Available in VPC
You can create an action in Cloud Functions > Action on the NAVER Cloud Platform console. To create an action:
- In the VPC environment of the NAVER Cloud Platform console, navigate to
> Services > Compute > Cloud Functions. - Click the Action menu.
- Click [Create action].
- Set up the content of the action to create.
- Basic information: Set the package, action type, name, and description.
- Source code: Write code manually in the console using the selected language or upload a code file.
- Default parameter: Write default parameter code for the action.
- VPC connection information: Set the VPC and Subnet for accessing VPC resources.
- Option settings: Set the action main function name, memory, timeout, and web action.
- Click [Save].
Basic information
Set up basic information required for creating an action. The following describes each basic information item:
- Package: Select the package the action belongs to. If you need to create a new package to include your action, click [+Create].
- Type: Select the action type.
- Basic action: Runs a single action as the basic action type.
- Web action: Runs a single action and processes HTTP requests and responses when integrated with an API Gateway trigger using the HTTP type.
- Sequence action: Connect multiple actions and run them in sequence.
- Sequence web action: Connect multiple web actions and run them in sequence.
- Name: Enter the action's name by combining upper and lowercase letters, numbers, hyphens, and/or underscores. However, you cannot use hyphen as the first character, and the name cannot duplicate other resource (package, action, trigger) names.
- For example, if the package name is
package_nameand the action name isaction_name, the action name format within the package is as follows:package_name/action_name
- For example, if the package name is
- Description: Enter a description for the action you want to create.
- It is possible to create an action without selecting a package so that it does not belong to any package, but it is better to create a package and put the action in the package.
- For detailed configuration and usage of web actions, see API Gateway trigger.
- To set sequence type or sequence web actions, see Sequence action.
- Make your decisions carefully as an action's type and name cannot be edited.
Source code
You can write the action code directly in the console in your desired language or upload a code file. If you do not set runtime parameters at execution time, the default parameters of the package, linked trigger, or action are used. If you do not write separate code for additional settings beyond runtime parameters, default values apply for the related settings, and some values cannot be changed after creation, so proceed with caution. The following describes each source code item:
- Runtime: Select the language and runtime version for the source code
You can select recommended versions for each language. To select other versions, click others.
- Type: Select how you want to write the source code.
- Code: Write manually in the console.
- File: Click Drag and drop file here or click to select to upload your source code files.
- Java codes cannot be written directly on the console. They must be compiled and uploaded as a JAR file.
- .Net codes can only be uploaded as a ZIP file format.
Code writing examples
There are language-specific code examples of an action that receives the parameter Params and returns the corresponding strings if Name and Place exist in Params, or returns World and Ncloud if they do not. Use this as a reference when writing the source code.
For code uploaded as a ZIP or JAR file, the writing method is predefined. Make sure to follow the writing guide.
-
Node.js
function main(params) { var name = params.name || 'World'; var place = params.place || 'Ncloud'; return {payload: 'Hello, ' + name + ' in ' + place + '!'}; } -
Python 3
def main(args): name = args.get("name", "World") place = args.get("place", "Ncloud") return {"payload": "Hello, " + name + " in " + place + "!"} -
Swift 3.1.1
func main(args: [String:Any]) -> [String:Any] { let name = args["name"] ?? "World" let place = args["place"] ?? "Ncloud" return [ "payload" : "Hello, \(name) in \(place)"] } -
PHP 7
<?php function main(array $args) : array { $name = $args["name"] ?? "World"; $place = $args["place"] ?? "Ncloud"; return ["greeting" => "Hello, $name in $place!"]; } ?> -
Java 8
import com.google.gson.JsonObject; public class Hello { public static JsonObject main(JsonObject args) { String name = "World"; String place = "Ncloud"; if (args.has("name")) name = args.getAsJsonPrimitive("name").getAsString(); if (args.has("place")) place = args.getAsJsonPrimitive("place").getAsString(); JsonObject response = new JsonObject(); response.addProperty("payload", "Hello, " + name + " in " + place + "!"); return response; } }
Default parameter
You can enter a default parameter which can be applied to actions by default rather than forwarding a parameter every time an action is run. An action's default parameter has a higher priority of application than a package parameter, and lower priority of application compared to trigger parameters or runtime parameters which are forwarded at the time of running the action. However, if you use the encryption settings, the decrypted parameters are applied with the highest priority. The following describes each default parameter item:
- Input box: Enter values in JSON format.
The following shows an example of default parameters in JSON format:
{
"name": "NCloud",
"place": "Cloud Function"
}
Example codes
function main(params) {
let name = params.name || "World";
let place = params.place || "Naver";
return {payload: "Hello, " + name + " in " + place + "!"};
}
Execution result
{"payload":"Hello, NCloud in Cloud Function!"}
Encryption of default parameter
If you want to use data needed for actions safely, you can integrate with Key Management Service by setting encryption of the default parameter of actions. Key Management Service is a service of NAVER Cloud Platform for protecting the key used for encrypting important information of users under strict and safe policies.
In the action default parameter encryption settings, you can encrypt and safely save the data to be used for actions by using the safe key management service of the Key Management Service and when the actions are executed, you can conveniently use the decrypted data.
- Default parameter encryption settings are supported only for VPC platforms.
- For more information on how to use Key Management Service, see the Key Management Service user guide.
- If you subscribe to the Key Management Service, an additional fee will be charged.
For more information on Key Management Service and its pricing plans, see Key Management Service overview. - Cloud Functions' default parameter uses the key type "AES-256" in the Key Management Service as the master key for encryption. If you determine that encryption/decryption through the AES-256 symmetric key is not appropriate in accordance with the properties of the data, apply a separate data protection method.
- Keys with the Convergent Encryption method set are not supported.
- When using the default parameter encryption settings, the decrypted parameters are given the highest priority.
- In Key Management Service, keys are divided into global and Region-isolated keys based on key boundaries. Global keys are supported in all Regions, while Region-isolated keys are only supported in the Korea and Japan Regions. For more information on Region-isolated keys, see Key Management Service key isolation.
- To avoid exposing sensitive information, do not record decrypted parameters as logs or include decrypted parameters in the action result.
Examples
- Write it to meet the JSON format of the data to use in the default parameter area. Only string type data with a depth of 1 among the written JSON data is supported for encryption.
.png?sv=2022-11-02&spr=https&st=2026-02-14T03%3A55%3A19Z&se=2026-02-14T04%3A15%3A19Z&sr=c&sp=r&sig=sPXryBnzeLzpshEcyMKSNMi04w1MIufJ3RE4y8e0%2BTs%3D)
- Turn encryption ON and select the key boundary for the Ncloud Key Management Service you want to use. The boundary selection area is only displayed in the Korea and Japan Regions, which support isolated keys. In all other environments, the global key is displayed by default. For more information on Region-isolated keys, see Key Management Service key isolation.
.png?sv=2022-11-02&spr=https&st=2026-02-14T03%3A55%3A19Z&se=2026-02-14T04%3A15%3A19Z&sr=c&sp=r&sig=sPXryBnzeLzpshEcyMKSNMi04w1MIufJ3RE4y8e0%2BTs%3D)
- Select an AES-256 key from Ncloud Key Management Service. You can select 1 key per action.
.png?sv=2022-11-02&spr=https&st=2026-02-14T03%3A55%3A19Z&se=2026-02-14T04%3A15%3A19Z&sr=c&sp=r&sig=sPXryBnzeLzpshEcyMKSNMi04w1MIufJ3RE4y8e0%2BTs%3D)
- Select the JSON key of the default parameter you want to encrypt, and click [Apply].
.png?sv=2022-11-02&spr=https&st=2026-02-14T03%3A55%3A19Z&se=2026-02-14T04%3A15%3A19Z&sr=c&sp=r&sig=sPXryBnzeLzpshEcyMKSNMi04w1MIufJ3RE4y8e0%2BTs%3D)
- The default parameter falling under the selected JSON key is encrypted, and the encrypted parameter JSON key is displayed on the lower end of the parameter key area.
