Scheduling Google Cloud VM to automatically startup and shutdown at certain times

Question

The virtual machine is already setup. I just need help trying to schedule it.

I tried using this as a reference but it didn't work: https://medium.com/martinomburajr/using-cloud-scheduler-to-resurrect-preempted-virtual-machines-c637c6d7f098

Here's what I've been doing so far (to no avail):

1. Setup a service account with admin
2. Created a cloud function which should start up the virtual machine
3. Created a cloud scheduler which should make an HTTP request to the function

Problem is that when I request to the function, it says status: "PERMISSION_DENIED"

I would really appreciate if someone had any detailed instructions on how to do this.

Thanks.

Answer 1

I would strongly recommend disabling 'Allow unauthenticated invocations' as that allows anyone to call the function over the public internet. Since, the function starts VMs, any security breach could be quite costly.

Instead, configure the Cloud Scheduler job to invoke the Cloud function with a service account.

The steps to achieve are documented at https://cloud.google.com/scheduler/docs/http-target-auth.

In summary for your use case:

1. Create a client service account.
2. Grant the client service account the Cloud Function Invoker role to the function
3. Configure the Cloud Scheduler job to use the client service account.

With the above setup, the client service account will be able to invoke the function and the general public will not be able to invoke the function.