Cloud Run functions controls for generative AI use cases
This document includes the best practices and guidelines for Cloud Run functions when running generative AI workloads on Google Cloud. UseCloud Run functions with Vertex AI to automate tasks, serve predictions, trigger training jobs, integrate with other services, and build event-driven ML pipelines.
Consider the following use cases for Cloud Run functions with Vertex AI:
- Ability to preprocess and post-process data: Cloud Runfunctions can preprocess data before sending it to yourVertex AI model for training or prediction. For example, afunction can clean and normalize data, or extract features from it. Similarly,Cloud Run functions can post-process the output of yourVertex AI model. For example, a function can format the outputdata, or to send it to another service for further analysis.
- Automatic triggers for Vertex AI training jobs: To automate the trainingof Vertex AI models, you can trigger Cloud Runfunctions using events from various Google Cloud services, such asCloud Storage, Pub/Sub, and Cloud Scheduler. For example, you cancreate a function that is triggered when a new file is uploaded toCloud Storage. This function can start a Vertex AItraining job to train your model on the new data.
- Ability to serve predictions: Cloud Run functions can servepredictions from your Vertex AI models, letting you create anAPI endpoint for your model without having to manage any infrastructure. Forexample, you can write a function that takes an image as input, and outputs aprediction from yourVertex AI image classification model. You can then deploy this function as an HTTP API endpoint.
- Event-driven ML workflows: You can use Cloud Run functionsto build event-driven ML workflows. For example, a function can trigger aVertex AI prediction job when a new record is added to aPub/Sub topic. This function lets you process data in real timeand take action based on your model predictions.
- Integration with other services: You can integrateCloud Run functions with other Google Cloud services,such as Cloud Storage, BigQuery, and CloudFirestore. Integration lets you build complex ML pipelines that connectdifferent services together.
- Cost scaling: Cloud Run functions lets you only pay for theresources that your function uses while it's running. Additionally,Cloud Run functions are automatically scaled to meet demand, sothat you maintain appropriate resources during peak traffic.
Required Cloud Run functions controls
The following controls are strongly recommended when usingCloud Run functions.
Require VPC connector for Cloud Run functions
| Google control ID | CF-CO-4.4 |
|---|---|
| Category | Required |
| Description | The |
| Applicable products |
|
| Path | constraints/cloudfunctions.requireVPCConnector |
| Operator | = |
| Value |
|
| Type | Boolean |
| Related NIST-800-53 controls |
|
| Related CRI profile controls |
|
| Related information |
What's next
ReviewCloud Storagecontrols.
See moreGoogle Cloud security best practices and guidelines for generativeAI workloads.
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-12-16 UTC.