionName: REVISION_NAME
With:
LAUNCH_STAGE: Set to BETA to use Preview features.REVISION_NAME: Optional name for the revision to be created.CONTAINER_NAME: Optional name for the container within a revision.
Automatically generated if not supplied by the user.
Cloud Run job YAML
This is the YAML representation of the Job object
in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the
v1 schema).
apiVersion: run.googleapis.com/v1
kind: Job
metadata:
name: JOB_NAME
namespace: PROJECT_NUMBER
labels:
cloud.googleapis.com/location: REGION
annotations:
run.googleapis.com/launch-stage: LAUNCH_STAGE
run.googleapis.com/binary-authorization: POLICY
run.googleapis.com/binary-authorization-breakglass: JUSTIFICATION
spec:
template:
metadata:
annotations:
run.googleapis.com/cloudsql-instances: CLOUD_SQL_CONNECTION
run.googleapis.com/vpc-access-connector: SERVERLESS_VPC_CONNECTOR
run.googleapis.com/vpc-access-egress: EGRESS
run.googleapis.com/network-interfaces: VPC_NETWORK_SETTINGS_IN_JSON
run.googleapis.com/encryption-key: CMEK
spec:
parallelism: PARALLELISM
taskCount: TASK_COUNT
template:
spec:
maxRetries: MAX_RETRIES
timeoutSeconds: TASK_TIMEOUT
serviceAccountName: SERVICE_ACCOUNT_EMAIL
nodeSelector:
run.googleapis.com/accelerator: GPU_TYPE
containers:
- image: IMAGE
command:
- COMMAND1
- COMMAND2
args:
- ARGUMENT1
- ARGUMENT2
env:
- name: KEY
value: VALUE
resources:
limits:
cpu: CPU_LIMIT
memory: MEMORY_LIMIT
nvidia.com/gpu: GPU_NUMBER
volumeMounts:
- name: VOLUME_NAME
mountPath: MOUNT_PATH
- image: SIDECAR_IMAGE
name: SIDECAR_NAME
volumes:
- name: VOLUME_NAME
secret:
secretName: SECRET
items:
- key: SECRET_VERSION
path: PATH
- name: VOLUME_NAME
emptyDir:
sizeLimit: IN_MEMORY_VOLUME_SIZE
medium: Memory
- name: VOLUME_NAME
csi:
driver: gcsfuse.run.googleapis.com
readOnly: IS_READ_ONLY
volumeAttributes:
bucketName: BUCKET_NAME
mountOptions: OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE
- name: VOLUME_NAME
nfs:
server: IP_ADDRESS
path: NFS_PATH
readonly: IS_READ_ONLY
With:
LAUNCH_STAGE: Set to BETA to use Preview features.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-08-25 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Cloud Run YAML Reference\n\nThis page describes the YAML representation of the Cloud Run service and job objects.\n\nCloud Run service YAML\n----------------------\n\nThis is the YAML representation of the [Service object](/run/docs/reference/rest/v1/namespaces.services#Service)\nin the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the\n[v1 schema](https://run.googleapis.com/$discovery/rest?version=v1)). \n\n```yaml\napiVersion: serving.knative.dev/v1\nkind: Service\nmetadata:\n name: SERVICE_NAME\n namespace: PROJECT_NUMBER\n labels:\n cloud.googleapis.com/location: REGION\n annotations:\n run.googleapis.com/launch-stage: LAUNCH_STAGE\n run.googleapis.com/description: DESCRIPTION\n run.googleapis.com/ingress: INGRESS\n run.googleapis.com/binary-authorization: POLICY\n run.googleapis.com/binary-authorization-breakglass: JUSTIFICATION\n run.googleapis.com/minScale: SERVICE_MIN_INSTANCES\n run.googleapis.com/maxScale: SERVICE_MAX_INSTANCES\n run.googleapis.com/function-target: FUNCTION_ENTRY_POINT\n run.googleapis.com/invoker-iam-disabled: INVOKER_IAM_CHECK\n run.googleapis.com/iap-enabled: IAP_ENABLED\n run.googleapis.com/scalingMode: SCALING_MODE\n run.googleapis.com/manualInstanceCount: MANUAL_INSTANCE_COUNT\nspec:\n template:\n metadata:\n name: REVISION_NAME\n annotations:\n autoscaling.knative.dev/minScale: MIN_INSTANCES\n autoscaling.knative.dev/maxScale: MAX_INSTANCES\n run.googleapis.com/cpu-throttling: CPU_ALLOCATION\n run.googleapis.com/startup-cpu-boost: CPU_BOOST\n run.googleapis.com/sessionAffinity: SESSION_AFFINITY\n run.googleapis.com/cloudsql-instances: CLOUD_SQL_CONNECTION\n run.googleapis.com/execution-environment: EXECUTION_ENVIRONMENT\n run.googleapis.com/vpc-access-connector: SERVERLESS_VPC_CONNECTOR\n run.googleapis.com/vpc-access-egress: EGRESS\n run.googleapis.com/network-interfaces: VPC_NETWORK_SETTINGS_IN_JSON\n run.googleapis.com/encryption-key: CMEK\n run.googleapis.com/custom-audiences: '[\"/run/docs/configuring/custom-audiences\",\"/run/docs/configuring/custom-audiences\"]'\n run.googleapis.com/container-dependencies: CONTAINER_START_ORDER\n run.googleapis.com/base-images: '{\"\":\"/run/docs/configuring/services/runtime-base-images#how_to_obtain_runtime_base_images\"}'\n spec:\n containerConcurrency: MAX_CONCURRENCY\n timeoutSeconds: REQUEST_TIMEOUT\n nodeSelector:\n run.googleapis.com/accelerator: GPU_TYPE\n serviceAccountName: SERVICE_ACCOUNT_EMAIL\n containers:\n - image: IMAGE\n name: CONTAINER_NAME\n command:\n - COMMAND1\n - COMMAND2\n args:\n - ARGUMENT1\n - ARGUMENT2\n ports:\n - name: HTTP1_OR_H2C\n containerPort: PORT\n env:\n - name: KEY\n value: VALUE\n resources:\n limits:\n cpu: CPU_LIMIT\n memory: MEMORY_LIMIT\n nvidia.com/gpu: GPU_NUMBER\n volumeMounts:\n - name: VOLUME_NAME\n mountPath: MOUNT_PATH\n startupProbe:\n httpGet:\n path: CHECK_PATH\n httpHeaders:\n - name: HEADER_NAME\n value: HEADER_VALUE\n port: PORT\n tcpSocket:\n port: PORT\n grpc:\n service: GRPC_SERVICE\n port: PORT\n initialDelaySeconds: DELAY\n timeoutSeconds: TIMEOUT\n failureThreshold: THRESHOLD\n periodSeconds: PERIOD\n livenessProbe:\n httpGet:\n path: CHECK_PATH\n port: PORT\n httpHeaders:\n - name: HEADER_NAME\n value: HEADER_VALUE\n grpc:\n service: GRPC_SERVICE\n port: PORT\n initialDelaySeconds: DELAY\n timeoutSeconds: TIMEOUT\n failureThreshold: THRESHOLD\n periodSeconds: PERIOD\n - image: SIDECAR_IMAGE\n name: SIDECAR_NAME\n volumes:\n - name: VOLUME_NAME\n secret:\n secretName: SECRET\n items:\n - key: SECRET_VERSION\n path: PATH\n - name: VOLUME_NAME\n emptyDir:\n sizeLimit: IN_MEMORY_VOLUME_SIZE\n medium: Memory\n - name: VOLUME_NAME\n csi:\n driver: gcsfuse.run.googleapis.com\n readOnly: IS_READ_ONLY\n volumeAttributes:\n bucketName: BUCKET_NAME\n mountOptions: OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE\n - name: VOLUME_NAME\n nfs:\n server: IP_ADDRESS\n path: NFS_PATH\n readonly: IS_READ_ONLY\n runtimeClassName: BASE_IMAGE_UPDATE\n traffic:\n - percent: PERCENT_TO_LATEST\n latestRevision: true\n - percent: PERCENT_TO_REVISION\n revisionName: REVISION_NAME\n - tag: TAG\n revisionName: REVISION_NAME\n```\n\nWith:\n\n- `LAUNCH_STAGE`: Set to `BETA` to use Preview features.\n- `REVISION_NAME`: Optional name for the revision to be created.\n- `CONTAINER_NAME`: Optional name for the container within a revision. Automatically generated if not supplied by the user.\n\nCloud Run job YAML\n------------------\n\nThis is the YAML representation of the [Job object](/run/docs/reference/rest/v1/namespaces.jobs#Job)\nin the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the\n[v1 schema](https://run.googleapis.com/$discovery/rest?version=v1)). \n\n```yaml\napiVersion: run.googleapis.com/v1\nkind: Job\nmetadata:\n name: JOB_NAME\n namespace: PROJECT_NUMBER\n labels:\n cloud.googleapis.com/location: REGION\n annotations:\n run.googleapis.com/launch-stage: LAUNCH_STAGE\n run.googleapis.com/binary-authorization: POLICY\n run.googleapis.com/binary-authorization-breakglass: JUSTIFICATION\nspec:\n template:\n metadata:\n annotations:\n run.googleapis.com/cloudsql-instances: CLOUD_SQL_CONNECTION\n run.googleapis.com/vpc-access-connector: SERVERLESS_VPC_CONNECTOR\n run.googleapis.com/vpc-access-egress: EGRESS\n run.googleapis.com/network-interfaces: VPC_NETWORK_SETTINGS_IN_JSON\n run.googleapis.com/encryption-key: CMEK\n spec:\n parallelism: PARALLELISM\n taskCount: TASK_COUNT\n template:\n spec:\n maxRetries: MAX_RETRIES\n timeoutSeconds: TASK_TIMEOUT\n serviceAccountName: SERVICE_ACCOUNT_EMAIL\n nodeSelector:\n run.googleapis.com/accelerator: GPU_TYPE\n containers:\n - image: IMAGE\n command:\n - COMMAND1\n - COMMAND2\n args:\n - ARGUMENT1\n - ARGUMENT2\n env:\n - name: KEY\n value: VALUE\n resources:\n limits:\n cpu: CPU_LIMIT\n memory: MEMORY_LIMIT\n nvidia.com/gpu: GPU_NUMBER\n volumeMounts:\n - name: VOLUME_NAME\n mountPath: MOUNT_PATH\n - image: SIDECAR_IMAGE\n name: SIDECAR_NAME\n volumes:\n - name: VOLUME_NAME\n secret:\n secretName: SECRET\n items:\n - key: SECRET_VERSION\n path: PATH\n - name: VOLUME_NAME\n emptyDir:\n sizeLimit: IN_MEMORY_VOLUME_SIZE\n medium: Memory\n - name: VOLUME_NAME\n csi:\n driver: gcsfuse.run.googleapis.com\n readOnly: IS_READ_ONLY\n volumeAttributes:\n bucketName: BUCKET_NAME\n mountOptions: OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE\n - name: VOLUME_NAME\n nfs:\n server: IP_ADDRESS\n path: NFS_PATH\n readonly: IS_READ_ONLY\n```\n\nWith:\n\n- `LAUNCH_STAGE`: Set to `BETA` to use Preview features."]]
