We’re excited to announce the release of pre-built functions, a new capability of the Oracle Cloud Infrastructure (OCI) Functions service. It provides a catalog of ready-to-use functions that you can configure to run common tasks or actions across OCI services without writing any code. These pre-built functions are deployed and invoked as OCI Functions. They run on serverless platform of OCI Functions to run at scale, removing the need to manage any nfrastructure.
Functions is a serverless functions-as-a-service (FaaS) in OCI that lets you run blocks of code as functions that generally do one thing well and scales them automatically based on concurrent invocations. It seamlessly integrates with other OCI services to provide a complete serverless platform for building event-driven applications. Services such as Events, Connector Hub, Data Integration, API Gateway, and Notifications, provide built-in triggers to invoke functions. A function only runs when invoked by these triggers or by calling its invocation endpoint directly. Customers only pay for resources used during the process of a function. While running a function, Functions also allows it to securely access other OCI resources and perform certain operations on such resources.
Functions is a popular choice among OCI customers to automate the process common tasks and actions for various use cases, including security, compliance, governance, observability, cost management, DevOps, integration, and more. Many OCI customers are already using Functions as part of their cloud solutions to run common tasks or actions, including the following examples:
Ingesting OCI logs into external SIEM and observability platforms using Connector Hub
Event-based triggering of media and data processing workflows using event rules
Automated creation of resource quota policies and resource cleaning for cost management
Zip and unzip files stored in OCI Object Storage
Adding custom authentication and authorization functionality to API gateway deployments
When using OCI Functions, you need to write the function code, build, and deploy it to OCI. When deploying a function to OCI, it’s packaged as a container image and pushed to a container registry. We’re launching the new pre-built functions capability to remove the need to maintain function code and images for using OCI Functions to run common tasks and actions.
Pre-built functions is an extension of OCI Functions that offers an easy-to-use serverless platform to all OCI users for automation, integration and extensibility without having to write, build, and maintain any code. This new capability provides ready-to-use functions that you can use to run various cloud operations.You can simply discover a pre-built function, configure it, and deploy it to OCI Functions with a single click or using API. This function is then invoked by predefined triggers, based on an event or an API request to run a specific task or action for which it is built.
This simple yet powerful experience is enabled by the following key features of pre-built functions:
Catalog of pre-built functions listings with search and filtering capabilities to easily discover the right pre-built function for your use case through the Oracle Cloud Console, CLI, or API.
Listing for each pre-built function that describes its functionality and how it works by providing information, such as triggers, memory, configuration, and Identity and Access Management (IAM) policy, required for its processing.
One-click deployment experience through a guided wizard to create a new function with the ability to create IAM policies automatically and provide configuration values.
Oracle-provided pre-built functions built, maintained, and supported by Oracle following code quality and security best practices with automated upgrades for security and bug fixes.
Now, let’s look at the Zero Quota Policy pre-built function as an example and understand how you can use it to manage Oracle Cloud Infrastructure spending budgets and implement automated controls by enforcing rules at the compartment level or cost-tracking tag level.For example, the user can configure budget rules to enforce governance and manage spending.They can set alerts on a budget to receive an email notification based on an actual or forecasted spending threshold.In addition, they can setup an event rule with Events service to trigger functions that create quotas to control resource consumption within the limits defined.
Navigate to Functions in Developer Services and select Pre-built Functions to view the catalog. The catalog shows the collection of Pre-Built Function Listings available to use. Find 'Zero Quota Policy Creator' function. Users can search for a pre-built function using the ' Search' or filter options.
The listing page provides information about the pre-built function. This information is organized under multiple tabs – Overview, Policies, Configurations, and Tags.
Click the Create function button to open the function creation guide, which helps to create a function in your tenancy from the pre-built function. It gives the following capabilities:
Specify the function name and select the function application in which the function is created.
Automatically create the dynamic group and IAM policy required to run the function. Users can choose to not create them automatically.
Configure Memory (Default: 256 M), Timeout (Default:300 sec), and provisioned concurrency if needed for the function to be created.
Provide values for required and optional configuration keys.For example, the service family names that you'd like to apply the quota policy statements (Block storage, Object storage, compute etc). This is used to set quotas for resources in the compartments.
When you have provided necessary inputs, click Create. It creates the function and dynamic group or IAM policy if you didn’t opt out of automated creation. This simplifies the policy creation process and removes the need to create policies manually. When the function is created successfully, you can click the Show details link to navigate to the function.
Once the function is created, it can be invoked using the triggers described on the PBF Listing page. If a PBF uses other OCI service, for example Event Rules as a trigger, you can go to that service to create a Rule of the type "TriggeredAlert- Create", pass the 'BudgetId' as the attribute and configure the function created to be triggered when the Budget Alert rules are met at a compartment or tenancy level. Functions can be invoked using CLI, SDK or HTTP as described in Functions documentation.
As a result of this quota policy, users can prevent the creation of new Compute resources in your tenancy. Anyone who tries to create resources after crossing the budget is unable to do so and sees a message notifying them that the compartment quota was exceeded.
With these steps, you can enforce strict rules and help control cloud costs using Budgets pre-built functions. Many such pre-built functions are being contributed to the catalog, enabling them to automate the process of various tasks and actions across various Oracle Cloud Infrastructure services.
To learn more about pre-built functions, see the following resources:
OCI Serverless Containers, Kubernetes, and Functions services.