Hi @GCP_ngas,

Welcome to Google Cloud Community!

To deploy a Cloud Function with controlled access in cloud shell, you may first create a custom service account in Google Cloud, granting it only the necessary permissions that suit your project. Then, write your Cloud Function code or create a new Cloud Function project according to your requirements or the requirements of the system, preparing it for deployment. When deploying, use the gcloud functions deploy command, specifically including the --service-account flag followed by your service account's email address. Also be sure to include the --gen2 flag to specify that this is a 2nd generation Cloud Function. By assigning this service account, you ensure your function only has the exact permissions you've granted. Finally, verify in the Cloud Console (Cloud Functions) that the function is using your custom service account and test it, for example, with a curl command in Cloud Shell.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.