- Complete action creation and run action.
VPC connection information
Use an action to be able to access your own VPC resources. If you use Cloud Functions in a VPC environment, then VPC resource connection must be set up. The following describes each VPC connection information item:
- VPC: Click and select the VPC name to be accessed by the action. To create a new VPC, click [Create VPC].
- Subnet: Select the Subnet that will be used when accessing the selected VPC.
- Supported Subnet types: Private only.
- Public Subnet resource access method: Available through ACG settings in the same way as Private Subnet resources.
- Internet access method for actions connected to a Private Subnet: Available by configuring a NAT Gateway for the Subnet. For more information on how to configure, see NAT Gateway user guide.
Cloud Functions supports multi-zone in each Region when you set up VPC resource access to guarantee high availability. Information on the zones supported in each Region is as follows:
- Korea: KR-2
- Singapore: SGN-4, SGN-5
- Japan: JPN-4, JPN-5
You can select 1 VPC per action, and add 1 Subnet per Zone.
Set ACG
Once you have completed VPC and Subnet settings, you need to set ACG for the resource to be accessed to enable access to the VPC resource within the action code.
For more information to how to use ACG, see the ACG user guide.
When you create a Cloud Functions action in a VPC environment, an alias in the format cloudfunctions-vpc-{vpc ID} is automatically created as an access source that can be used in the ACG settings of the connected VPC environment. Add this automatically created alias to the Inbound rule access source of the ACG.
You can check the VPC ID in > Services > Networking > VPC > VPC Management on the VPC environment NAVER Cloud Platform console.
For example, to access a server created in a VPC from the action code, click the Inbound tab of the ACG rule settings applied to the server and add cloudfunctions-vpc-{vpc ID} to the access source.
To access a Cloud DB created in a VPC, add the alias that is automatically created when the DB server is created to the Inbound rule of the ACG, in the same way as for a general server.
After configuring VPC resource access, you can build various services by integrating with Cloud DB. To view an example of providing an API without an application server by integrating Cloud Functions and Cloud DB, visit the official NAVER Cloud Platform blog.
Option settings
You can set up an action's main function name, memory, or timeout, or set up web actions that provide URLs which can be called without a separate user authentication. Web Actions support all types of REST API requests including GET, POST, PUT, and DELETE.
The following describes each option setting item:
- Main function: Enter the string to be used as the name of the action's main function or class.
- Action memory: Select the memory size you want to use.
- Action timeout: Enter the maximum time the action can run in milliseconds. Execution terminates with failure status when this time is exceeded.
- Web action-related settings
- Use HTTP raw text: Select whether the web action should receive and process the raw HTTP request. (True: Use HTTP raw text, False: Use JSON object)
- Header option setting: Select whether headers can be modified in the code. (True: Allowed, False: CORS headers are added automatically to the response.)
Configure sequence action scenario
Configure the sequence action scenario for sequential execution of selected actions. Before configuring the scenario, review the following precautions:
- Sequence actions can include basic actions, web actions, and other sequence actions.
- It is recommended to add only web actions or sequence web actions to a sequence web action.
- User action parameters are forwarded only to the first action. If subsequent actions need to use user action parameter values, explicitly add those values to the results in the preceding action.
- Each action registered in a sequence action can use its default parameter values. If a default parameter has the same key resulting from a preceding action, the preceding action's result takes precedence.
- If an error occurs in a preceding action, subsequent actions do not execute.
- Sequence actions cannot specify a separate execution timeout. The maximum execution time equals the sum of registered action timeouts. Example: If action 1 and action 2 have timeouts of 1 and 3 minutes, respectively, the sequence action can run for up to 4 minutes.
To configure the sequence action scenario in consideration of the above precautions:
- In Packages/Actions, click the actions to add to the sequence action.
- Set the execution order of the added actions.
- Execution order change: Drag the action you want to reorder.
- Delete added action: Click
.