IBM Cloud Functions:如何使用 Terraform 创建安全的 Web 操作
IBM Cloud Functions: How to create secured web action using Terraform
我可以create a new IBM Cloud Functions action using the Terraform provider。
resource "ibm_function_action" "sendEmail" {
name = "${ibm_function_package.cloudmailer.name}/sendEmail"
namespace = ibm_function_namespace.namespace.name
exec {
kind = "nodejs:12"
code = file("smtp_email.js")
}
publish = true
user_defined_parameters = var.server_config
}
如何将上述动作变成web action?如何指定其密码保护配置?
这可以使用 annotations argument. It holds key / value pairs of these documented action annotations 来实现。
resource "ibm_function_action" "sendEmail" {
name = "${ibm_function_package.cloudmailer.name}/sendEmail"
namespace = ibm_function_namespace.namespace.name
exec {
kind = "nodejs:12"
code = file("smtp_email.js")
}
publish = true
user_defined_parameters = var.server_config
user_defined_annotations = <<EOF
[
{
"key": "web-export",
"value": true
},
{
"key": "require-whisk-auth",
"value": "your-web-secret"
}
]
EOF
}
上面的web-export把action变成web action,require-whisk-auth为了安全和它的价值启用认证设置密码。我把它变成了 working sample.
我可以create a new IBM Cloud Functions action using the Terraform provider。
resource "ibm_function_action" "sendEmail" {
name = "${ibm_function_package.cloudmailer.name}/sendEmail"
namespace = ibm_function_namespace.namespace.name
exec {
kind = "nodejs:12"
code = file("smtp_email.js")
}
publish = true
user_defined_parameters = var.server_config
}
如何将上述动作变成web action?如何指定其密码保护配置?
这可以使用 annotations argument. It holds key / value pairs of these documented action annotations 来实现。
resource "ibm_function_action" "sendEmail" {
name = "${ibm_function_package.cloudmailer.name}/sendEmail"
namespace = ibm_function_namespace.namespace.name
exec {
kind = "nodejs:12"
code = file("smtp_email.js")
}
publish = true
user_defined_parameters = var.server_config
user_defined_annotations = <<EOF
[
{
"key": "web-export",
"value": true
},
{
"key": "require-whisk-auth",
"value": "your-web-secret"
}
]
EOF
}
上面的web-export把action变成web action,require-whisk-auth为了安全和它的价值启用认证设置密码。我把它变成了 working sample.