Deploying an Event Function using Terraform¶
This section describes on how to deploy an Event Function using Terraform.
Prerequisite¶
Terraform configured according to Prepare the Terraform environment
Full sample can be found in doc-sample-event-timer.
Terraform Scripts¶
Terraform deployment scripts can be found in: samples-doc/doc-sample-event-timer/terraform
provider.tf¶
This script configures the OpenTelekomCloud provider for Terraform.
provider.tf¶
# ----------------------------------------------------------------------------
# Secret variables to be injected as envvar (capital letters for Windows systems)
# - no defaults
# - Declared as sensitive --> Not printed in console or log if used in resources
# ----------------------------------------------------------------------------
# set by environment variable TF_VAR_OTC_SDK_AK
variable "OTC_SDK_AK" {
description = "Personal access key"
type = string
sensitive = true
}
# set by environment variable TF_VAR_OTC_SDK_SK
variable "OTC_SDK_SK" {
description = "Personal secret key"
type = string
sensitive = true
}
# set by environment variable TF_VAR_OTC_SDK_DOMAIN_NAME
variable "OTC_SDK_DOMAIN_NAME" {
description = "Domain Name, eg. OTC-EU-DE-000000000010000XXXXX"
type = string
}
# set by environment variable TF_VAR_OTC_SDK_PROJECTID
variable "OTC_SDK_PROJECTID" {
description = "Project Id"
type = string
}
# set by environment variable TF_VAR_OTC_SDK_PROJECTNAME
variable "OTC_SDK_PROJECTNAME" {
description = "Project Name, eg. eu-de_MYPROJECT"
type = string
}
# set by environment variable TF_VAR_OTC_IAM_ENDPOINT
variable "OTC_IAM_ENDPOINT" {
description = "IAM Endpoint"
type = string
default = "https://iam.eu-de.otc.t-systems.com/v3"
}
terraform {
required_providers {
# specifies required provider, source and version
# see https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest
opentelekomcloud = {
source = "opentelekomcloud/opentelekomcloud"
version = ">= 1.36.51"
}
}
backend "s3" {
# See: https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/guides/backends
# (Required) Specifies the endpoint for OpenTelekomCloud OBS.
# The value is https://obs.{{region}}.otc.t-systems.com.
# This can also be sourced from the AWS_S3_ENDPOINT environment variable
endpoints = {
s3 = "https://obs.eu-de.otc.t-systems.com"
}
# (Required) Specifies the bucket name where to store the state.
# Make sure to create it before.
bucket = "<your-bucket-name>"
# (Required) Specifies the path to the state file inside the bucket.
key = "<path/to/your/terraform.tfstate>"
# (Required) Specifies the region where the bucket is located.
# This can also be sourced from the AWS_DEFAULT_REGION and
# AWS_REGION environment variables.
region = "<your-region>"
# (Required) Skip credentials validation via the STS API.
# It's mandatory for OpenTelekomCloud.
skip_credentials_validation = true
# (Required) Skip validation of provided region name.
# It's mandatory for OpenTelekomCloud.
skip_region_validation = true
skip_requesting_account_id = true
# (Required) Skip usage of EC2 Metadata API.
# It's mandatory for OpenTelekomCloud.
skip_metadata_api_check = true
# (Optional) Do not include checksum when uploading S3 Objects.
# Useful for some S3-Compatible APIs.
skip_s3_checksum = true
# Although the terraform block does not accept variables or locals and
# all backend configuration values must be hardcoded, you can provide
# the credentials via the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
# environment variables to access OBS, respectively:
#
# export AWS_ACCESS_KEY_ID="your accesskey"
# export AWS_SECRET_ACCESS_KEY="your secretkey"
#
# secret_key set env var: AWS_ACCESS_KEY_ID
# access_key set env var: AWS_SECRET_ACCESS_KEY
}
}
# ----------------------------------------------------------------------------
# Providers settings --> OTC
# We use the AKSK auth scheme
# See https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs
# ----------------------------------------------------------------------------
#
provider "opentelekomcloud" {
auth_url = var.OTC_IAM_ENDPOINT
access_key = var.OTC_SDK_AK
secret_key = var.OTC_SDK_SK
domain_name = var.OTC_SDK_DOMAIN_NAME
tenant_name = var.OTC_SDK_PROJECTNAME
}
variables.tf¶
This script defines the variables used in the Terraform scripts.
variables.tf¶
# prefix will be prepended to all ressource names
variable "prefix" {
type = string
default = "sample"
}
# FunctionGraph function name
variable "function_name" {
type = string
default = "doc-sample-event-timer"
}
# FunctionGraph handler name
variable "function_handler_name" {
type = string
default = "timer-example"
}
# name of zip file to deploy, generated by 'mvn package' command
variable "zip_file_name" {
type = string
default = "deploy.zip"
}
loggroup.tf¶
This script creates a log group and log stream in LTS.
loggroup.tf¶
##########################################################
# Create Log Group
##########################################################
resource "opentelekomcloud_lts_group_v2" "MyLogGroup" {
group_name = format("%s_%s_%s", var.prefix, var.function_name, "log_group")
ttl_in_days = 1
}
##########################################################
# Create Log Stream
##########################################################
resource "opentelekomcloud_lts_stream_v2" "MyLogStream" {
group_id = opentelekomcloud_lts_group_v2.MyLogGroup.id
stream_name = format("%s_%s_%s", var.prefix, var.function_name, "log_stream")
}
function.tf¶
This script creates the Event Function using the container image.
function.tf¶
##########################################################
# Create Function
##########################################################
resource "opentelekomcloud_fgs_function_v2" "MyFunction" {
name = format("%s_%s", var.prefix, var.function_name)
app = "default"
# agency = var.agency_name
handler = var.function_handler_name
description = "Sample for timer triggered FunctionGraph using terraform."
memory_size = 128
timeout = 30
max_instance_num = 400
runtime = "Go1.x"
code_type = "zip"
func_code = filebase64(format("${path.module}/../%s", var.zip_file_name))
code_filename = var.zip_file_name
log_group_id = opentelekomcloud_lts_group_v2.MyLogGroup.id
log_group_name = opentelekomcloud_lts_group_v2.MyLogGroup.group_name
log_topic_id = opentelekomcloud_lts_stream_v2.MyLogStream.id
log_topic_name = opentelekomcloud_lts_stream_v2.MyLogStream.stream_name
}
timer_trigger.tf¶
This script creates the timer trigger.
timer_trigger.tf¶
##########################################################
# Create Trigger
##########################################################
resource "opentelekomcloud_fgs_trigger_v2" "timer_cron" {
function_urn = opentelekomcloud_fgs_function_v2.MyFunction.urn
type = "TIMER"
event_data = jsonencode({
"name" : "CronTrigger_3m",
"schedule_type" : "Cron",
"user_event" : "Created by terraform script",
"schedule" : "@every 3m"
})
}
testevent.tf¶
This script creates a test event to test the Event Function.
testevent.tf¶
##########################################################
# Create Test Event
##########################################################
resource "opentelekomcloud_fgs_event_v2" "test_event" {
function_urn = opentelekomcloud_fgs_function_v2.MyFunction.urn
name = "timer-test-event"
content = base64encode(jsonencode({
"version" = "v1.0",
"time" = "2025-10-24T08:30:00+08:00",
"trigger_type" = "TIMER",
"trigger_name" = "timer-test-event",
"user_event" = "Test event created by terraform script"
}))
}
Deployment¶
MakefileTF¶
To simplify the development and testing process, see Makefile in the project root folder:
Makefile¶
HANDLER_NAME=timer-example
build:
GOARCH=amd64 GOOS=linux CGO_ENABLED=0 go build -o target/$(HANDLER_NAME) src/main.go
zip:
printf "# Handler name\n${HANDLER_NAME}" > target/handler_name.txt
cd target && zip -r ../deploy.zip .
clean:
rm -f deploy.zip
rm -rf target
all: build zip
tf_init:
terraform -chdir=terraform \
init \
-backend-config="endpoints={s3=\"https://obs.eu-de.otc.t-systems.com\"}" \
-backend-config="bucket=sample-tf-backend" \
-backend-config="key=terraform_state/go/doc-sample-event-timer.tf" \
-backend-config="region=eu-de"
tf_plan:
if [ ! -f "terraform/.terraform.lock.hcl" ]; then \
$(MAKE) initTerraform; \
fi
terraform -chdir=terraform \
plan \
-var function_name="doc-sample-event-timer" \
-var function_handler_name=$(HANDLER_NAME)
tf_apply: all
if [ ! -f "terraform/.terraform.lock.hcl" ]; then \
$(MAKE) initTerraform; \
fi
terraform -chdir=terraform \
apply -auto-approve \
-var function_name="doc-sample-event-timer" \
-var function_handler_name=$(HANDLER_NAME)
tf_destroy:
terraform -chdir=terraform \
destroy -auto-approve
.PHONY: build zip clean all tf_init tf_plan tf_apply tf_destroy
Initialize Terraform¶
To initialize Terraform, run following command in the project root folder:
make tf_init
Plan Terraform deployment¶
To plan the Terraform deployment, run following command in the project root folder:
make tf_plan
Deploy using Terraform¶
To deploy the Event Function using Terraform, run following command in the project root folder:
make tf_apply
Cleanup deployed resources¶
Note
To destroy the deployed resources, run following command in the project root folder:
make tf_destroy