Cloud Runtime Configuration API

Name: Cloud Runtime Configuration API API
Brand: Cloud Runtime Configuration API
Availability: InStock

✓ Official Vendor SpecDeveloper ToolsMonitoring Observabilityoauth213 EndpointsREST

For Agents

Read and write dynamic configuration variables on Google Cloud, watch them for changes, and coordinate startup with waiters that resolve when conditions are met.

Quickstart

Get started with Cloud Runtime Configuration API in minutes using your preferred integration method.

# Add to your MCP client config (Claude Desktop, Cursor, Windsurf)
{
  "jentic": {
    "url": "https://api.jentic.com/mcp",
    "auth": "oauth"
  }
}

# Then ask your agent:
"set runtime configurator variable"

# → Jentic returns the GET /events tool with parameter schema, agent executes.

Capabilities

What an agent can do with Cloud Runtime Configuration API API.

Create and delete configs that group related runtime variables

Set, get, list, and delete named variables inside a config

Watch a single variable so the call returns when its value changes or a timeout elapses

Define waiters that block until a count condition over variables is satisfied or fails

GET STARTED

Start building with Cloud Runtime Configuration API API

Explore with Jentic

View OpenAPI Document

Use for: Set a runtime variable named feature/checkout-flow to enabled, Watch the variable rollout/version until it changes from canary to stable, Create a waiter that blocks until 5 worker startup variables are present, List all variables under projects/my-prod/configs/orders

Not supported: Does not store secrets, manage Compute Engine metadata, or trigger workflow execution — use for sharing dynamic runtime configuration values, watchers, and waiters only.

Use Cases

Patterns agents use Cloud Runtime Configuration API API for, with concrete tasks.

★ Coordinated startup of distributed services

A startup agent uses a waiter that blocks until N expected service variables are written, ensuring downstream services only begin after their dependencies have registered. The Runtime Configurator handles the timeout and success or failure semantics, so the orchestrator does not need to poll variables itself.

POST /v1beta1/{+parent}/waiters with success.cardinality.number=5 and a 10-minute timeout, then poll the waiter until done.

Feature flag rollout

A release agent stores feature flags as runtime variables. Services watch each variable through the watch endpoint and react when the agent sets the value to enabled or disabled. The watch call returns as soon as the value changes, providing near-real-time flag propagation without polling.

Have services call POST /v1beta1/{+name}:watch on feature/checkout-flow; the agent issues PUT /v1beta1/{+name} to flip the value when ready.

IAM-scoped config access for multi-team projects

A platform team partitions runtime variables by config and binds IAM principals per config so each team only reads and writes its own. setIamPolicy and getIamPolicy on each config govern those grants, and testIamPermissions lets agents check rights before attempting privileged operations.

POST /v1beta1/{+resource}:setIamPolicy on each config with the team's group bound to roles/runtimeconfig.admin.

Agent-driven runtime flags through Jentic

An AI agent built on Jentic flips runtime configuration values on behalf of operators. It searches for the variable update operation by intent, loads the schema, executes the change, and reports back. OAuth tokens stay isolated in the Jentic vault so raw secrets never enter agent context.

Search Jentic for 'set runtime configurator variable', load the PUT variable schema, execute against projects/my-prod/configs/orders/variables/feature/checkout-flow with value=enabled.

Key Endpoints

13 endpoints — the cloud runtime configuration api exposes the runtime configurator, which lets services dynamically configure and share variables across google cloud workloads.

METHOD

PATH

DESCRIPTION

POST

/v1beta1/{+parent}/configs

Create a config

POST

/v1beta1/{+parent}/variables

Create a variable inside a config

GET

/v1beta1/{+name}

Get a config, variable, or waiter

PUT

/v1beta1/{+name}

Update a variable value

DELETE

/v1beta1/{+name}

Delete a config, variable, or waiter

POST

/v1beta1/{+name}:watch

Watch a variable for changes

POST

/v1beta1/{+parent}/waiters

Create a waiter

POST

/v1beta1/{+resource}:setIamPolicy

Set the IAM policy on a config

POST

/v1beta1/{+parent}/configs

Create a config

POST

/v1beta1/{+parent}/variables

Create a variable inside a config

GET

/v1beta1/{+name}

Get a config, variable, or waiter

PUT

/v1beta1/{+name}

Update a variable value

DELETE

/v1beta1/{+name}

Delete a config, variable, or waiter

Why though Jentic?

Three things that make agents converge on Jentic-routed access.

Credential isolation

Google OAuth 2.0 credentials for the Runtime Configurator are held encrypted in the Jentic vault. Agents receive short-lived scoped access tokens at execution time, with no raw refresh tokens or service-account keys leaving the vault.

Intent-based discovery

Agents search Jentic with intents like 'set runtime configurator variable' or 'watch runtime variable' and Jentic returns the matching operation with its full schema, so the agent calls the right endpoint without reading the discovery document.

Time to first call

Direct integration takes 1-3 days for OAuth wiring, watch handling, and waiter polling. Through Jentic the same flow is under 1 hour: search, load, execute, watch.

Related APIs

Alternatives and complements available in the Jentic catalogue.

Alternative

Cloud KMS API

Stores secrets and keys when configuration values are sensitive.

Choose Cloud KMS or Secret Manager for secret material; choose Runtime Configurator for non-secret coordination variables.

Complementary

Cloud Monitoring API

Pairs runtime variable changes with metrics about what happened next.

Use Runtime Configurator to flip the variable; use Monitoring to confirm the downstream effect.

Complementary

Cloud Logging API

Captures audit logs of variable updates for traceability.

Use Runtime Configurator to make the change; use Logging to retrieve the audit record afterwards.

Complementary

Cloud IAM API

Manages the principals that the Runtime Configurator IAM policies reference.

Use IAM to provision the service account; use Runtime Configurator setIamPolicy to grant it access to a config.

FAQs

Specific to using Cloud Runtime Configuration API API through Jentic.

What authentication does the Runtime Configuration API use?

It uses Google OAuth 2.0 with the cloud-platform or cloudruntimeconfig scopes, declared as Oauth2 and Oauth2c. Through Jentic, OAuth tokens are stored encrypted in the vault and exchanged for short-lived access tokens at execution time so raw refresh tokens never reach the agent.

Can I watch a runtime variable for changes through the API?

Yes. POST /v1beta1/{+name}:watch performs a long-poll request that returns as soon as the named variable changes value or a server-side timeout elapses. This avoids client-side polling and gives near-real-time propagation of feature flags and rollout signals.

What are the rate limits for the Runtime Configuration API?

Google Cloud applies per-project read and write quotas to the Runtime Configurator, with watch and waiter calls counted against a separate concurrent-long-poll quota. The default per-minute quota is 600 read requests per project, raisable through the Cloud Console for sustained usage.

How do I create a waiter through Jentic?

Search Jentic for 'create runtime configurator waiter', load the schema for POST /v1beta1/{+parent}/waiters, and execute with the cardinality success condition and timeout you need. Jentic returns the waiter resource, which the agent polls until status reports done.

Is the Runtime Configuration API free?

The API is free to call within Google Cloud quotas, and stored variables and waiters incur no per-byte charge inside published limits. Costs scale only with very large variable bodies above the per-config size limits.

How do I scope variable access to one team only?

Place each team's variables in its own config and bind a team-specific IAM principal to the config with POST /v1beta1/{+resource}:setIamPolicy at the role roles/runtimeconfig.admin or .viewer. Other principals can be denied entirely at the config level rather than on each variable.