diff --git a/cloud-operations/asset-inventory-feed-remediation/main.tf b/cloud-operations/asset-inventory-feed-remediation/main.tf
index 7cfbbca0b..64480f2bf 100644
--- a/cloud-operations/asset-inventory-feed-remediation/main.tf
+++ b/cloud-operations/asset-inventory-feed-remediation/main.tf
@@ -88,10 +88,9 @@ module "cf" {
     lifecycle_delete_age = null
   }
   bundle_config = {
-    source_dir       = "cf"
-    output_path      = var.bundle_path
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "cf"
+    output_path = var.bundle_path
+    excludes    = null
   }
   service_account = module.service-account.email
   trigger_config = {
diff --git a/cloud-operations/quota-monitoring/main.tf b/cloud-operations/quota-monitoring/main.tf
index 53022a978..01d036910 100644
--- a/cloud-operations/quota-monitoring/main.tf
+++ b/cloud-operations/quota-monitoring/main.tf
@@ -60,10 +60,9 @@ module "cf" {
     lifecycle_delete_age = null
   }
   bundle_config = {
-    source_dir       = "cf"
-    output_path      = var.bundle_path
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "cf"
+    output_path = var.bundle_path
+    excludes    = null
   }
   # https://github.com/hashicorp/terraform-provider-archive/issues/40
   # https://issuetracker.google.com/issues/155215191
diff --git a/cloud-operations/scheduled-asset-inventory-export-bq/main.tf b/cloud-operations/scheduled-asset-inventory-export-bq/main.tf
index abce7babc..1b5306c48 100644
--- a/cloud-operations/scheduled-asset-inventory-export-bq/main.tf
+++ b/cloud-operations/scheduled-asset-inventory-export-bq/main.tf
@@ -80,10 +80,9 @@ module "cf" {
     lifecycle_delete_age = null
   }
   bundle_config = {
-    source_dir       = "cf"
-    output_path      = var.bundle_path
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "cf"
+    output_path = var.bundle_path
+    excludes    = null
   }
   service_account = module.service-account.email
   trigger_config = {
diff --git a/modules/cloud-function/README.md b/modules/cloud-function/README.md
index 724e05029..5c6733e53 100644
--- a/modules/cloud-function/README.md
+++ b/modules/cloud-function/README.md
@@ -21,10 +21,9 @@ module "cf-http" {
   name          = "test-cf-http"
   bucket_name   = "test-cf-bundles"
   bundle_config = {
-    source_dir       = "my-cf-source-folder"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "my-cf-source-folder"
+    output_path = "bundle.zip"
+    excludes    = null
   }
 }
 # tftest:skip
@@ -41,10 +40,9 @@ module "cf-http" {
   name          = "test-cf-http"
   bucket_name   = "test-cf-bundles"
   bundle_config = {
-    source_dir       = "my-cf-source-folder"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "my-cf-source-folder"
+    output_path = "bundle.zip"
+    excludes    = null
   }
   trigger_config = {
     event = "google.pubsub.topic.publish"
@@ -66,10 +64,9 @@ module "cf-http" {
   name          = "test-cf-http"
   bucket_name   = "test-cf-bundles"
   bundle_config = {
-    source_dir       = "my-cf-source-folder"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "my-cf-source-folder"
+    output_path = "bundle.zip"
+    excludes    = null
   }
   iam   = {
     "roles/cloudfunctions.invoker" = ["allUsers"]
@@ -93,10 +90,9 @@ module "cf-http" {
     lifecycle_delete_age = 1
   }
   bundle_config = {
-    source_dir       = "my-cf-source-folder"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "my-cf-source-folder"
+    output_path = "bundle.zip"
+    excludes    = null
   }
 }
 # tftest:skip
@@ -113,10 +109,9 @@ module "cf-http" {
   name          = "test-cf-http"
   bucket_name   = "test-cf-bundles"
   bundle_config = {
-    source_dir       = "my-cf-source-folder"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "my-cf-source-folder"
+    output_path = "bundle.zip"
+    excludes    = null
   }
   service_account_create = true
 }
@@ -132,10 +127,9 @@ module "cf-http" {
   name          = "test-cf-http"
   bucket_name   = "test-cf-bundles"
   bundle_config = {
-    source_dir       = "my-cf-source-folder"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "my-cf-source-folder"
+    output_path = "bundle.zip"
+    excludes    = null
   }
   service_account = local.service_account_email
 }
@@ -144,7 +138,7 @@ module "cf-http" {
 
 ### Custom bundle config
 
-In order to help prevent `archive_zip.output_md5` from changing cross platform (e.g. Cloud Build vs your local development environment), you'll have to make sure that the files included in the zip are always the same. On top of this, Terraform recommends to additionally (set the octal file mode to "0666")[https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/archive_file#output_file_mode] to ensure that the modes of the archived files don't vary either.
