Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

Create a private provider

Updated on 2024-12-12 GMT+08:00

Function

CreatePrivateProvider

Create an empty private provider. If the user provides both provider_version and function_graph_urn, upon creating a private provider, a corresponding private provider version is also created within the private provider.

  • Private providers allow users to register customized providers into RFS for their own use only.

  • If the private provider with the same name already exists, 409 is returned.

  • The provider_version must follow the Semantic Version and is customized by the user.

  • In this API, provider_version and function_graph_urn must be provided together. If only one of the parameters is provided, 400 is returned.

  • RFS only performs a shallow validation on function_graph_urn, verifying compliance with regular rules and presence within valid region. However, no comprehensive validations are performed, including validation of user permissions or existence, etc.

  • This API returns the provider_source field, formatted as "huawei.com/private-provider/{provider_name}". For more details on the use of provider_name and provider_source in templates, see the description below.

  • If the user wants to use a provider whose name does not contain uppercase English character, the provider_source field can be specified as the source parameter in required_providers defined in the template as shown below.

  • If the user wants to use a provider whose name contains uppercase English character, the provider_name needs to be completely converted into lowercase English. At the same time, users can either use the provider_source parameter returned by the API in the template, or use "huawei.com/private-provider" as the fixed prefix in the template, and construct the provider_source parameter according to the original provider_name in uppercase English.

    Taking HCL template as an example, the syntax for using a private provider in the template is as follows:

Provider "{provider_name}" {
  source = "{provider_source}"
  version = "{provider_version}"
}

Taking JSON template as an example, the syntax for using a private provider in the template is as follows:

{
  "terraform":{
    "required_providers":[
      {
        "{provider_name}":{
          "source":"{provider_source}",
          "version":"{provider_version}"
        }
      }
    ]
  }
}

When RFS supports users to use the HTTP function in FunctionGraph (hereinafter referred to as FG) to run private providers, we establish a set of detailed integration guidelines to ensure successful interaction between RFS and private providers.

About the use of FG's HTTP functions, please refer to the official website documentation: https://support.huaweicloud.com/productdesc-functiongraph/functiongraph_02_1002.html.

Users need to implement a set of corresponding methods in the HTTP function, according to the following rules:

  1. Users are required to initiate an HTTP Server in FG, intended to accept HTTP requests from RFS. The request path is fixed to "/provider" with "POST" request method. RFS defines the format of the HTTP request body as follows:

    { "method_name": String, "request_data": String, "context":{ "session_id": String, "config_data": String } }

    The HTTP function of FG provided by users should be able to receive the above request. Otherwise, it fails to invoke the private provider.

  2. The following is a detailed explanation of how to use the parameters in the request body to achieve successful interaction between FG and RFS:

    "method_name": RFS expects the gRPC method name invoked in FG's HTTP function. In the request body, RFS selects one of the following methods for delivery each time according to the actual business scene. Each method name needs to correspond one-to-one with the native gRPC method in the provider. After receiving a request with one certain method name, FG's HTTP function should call the corresponding private provider's native gRPC method to implement the processing logic for resources.

    Please refer to the native gRPC protocol provided in the provider: tfplugin5.proto and grpc_controller.proto. The list of method name is as follows:

    tfplugin5.proto: 
      "/tfplugin5.Provider/GetSchema"
      "/tfplugin5.Provider/PrepareProviderConfig"
      "/tfplugin5.Provider/ValidateResourceTypeConfig"
      "/tfplugin5.Provider/ValidateDataSourceConfig"
      "/tfplugin5.Provider/UpgradeResourceState"
      "/tfplugin5.Provider/Configure"
      "/tfplugin5.Provider/ReadResource"
      "/tfplugin5.Provider/PlanResourceChange"
      "/tfplugin5.Provider/ApplyResourceChange"
      "/tfplugin5.Provider/ImportResourceState"
      "/tfplugin5.Provider/ReadDataSource"
      "/tfplugin5.Provider/Stop"
    grpc_controller.proto: 
      "/plugin.GRPCController/Shutdown"

    "request_data": The request data of each method in the HTTP function passed by RFS to FG. In each method, the request_data needs to be decoded using base64 first, and then passed in as the input of the private provider's gRPC method.

    "config_data": Used for initialization before provider handles actual requests. If the config_data in the context is not empty, FG's HTTP function needs to first invoke the /tfplugin5.Provider/Configure method with config_data as input for initialization, and then invoke the corresponding method according to method_name to get the response.

    "session_id": Indicates whether the request comes from the same batch of tasks in the same template.The same session_id means that the request comes from the same batch of orchestration tasks in the same template.

    Note: The same provider process started by users cannot accept multiple requests from RFS. RFS recommends that users start a new process to handle related requests every time.

  3. The request response implemented in FG's HTTP function should be returned in a fixed format. The format of the response body is as follows. The successful response code is fixed at 200. Any other response codes are regarded as failed requests and cause the deployment failure.

    { "response_data": String, "error": String }

    "response_data": The response data returned by invoking the gRPC method of the private provider. In FG's HTTP function, the response returned by the gRPC method needs to be base64 encoded and returned.

    "error": Error message returned by invoking gRPC method.

**Constraints and Limitations: **

  1. The private provider is defined and provided to RFS by the users. RFS does not verify its internal logic.

  2. RFS does not manage the lifecycle of private providers. If a stack deployment encounters issues due to the absence or malfunction of a private provider, RFS does not provide a resolution.

  3. RFS does not ensure the information security of private providers. If a stack deployed using a private provider contains sensitive data in the template and results in leakage to third-party resources, RFS does not take any responsibilities.

  4. Network factors are taken into account during the invocation of private providers, increasing the probability of deployment failure for private providers. If deployment fails due to network issues, users can implement retry operations.

  5. RFS synchronously calls a set of methods defined in FG by users. Each method needs to complete execution within 30 seconds to minimize failure probability.

  6. Only fixed private provider versions in templates are supported, and the expressions of loose versions such as >, >=, <, <=, ~> are not supported.

URI

POST /v1/private-providers

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

Client-Request-Id

Yes

String

Unique request ID. It is specified by a user and is used to locate a request. UUID is recommended.

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

provider_name

Yes

String

Private provider name. The name is unique within its domain (domain_id) and region. Only letters, digits, and hyphens (-) are allowed. The name only supports starting and ending with lowercase English and numbers.

Following the HCL best practices, provider name is recommended to be the local name of the private provider defined in the template.

CreatePrivateProvider API also uses "huawei.com/private-provider" as the fixed prefix and returns the provider_source value in the form of "huawei.com/private-provider/{provider_name}". For more details on the use of provider_name and provider_source in templates, see the API description of CreatePrivateProvider API.

provider_description

No

String

Description of a private provider. It can be used by customers to identify their own private providers.

provider_version

No

String

Private provider version. The version number follows the Semantic Version and is customized by the user.

version_description

No

String

The Description of the private provider version. It can be used by users to identify and manage private provider versions. Note: The private provider version is immutable, so the description cannot be updated. If it needs to be updated, please delete private provider version and rebuild it.

function_graph_urn

No

String

Uniform resource identifier for FunctionGraph methods, it can be used to uniquely identify FunctionGraph methods. Only supports the function graph urns in the same region as RFS. If provided in other regions, 400 is returned.

For more detail about this parameter, please refer to the official documentation: https://support.huaweicloud.com/api-functiongraph/functiongraph_06_0102.html

Response Parameters

Status code: 201

Table 3 Response body parameters

Parameter

Type

Description

provider_id

String

Unique ID of a private provider.

It is a UUID generated by RFS when a private provider is created.

Private provider names are unique only at one specific time, so you can create a private provider named helloWorld and another private provider with the same name after deleting the first one.

For parallel development in a team, users may want to ensure that the private provider they operate is the one created by themselves, not the one with the same name created by other teammates after deleting the previous one. Therefore, they can use this ID for strong matching.

RFS ensures that the ID of each private provider is different and does not change with updates. If the provider_id value is different from the current private provider ID, 400 is returned.

provider_source

String

When users use private providers and define required_providers information in the template, they need to specify the source using provider_source value.

Provider source is spliced in the form of "huawei.com/private-provider/{provider_name}". For more details on the use of provider_name and provider_source in templates, see the API description of CreatePrivateProvider.

Status code: 400

Table 4 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 5 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 401

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 7 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 403

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 9 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 409

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 11 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 429

Table 12 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 13 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Status code: 500

Table 14 Response body parameters

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

encoded_authorization_message

String

The message contains information about unauthorized requests.

details

Array of Detail objects

Detailed error messages returned by service when permission is denied.

Table 15 Detail

Parameter

Type

Description

error_code

String

Response code.

error_msg

String

Response message.

Example Requests

  • Create a new empty private provider

    POST https://{endpoint}/v1/private-providers
    
    {
      "provider_name" : "my-hello-world-provider-name",
      "provider_description" : "my first private provider"
    }
  • Create a new private provider with provider version

    POST https://{endpoint}/v1/private-providers
    
    {
      "provider_name" : "my-hello-world-provider-name",
      "provider_description" : "my first hello world private provider",
      "provider_version" : "0.0.1",
      "function_graph_urn" : "urn:fss:cn-north-7:a61dfe3154de42829367056598d5040f:function:default:test:latest",
      "version_description" : "my first private provider version"
    }

Example Responses

Status code: 201

Private provider created successfully

{
  "provider_id" : "1b15e005-bdbb-4bd7-8f9a-a09b6774b4b3",
  "provider_source" : "huawei.com/private-provider/my-hello-world-provider-name"
}

Status Codes

Status Code

Description

201

Private provider created successfully

400

Invalid request.

401

Authentication failed.

403

  1. The user does not have the permission to call this API.

  2. The maximum number of private providers has been reached.

409

Creation requests conflict. The private provider with the same name already exists.

429

Too frequent requests.

500

Internal server error.

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback