Event Domain
The Event domain is an optional feature that must be explicitly enabled by a platform administrator through an EventConfig resource.
The Event domain handles event publishing and subscribing within the Control Plane. It serves as the business-logic layer between the Rover domain (user configuration) and the PubSub domain (runtime configuration). Its core responsibilities include managing event types, handling approval for event subscriptions, and orchestrating cross-zone event meshing.
Custom Resources
EventConfig
EventConfig is the Schema for the eventconfigs API. It provides configuration for the event operator, including the configuration backend connection and OAuth2 authentication settings.
Group: event.cp.ei.telekom.de · Version: v1 · Scope: Namespaced
EventConfigSpec
Appears in: EventConfig
EventConfigSpec defines the desired state of EventConfig.
| Field | Type | Default | Validation |
|---|---|---|---|
admin | Admin | — | Required |
mesh | Mesh | — | Required |
publishEventUrl | string | — | Required, Format: uri |
serverSendEventUrl | string | — | Required, Format: uri |
voyagerApiUrl | string | — | Optional, Format: uri |
zone | Realm | — | Required |
Admin
Appears in: EventConfigSpec
Admin configures the connection to the configuration backend.
| Field | Type | Default | Validation |
|---|---|---|---|
client | Client | — | Required |
url | string | — | Required, Format: uri, minLength: 1 |
Client
Client configures the identity client used for admin access to the configuration backend.
| Field | Type | Default | Validation |
|---|---|---|---|
clientId | string | — | Optional |
clientSecret | string | — | Optional |
realm | Realm | — | Optional |
Realm
Appears in: Client, EventConfigSpec, EventConfigStatus, EventExposureSpec, EventExposureStatus, EventSubscriptionSpec, EventSubscriptionStatus
Realm references the identity Realm CR used for OAuth2 authentication If empty, it is assumed that the default realm should be used.
| Field | Type | Default | Validation |
|---|---|---|---|
name | string | — | Required |
namespace | string | — | Required |
uid | string | — | Optional |
Mesh
Appears in: EventConfigSpec
Mesh configures the mesh topology for event distribution.
| Field | Type | Default | Validation |
|---|---|---|---|
client | Client | — | Required |
fullMesh | boolean | true | Required |
zoneNames | string[] | — | Optional |
EventConfigStatus
Appears in: EventConfig
EventConfigStatus defines the observed state of EventConfig.
| Field | Type | Default | Validation |
|---|---|---|---|
adminClient | AdminClient | — | Optional |
callbackRoute | Realm | — | Optional |
callbackUrl | string | — | Optional |
conditions | Condition[] | — | Optional |
eventStore | Realm | — | Optional |
meshClient | AdminClient | — | Optional |
proxyCallbackRoutes | Realm[] | — | Optional |
proxyCallbackUrls | map<string, string> | — | Optional |
proxyVoyagerRoutes | Realm[] | — | Optional |
proxyVoyagerUrls | map<string, string> | — | Optional |
publishRoute | Realm | — | Optional |
publishUrl | string | — | Optional |
voyagerRoute | Realm | — | Optional |
voyagerUrl | string | — | Optional |
AdminClient
Appears in: EventConfigStatus
AdminClient references the identity Client CR created for admin access to the configuration backend.
| Field | Type | Default | Validation |
|---|---|---|---|
name | string | — | Required |
namespace | string | — | Required |
observedGeneration | integer | — | Required, Format: int64 |
uid | string | — | Optional |
Condition
Appears in: EventConfigStatus, EventExposureStatus, EventSubscriptionStatus, EventTypeStatus
| Field | Type | Default | Validation |
|---|---|---|---|
lastTransitionTime | string | — | Required, Format: date-time |
message | string | — | Required, maxLength: 32768 |
observedGeneration | integer | — | Optional, Format: int64, minimum: 0 |
reason | string | — | Required, minLength: 1, maxLength: 1024, pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ |
status | string | — | Required, Enum: True \| False \| Unknown |
type | string | — | Required, maxLength: 316, pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ |
EventExposure
EventExposure is the Schema for the eventexposures API. It represents a declaration that an application publishes events of a specific type, making them available for subscription by other applications.
Group: event.cp.ei.telekom.de · Version: v1 · Scope: Namespaced
EventExposureSpec
Appears in: EventExposure
EventExposureSpec defines the desired state of EventExposure.
| Field | Type | Default | Validation |
|---|---|---|---|
additionalPublisherIds | string[] | — | Optional |
approval | Approval | — | Required |
eventType | string | — | Required, minLength: 1 |
provider | Provider | — | Required |
scopes | Scopes[] | — | Optional |
visibility | string | Enterprise | Required, Enum: World \| Zone \| Enterprise |
zone | Realm | — | Required |
Approval
Appears in: EventExposureSpec
Approval configures how subscriptions to this event are approved.
| Field | Type | Default | Validation |
|---|---|---|---|
strategy | string | Auto | Required, Enum: Auto \| Simple \| FourEyes |
trustedTeams | string[] | — | Optional, minItems: 0, maxItems: 10 |
Provider
Appears in: EventExposureSpec, EventSubscriptionSpec
Provider identifies the providing application.