+In order to help prevent `archive_zip.output_md5` from changing cross platform (e.g. Cloud Build vs your local development environment), you'll have to make sure that the files included in the zip are always the same.
 
 ```hcl
 module "cf-http" {
@@ -153,10 +147,9 @@ module "cf-http" {
   name          = "test-cf-http"
   bucket_name   = "test-cf-bundles"
   bundle_config = {
-    source_dir       = "my-cf-source-folder"
-    output_path      = "bundle.zip"
-    output_file_mode = "0666"
-    excludes         = ["__pycache__"]
+    source_dir  = "my-cf-source-folder"
+    output_path = "bundle.zip"
+    excludes    = ["__pycache__"]
   }
 }
 # tftest:skip
@@ -168,7 +161,7 @@ module "cf-http" {
 | name | description | type | required | default |
 |---|---|:---: |:---:|:---:|
 | bucket_name | Name of the bucket that will be used for the function code. It will be created with prefix prepended if bucket_config is not null. | <code title="">string</code> | ✓ |  |
-| bundle_config | Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null. | <code title="object&#40;&#123;&#10;source_dir       &#61; string&#10;output_path      &#61; string&#10;output_file_mode &#61; string&#10;excludes         &#61; list&#40;string&#41;&#10;&#125;&#41;">object({...})</code> | ✓ |  |
+| bundle_config | Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null. | <code title="object&#40;&#123;&#10;source_dir  &#61; string&#10;output_path &#61; string&#10;excludes    &#61; list&#40;string&#41;&#10;&#125;&#41;">object({...})</code> | ✓ |  |
 | name | Name used for cloud function and associated resources. | <code title="">string</code> | ✓ |  |
 | project_id | Project id used for all resources. | <code title="">string</code> | ✓ |  |
 | *bucket_config* | Enable and configure auto-created bucket. Set fields to null to use defaults. | <code title="object&#40;&#123;&#10;location             &#61; string&#10;lifecycle_delete_age &#61; number&#10;&#125;&#41;">object({...})</code> |  | <code title="">null</code> |
diff --git a/modules/cloud-function/main.tf b/modules/cloud-function/main.tf
index 5223155b6..65201531d 100644
--- a/modules/cloud-function/main.tf
+++ b/modules/cloud-function/main.tf
@@ -137,7 +137,7 @@ data "archive_file" "bundle" {
     ? "/tmp/bundle.zip"
     : var.bundle_config.output_path
   )
-  output_file_mode = var.bundle_config.output_file_mode
+  output_file_mode = "0666"
   excludes         = var.bundle_config.excludes
 }
 
diff --git a/modules/cloud-function/variables.tf b/modules/cloud-function/variables.tf
index 3632ca069..351859b39 100644
--- a/modules/cloud-function/variables.tf
+++ b/modules/cloud-function/variables.tf
@@ -31,10 +31,9 @@ variable "bucket_name" {
 variable "bundle_config" {
   description = "Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null."
   type = object({
-    source_dir       = string
-    output_path      = string
-    output_file_mode = string
-    excludes         = list(string)
+    source_dir  = string
+    output_path = string
+    excludes    = list(string)
   })
 }
 
diff --git a/networking/private-cloud-function-from-onprem/main.tf b/networking/private-cloud-function-from-onprem/main.tf
index 362cafa14..60e3d8ea6 100644
--- a/networking/private-cloud-function-from-onprem/main.tf
+++ b/networking/private-cloud-function-from-onprem/main.tf
@@ -206,10 +206,9 @@ module "function-hello" {
   bucket_name      = "${var.name}-tf-cf-deploy"
   ingress_settings = "ALLOW_INTERNAL_ONLY"
   bundle_config = {
-    source_dir       = "${path.module}/assets"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "${path.module}/assets"
+    output_path = "bundle.zip"
+    excludes    = null
   }
   bucket_config = {
     location             = var.region
diff --git a/tests/modules/cloud_function/fixture/main.tf b/tests/modules/cloud_function/fixture/main.tf
index a89a85e3c..e94a9f638 100644
--- a/tests/modules/cloud_function/fixture/main.tf
+++ b/tests/modules/cloud_function/fixture/main.tf
@@ -20,10 +20,9 @@ module "test" {
   name        = "test"
   bucket_name = var.bucket_name
   bundle_config = {
-    source_dir       = "bundle"
-    output_path      = "bundle.zip"
-    output_file_mode = null
-    excludes         = null
+    source_dir  = "bundle"
+    output_path = "bundle.zip"
+    excludes    = null
   }
   iam = {
     "roles/cloudfunctions.invoker" = ["allUsers"]