diff --git a/cloud/terraform/otc/clouds.yaml b/cloud/terraform/otc/clouds.yaml
new file mode 100644
index 00000000..742ceb4b
--- /dev/null
+++ b/cloud/terraform/otc/clouds.yaml
@@ -0,0 +1,8 @@
+clouds:
+  open-telekom-cloud:
+    auth:
+      project_name: eu-de_your_project
+      username: your_api_user
+      password: your_password
+      user_domain_name: OTC-EU-DE-000000000010000XXXXX
+      auth_url: https://iam.eu-de.otc.t-systems.com/v3
diff --git a/cloud/terraform/otc/main.tf b/cloud/terraform/otc/main.tf
new file mode 100644
index 00000000..36030911
--- /dev/null
+++ b/cloud/terraform/otc/main.tf
@@ -0,0 +1,67 @@
+resource "opentelekomcloud_networking_secgroup_v2" "secgroup_1" {
+  name        = var.secgroup_name
+  description = var.secgroup_desc
+}
+
+resource "opentelekomcloud_networking_secgroup_rule_v2" "secgroup_rule_1" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = opentelekomcloud_networking_secgroup_v2.secgroup_1.id
+}
+
+resource "opentelekomcloud_networking_network_v2" "network_1" {
+  name = var.network_name
+}
+
+resource "opentelekomcloud_networking_subnet_v2" "subnet_1" {
+  name            = var.subnet_name
+  network_id      = opentelekomcloud_networking_network_v2.network_1.id
+  cidr            = "192.168.0.0/24"
+  dns_nameservers = ["1.1.1.1", "8.8.8.8"]
+}
+
+resource "opentelekomcloud_networking_router_v2" "router_1" {
+  name = var.router_name
+}
+
+resource "opentelekomcloud_networking_router_interface_v2" "router_interface_1" {
+  router_id = opentelekomcloud_networking_router_v2.router_1.id
+  subnet_id = opentelekomcloud_networking_subnet_v2.subnet_1.id
+}
+
+resource "random_id" "tpot" {
+  byte_length = 6
+  prefix      = var.ecs_prefix
+}
+
+resource "opentelekomcloud_compute_instance_v2" "ecs_1" {
+  availability_zone = var.availabiliy_zone
+  name              = random_id.tpot.b64
+  flavor_name       = var.flavor
+  key_pair          = var.key_pair
+  security_groups   = [opentelekomcloud_networking_secgroup_v2.secgroup_1.name]
+  user_data         = templatefile("../cloud-init.yaml", {timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password})
+
+  network {
+    name = opentelekomcloud_networking_network_v2.network_1.name
+  }
+
+  block_device {
+    uuid                  = var.image_id
+    source_type           = "image"
+    volume_size           = var.volume_size
+    destination_type      = "volume"
+    delete_on_termination = "true"
+  }
+
+  depends_on = [opentelekomcloud_networking_router_interface_v2.router_interface_1]
+}
+
+resource "opentelekomcloud_networking_floatingip_v2" "floatip_1" {
+}
+
+resource "opentelekomcloud_compute_floatingip_associate_v2" "fip_2" {
+  floating_ip = opentelekomcloud_networking_floatingip_v2.floatip_1.address
+  instance_id = opentelekomcloud_compute_instance_v2.ecs_1.id
+}
diff --git a/cloud/terraform/otc/outputs.tf b/cloud/terraform/otc/outputs.tf
new file mode 100644
index 00000000..2ec77c27
--- /dev/null
+++ b/cloud/terraform/otc/outputs.tf
@@ -0,0 +1,11 @@
+output "Admin_UI" {
+  value = "https://${opentelekomcloud_networking_floatingip_v2.floatip_1.address}:64294"
+}
+
+output "SSH_Access" {
+  value = "ssh -p 64295 linux@${opentelekomcloud_networking_floatingip_v2.floatip_1.address}"
+}
+
+output "Web_UI" {
+  value = "https://${opentelekomcloud_networking_floatingip_v2.floatip_1.address}:64297"
+}
diff --git a/cloud/terraform/otc/provider.tf b/cloud/terraform/otc/provider.tf
new file mode 100644
index 00000000..9dac3e37
--- /dev/null
+++ b/cloud/terraform/otc/provider.tf
@@ -0,0 +1,3 @@
+provider "opentelekomcloud" {
+    cloud = "open-telekom-cloud"
+}
diff --git a/cloud/terraform/otc/variables.tf b/cloud/terraform/otc/variables.tf
new file mode 100644
index 00000000..24eca503
--- /dev/null
+++ b/cloud/terraform/otc/variables.tf
@@ -0,0 +1,76 @@
+# cloud-init configuration
+variable "timezone" {
+  default = "UTC"
+}
+
+variable "linux_password" {
+  #default = "LiNuXuSeRPaSs#"
+  description = "Set a password for the default user"
+}
+
+# Cloud resources name configuration
+variable "secgroup_name" {
+  default = "tpot-secgroup"
+}
+
+variable "secgroup_desc" {
+  default = "T-Pot Security Group"
+}
+
+variable "network_name" {
+  default = "tpot-network"
+}
+
+variable "subnet_name" {
+  default = "tpot-subnet"
+}
+
+variable "router_name" {
+  default = "tpot-router"
+}
+
+variable "ecs_prefix" {
+  default = "tpot-"
+}
+
+# ECS configuration
+variable "availabiliy_zone" {
+  default = "eu-de-03"
+  description = "Select an availability zone"
+}
+
+variable "flavor" {
+  default = "s2.medium.8"
+  description = "Select a compute flavor"
+}
+
+variable "key_pair" {
+  #default = ""
+  description = "Specify your SSH key pair"
+}
+
+variable "image_id" {
+  default = "d97dd29c-9318-4e4c-8d3a-7307d1513b77"
+  description = "Select a Debian 10 base image id"
+}
+
+variable "volume_size" {
+  default = "128"
+  description = "Set the volume size"
+}
+
+# These will go in the generated tpot.conf file
+variable "tpot_flavor" {
+  default = "STANDARD"
+  description = "Specify your tpot flavor [STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN]"
+}
+
+variable "web_user" {
+  default = "webuser"
+  description = "Set a username for the web user"
+}
+
+variable "web_password" {
+  #default = "w3b$ecret"
+  description = "Set a password for the web user"
+}
diff --git a/cloud/terraform/otc/versions.tf b/cloud/terraform/otc/versions.tf
new file mode 100644
index 00000000..d9b6f790
--- /dev/null
+++ b/cloud/terraform/otc/versions.tf
@@ -0,0 +1,3 @@
+terraform {
+  required_version = ">= 0.12"
+}