| Field | Type | Default | Validation |
|---|---|---|---|
apiVersion | string | — | Optional |
kind | string | — | Optional |
name | string | — | Required |
namespace | string | — | Required |
uid | string | — | Optional |
Scopes
Appears in: EventExposureSpec
Scopes defines named scopes with optional publisher-side trigger filtering.
| Field | Type | Default | Validation |
|---|---|---|---|
name | string | — | Required, minLength: 1 |
trigger | Trigger | — | Required |
Trigger
Appears in: Scopes, EventSubscriptionSpec
Trigger defines publisher-side filtering criteria for this scope. Every scope must define a trigger.
| Field | Type | Default | Validation |
|---|---|---|---|
responseFilter | ResponseFilter | — | Optional |
selectionFilter | SelectionFilter | — | Optional |
ResponseFilter
Appears in: Trigger
ResponseFilter controls payload shaping (which fields to return).
| Field | Type | Default | Validation |
|---|---|---|---|
mode | string | Include | Optional, Enum: Include \| Exclude |
paths | string[] | — | Optional |
SelectionFilter
Appears in: Trigger
SelectionFilter controls event matching (which events to deliver).
| Field | Type | Default | Validation |
|---|---|---|---|
attributes | map<string, string> | — | Optional |
expression | object | — | Optional |
EventExposureStatus
Appears in: EventExposure
EventExposureStatus defines the observed state of EventExposure.
| Field | Type | Default | Validation |
|---|---|---|---|
active | boolean | — | Required |
callbackURL | string | — | Optional |
conditions | Condition[] | — | Optional |
proxyRoutes | Realm[] | — | Optional |
publisher | Realm | — | Optional |
route | Realm | — | Optional |
sseUrls | map<string, string> | — | Optional |
EventSubscription
EventSubscription is the Schema for the eventsubscriptions API. It represents a declaration that an application subscribes to events of a specific type, configuring delivery, filtering, and scope selection.
Group: event.cp.ei.telekom.de · Version: v1 · Scope: Namespaced
EventSubscriptionSpec
Appears in: EventSubscription
EventSubscriptionSpec defines the desired state of EventSubscription.
| Field | Type | Default | Validation |
|---|---|---|---|
delivery | Delivery | — | Required |
eventType | string | — | Required, minLength: 1 |
requestor | Provider | — | Required |
scopes | string[] | — | Optional |
trigger | Trigger | — | Optional |
zone | Realm | — | Required |
Delivery
Appears in: EventSubscriptionSpec
Delivery configures how events are delivered to the subscriber.
| Field | Type | Default | Validation |
|---|---|---|---|
callback | string | — | Optional, Format: uri |
circuitBreakerOptOut | boolean | — | Optional |
enforceGetHttpRequestMethodForHealthCheck | boolean | — | Optional |
eventRetentionTime | string | — | Optional |
payload | string | Data | Required, Enum: Data \| DataRef |
redeliveriesPerSecond | integer | — | Optional |
retryableStatusCodes | integer[] | — | Optional |
type | string | Callback | Required, Enum: Callback \| ServerSentEvent |
EventSubscriptionStatus
Appears in: EventSubscription
EventSubscriptionStatus defines the observed state of EventSubscription.
| Field | Type | Default | Validation |
|---|---|---|---|
approval | Realm | — | Optional |
approvalRequest | Realm | — | Optional |
conditions | Condition[] | — | Optional |
subscriber | Realm | — | Optional |
subscriptionID | string | — | Optional |
url | string | — | Optional, Format: uri |
EventType
EventType is the Schema for the eventtypes API. It represents a singleton registry entry for a known event type, serving as the canonical reference that both EventExposure and EventSubscription point to.
Group: event.cp.ei.telekom.de · Version: v1 · Scope: Namespaced
EventTypeSpec
Appears in: EventType
EventTypeSpec defines the desired state of EventType.
| Field | Type | Default | Validation |
|---|---|---|---|
description | string | — | Optional |
specification | string | — | Optional |
type | string | — | Required, minLength: 1, maxLength: 253, pattern: ^[a-z0-9]+(\.[a-z0-9]+)*$ |
version | string | — | Required, pattern: ^\d+.*$ |
EventTypeStatus
Appears in: EventType
EventTypeStatus defines the observed state of EventType.
| Field | Type | Default | Validation |
|---|---|---|---|
active | boolean | — | Required |
conditions | Condition[] | — | Optional |
Cross-Zone Meshing
When event publishers and subscribers are in different zones, the Event domain automatically creates proxy routes to deliver events across zone boundaries. This enables:
- Events published in one cloud environment to be consumed in another
- SSE streams to be proxied across zones
- Callback deliveries to reach subscribers in remote zones
The mesh topology is configured through the EventConfig resource. With fullMesh: true, every zone can communicate with every other zone. Alternatively, you can list specific zone names for selective meshing.
Domain Interactions
The Event domain has the broadest cross-domain interaction surface in the platform:
- Rover domain — Rover files create EventExposure and EventSubscription resources.
- PubSub domain — The Event domain creates EventStore, Publisher, and Subscriber resources.
- Gateway domain — Creates routes for publishing, SSE delivery, and cross-zone proxy communication.
- Identity domain — Creates clients for OAuth2 token exchange between zones.
- Application domain — Reads Application resources for publisher and subscriber metadata.
- Approval domain — Creates Approval and ApprovalRequest resources for event subscriptions.
- Admin domain — Watches Zone resources for configuration changes.