Wednesday, December 7, 2022
No menu items!
HomeCloud ComputingCreating Eventarc triggers with Terraform

Creating Eventarc triggers with Terraform

Terraform is increasingly the preferred tool for building, changing, and versioning infrastructure in Google Cloud and across clouds. In an earlier post, I showed how to create Eventarc triggers using Google Cloud Console or via the command line with gcloud. In this post, I show how to create the same triggers with the google_eventarc_trigger Terraform resource. 

See eventarc-samples/terraform on GitHub for the prerequisites and main.tf for full Terraform configuration. 

Define a Cloud Run service as an event sink

Before you can create a trigger, you need to create a Cloud Run service as an event sink for the trigger. You can use Terraform’s google_cloud_run_service resource to define a Cloud Run service: 

code_block[StructValue([(u’code’, u’resource “google_cloud_run_service” “default” {rn name = “cloudrun-hello-tf”rn location = var.regionrnrn template {rn spec {rn containers {rn image = “gcr.io/cloudrun/hello”rn }rn }rn }rnrn traffic {rn percent = 100rn latest_revision = truern }rn}’), (u’language’, u”)])]

Define a Pub/Sub trigger

A Pub/Sub trigger connects a Pub/Sub topic to a Cloud Run service. 

As a reminder, here’s how you can create a Pub/Sub trigger using gcloud:

code_block[StructValue([(u’code’, u’gcloud eventarc triggers create trigger-pubsub \rn –destination-run-service=$SERVICE_NAME \rn –destination-run-region=$REGION \rn –event-filters=”type=google.cloud.pubsub.topic.v1.messagePublished”‘), (u’language’, u”)])]

The same Pub/Sub trigger looks like this as a Terraform resource:

code_block[StructValue([(u’code’, u’resource “google_eventarc_trigger” “trigger-pubsub-tf” {rn name = “trigger-pubsub-tf”rn location = var.regionrn matching_criteria {rn attribute = “type”rn value = “google.cloud.pubsub.topic.v1.messagePublished”rn }rn destination {rn cloud_run_service {rn service = google_cloud_run_service.default.namern region = var.regionrn }rn }rnrn depends_on = [google_project_service.eventarc]rn}’), (u’language’, u”)])]

Note: There’s a slight difference in how events are filtered in gcloud vs. Terraform. In gcloud, events are filtered with the –event-filters flag; whereas in Terraform, matching_criteria is used. This is for legacy reasons and hopefully will be corrected in the future.

Define an Audit Log trigger

An Audit Log trigger connects various Google Cloud services with Audit Logs to a Cloud Run service. Here’s what an Audit Log trigger for the Cloud Storage storage.object.create event looks like in Terraform:

code_block[StructValue([(u’code’, u’resource “google_eventarc_trigger” “trigger-auditlog-tf” {rn name = “trigger-auditlog-tf”rn location = var.regionrn matching_criteria {rn attribute = “type”rn value = “google.cloud.audit.log.v1.written”rn }rn matching_criteria {rn attribute = “serviceName”rn value = “storage.googleapis.com”rn }rn matching_criteria {rn attribute = “methodName”rn value = “storage.objects.create”rn }rn destination {rn cloud_run_service {rn service = google_cloud_run_service.default.namern region = var.regionrn }rn }rn service_account = “${data.google_project.project.number}[email protected]”rnrn depends_on = [google_project_service.eventarc]rn}’), (u’language’, u”)])]

Deploy with Terraform

Deploying resources with Terraform usually involves three steps:

1. Initialize Terraform:

terraform init

2. See the planned changes:

terraform plan -var=”project_id=YOUR-PROJECT-ID” -var=”region=YOUR-GCP-REGION”

3. Create resources:

terraform apply -var=”project_id=YOUR-PROJECT-ID” -var=”region=YOUR-GCP-REGION”

After a few minutes, all the resources (a Cloud Run service and two2 Eventarc triggers) will be created. You can double-check the list of triggers:

gcloud eventarc triggers list –location YOUR-GCP-REGION

This was a quick overview of how to create Eventarc triggers with Terraform. As always, feel free to reach out to me on Twitter @meteatamel for any questions or feedback.

Related Article

A closer look at locations in Eventarc

Back in August, we announced more Eventarc locations, taking the total number to more than 30. An Eventarc location usually refers to the…

Read Article

Cloud BlogRead More

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments