The documentation you are viewing is for Dapr v1.10 which is an older version of Dapr. For up-to-date documentation, see the latest version.

GCP Pub/Sub

Detailed documentation on the GCP Pub/Sub component

Create a Dapr component

To setup GCP pubsub create a component of type pubsub.gcp.pubsub. See this guide on how to create and apply a pubsub configuration

apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
  name: gcp-pubsub
spec:
  type: pubsub.gcp.pubsub
  version: v1
  metadata:
  - name: type
    value: service_account
  - name: projectId
    value: <PROJECT_ID> # replace
  - name: identityProjectId
    value: <IDENTITY_PROJECT_ID> # replace
  - name: privateKeyId
    value: <PRIVATE_KEY_ID> #replace
  - name: clientEmail
    value: <CLIENT_EMAIL> #replace
  - name: clientId
    value: <CLIENT_ID> # replace
  - name: authUri
    value: https://accounts.google.com/o/oauth2/auth
  - name: tokenUri
    value: https://oauth2.googleapis.com/token
  - name: authProviderX509CertUrl
    value: https://www.googleapis.com/oauth2/v1/certs
  - name: clientX509CertUrl
    value: https://www.googleapis.com/robot/v1/metadata/x509/<PROJECT_NAME>.iam.gserviceaccount.com #replace PROJECT_NAME
  - name: privateKey
    value: <PRIVATE_KEY> # replace x509 cert
  - name: disableEntityManagement
    value: "false"
  - name: enableMessageOrdering
    value: "false"
  - name: maxReconnectionAttempts # Optional
    value: 30
  - name: connectionRecoveryInSec # Optional
    value: 2

Spec metadata fields

Field Required Details Example
type N GCP credentials type. Only service_account is supported. Defaults to service_account service_account
projectId Y GCP project id myproject-123
identityProjectId N If the GCP pubsub project is different from the identity project, specify the identity project using this attribute "myproject-123"
privateKeyId N If using explicit credentials, this field should contain the private_key_id field from the service account json document "my-private-key"
privateKey N If using explicit credentials, this field should contain the private_key field from the service account json -----BEGIN PRIVATE KEY-----MIIBVgIBADANBgkqhkiG9w0B
clientEmail N If using explicit credentials, this field should contain the client_email field from the service account json "myservice@myproject-123.iam.gserviceaccount.com"
clientId N If using explicit credentials, this field should contain the client_id field from the service account json 106234234234
authUri N If using explicit credentials, this field should contain the auth_uri field from the service account json https://accounts.google.com/o/oauth2/auth
tokenUri N If using explicit credentials, this field should contain the token_uri field from the service account json https://oauth2.googleapis.com/token
authProviderX509CertUrl N If using explicit credentials, this field should contain the auth_provider_x509_cert_url field from the service account json https://www.googleapis.com/oauth2/v1/certs
clientX509CertUrl N If using explicit credentials, this field should contain the client_x509_cert_url field from the service account json https://www.googleapis.com/robot/v1/metadata/x509/myserviceaccount%40myproject.iam.gserviceaccount.com
disableEntityManagement N When set to "true", topics and subscriptions do not get created automatically. Default: "false" "true", "false"
enableMessageOrdering N When set to "true", subscribed messages will be received in order, depending on publishing and permissions configuration. "true", "false"
maxReconnectionAttempts N Defines the maximum number of reconnect attempts. Default: 30 30
connectionRecoveryInSec N Time in seconds to wait between connection recovery attempts. Default: 2 2

Create a GCP Pub/Sub

You can use either “explicit” or “implicit” credentials to configure access to your GCP pubsub instance. If using explicit, most fields are required. Implicit relies on dapr running under a Kubernetes service account (KSA) mapped to a Google service account (GSA) which has the necessary permissions to access pubsub. In implicit mode, only the projectId attribute is needed, all other are optional.

Follow the instructions here on setting up Google Cloud Pub/Sub system.