{"id":48051,"date":"2023-04-10T14:38:54","date_gmt":"2022-12-11T00:19:16","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/"},"modified":"2024-01-15T12:29:56","modified_gmt":"2024-01-15T04:29:56","slug":"%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/","title":{"rendered":"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform"},"content":{"rendered":"

\u4f60\u597d\u3002\u6211\u662f\u4e00\u540d\u524d\u7aef\u521d\u5b66\u8005\u3002
\n\u6700\u8fd1\uff0c\u6211\u8bd5\u56fe\u4f7f\u7528Amplify\u548cAppsync\u6765\u5b66\u4e60Vue.js\u3002\u5728\u6b64\u8fc7\u7a0b\u4e2d\uff0c\u6211\u89c9\u5f97\u4f7f\u7528Terraform\u6bd4\u4f7f\u7528amplify-cli\u548cCloudFormation\u6765\u6784\u5efaAWS\u73af\u5883\u66f4\u6613\u7ba1\u7406\u4e14\u66f4\u7075\u6d3b\uff0c\u6240\u4ee5\u6211\u60f3\u5411\u5927\u5bb6\u62a5\u544a\u4e00\u4e0b\u3002
\n\u7531\u4e8eTerraform\u3001Vue.js\u548cAmplify\u90fd\u662f\u6211\u7b2c\u4e00\u6b21\u4f7f\u7528\uff0c\u6240\u4ee5\u53ef\u80fd\u4f1a\u6709\u4e9b\u95ee\u9898\u3002\u5982\u679c\u4f60\u80fd\u7ed9\u6211\u4e00\u4e9b\u5efa\u8bae\uff0c\u6211\u4f1a\u975e\u5e38\u9ad8\u5174\u3002<\/p>\n

\u4e3a\u4ec0\u4e48\u9009\u62e9Terraform\uff1f<\/h2>\n

\u61c2\u5f97Amplify\u4e14\u719f\u6089CloudFormation\u7684\u4eba\uff0c\u6211\u8ba4\u4e3a\u4f7f\u7528amplify-cli\u4f1a\u66f4\u65b9\u4fbf\u3002\u53ef\u80fd\u6ca1\u6709\u7279\u522b\u9700\u8981\u4f7f\u7528Terraform\u7684\u7406\u7531\u3002<\/p>\n

\u5728\u8fd9\u6b21\u4f7f\u7528Terraform\u7684\u52a8\u673a\u662f\uff0c\u5f53\u6211\u5728S3\u7684\u89e6\u53d1\u5668\u4e0a\u521b\u5efa\u4e86Lambda\u51fd\u6570\u65f6\uff0c\u60f3\u8981\u5c06\u73af\u5883\u53d8\u91cf\u4f20\u9012\u7ed9\u6e90\u4ee3\u7801\uff0c\u4f46\u4e0d\u77e5\u9053\u5982\u4f55\u914d\u7f6e\u3002\u8fd8\u6709\uff0c\u60f3\u5c06GraphQL\u914d\u7f6e\u4e3aIAM\u8ba4\u8bc1\uff0c\u53ea\u5141\u8bb8\u7279\u5b9a\u7684\u67e5\u8be2\u8fdb\u884c\u8bbf\u95ee\uff0c\u4f46\u4e5f\u4e0d\u77e5\u9053\u5982\u4f55\u914d\u7f6e\u3002\u800c\u5728Terraform\u4e2d\uff0c\u53ea\u9700\u9605\u8bfb\u6587\u6863\uff0c\u5c31\u53ef\u4ee5\u7075\u6d3b\u5730\u8fdb\u884c\u8fd9\u4e9b\u914d\u7f6e\u3002<\/p>\n

\u4ee5\u4e0b\u662f\u6211\u8ba4\u4e3aTerraform\u66f4\u6613\u4e8e\u4f7f\u7528\u7684\u4e09\u4e2a\u65b9\u9762\uff0c\u5176\u4e2d\u540e\u4e24\u4e2a\u5c24\u4e3a\u91cd\u8981\u3002<\/p>\n

\u6ca1\u6709\u8d85\u8fc7\u81ea\u5df1\u5199\u7684\u5185\u5bb9\u8bbe\u5b9a<\/h4>\n

\u4f7f\u7528amplify-cli\u65f6\uff0c\u6839\u636e\u5e94\u7528\u7684\u4e0d\u540c\u53ef\u80fd\u4f1a\u521b\u5efa\u4e0d\u5fc5\u8981\u7684\u8d44\u6e90\uff0c\u4ee5\u53ca\u4f7f\u7528\u81ea\u52a8\u751f\u6210\u7684\u540d\u79f0\u3002
\n\u5f53\u7136\uff0c\u5728\u4f7f\u7528Terraform\u65f6\uff0c\u60a8\u53ef\u4ee5\u81ea\u5df1\u547d\u540d\u8d44\u6e90\uff0c\u5e76\u4e14\u4e0d\u4f1a\u521b\u5efa\u8d85\u8fc7\u60a8\u914d\u7f6e\u7684\u8d44\u6e90\u6570\u91cf\uff0c\u56e0\u6b64\u66f4\u5bb9\u6613\u7406\u89e3\u6b63\u5728\u8fdb\u884c\u7684\u64cd\u4f5c\u3002
\n\u8fd9\u53ef\u80fd\u662f\u4e00\u4e2a\u521d\u5b66\u8005\u7684\u95ee\u9898\u3002<\/p>\n

\u5c06\u8d44\u6e90\u66f4\u6539\u7f16\u7801\u5316\u7684\u5faa\u73af\u53d8\u5f97\u7b80\u5355\u3002<\/h4>\n

amplify-cli\u4f1a\u901a\u8fc7\u6dfb\u52a0\/\u66f4\u65b0\/\u63a8\u9001\u7b49\u547d\u4ee4\u6765\u66f4\u65b0\u8d44\u6e90\uff0c\u4f46\u8981\u6301\u7eed\u4fee\u6539\/\u7ba1\u7406\u521b\u5efa\u7684\u8d44\u6e90\uff0c\u5f88\u96be\u7406\u89e3\u5728\u54ea\u91cc\u4fee\u6539\u4e5f\u5f88\u56f0\u96be\u3002
\n\u5728Terraform\u4e2d\uff0c\u5373\u4f7f\u5728AWS\u63a7\u5236\u53f0\u66f4\u6539\u4e86\u5185\u5bb9\uff0c\u4e5f\u53ef\u4ee5\u901a\u8fc7\u5bfc\u5165->\u8ba1\u5212->\u5e94\u7528\u7684\u91cd\u590d\u8fc7\u7a0b\uff0c\u6301\u7eed\u5c06\u5176\u7f16\u7801\u5316\uff0c\u8fd9\u662f\u4e2a\u597d\u5904\u3002<\/p>\n

\u53ef\u4ee5\u5c06\u6570\u636e\u4e0e\u8bbe\u7f6e\u5206\u79bb\u5e76\u8fdb\u884c\u7f16\u7801\u3002<\/h4>\n

amplify-cli\u5c06\u8f93\u51fa\u4e00\u4e2a\u540d\u4e3a”amplify\/backend\/awscloudformation\/nested-cloudformation-stack.yml”\u7684\u5806\u6808\u5b9a\u4e49\u6587\u4ef6\uff0c\u5176\u4e2d\u542b\u6709ARN\u548c\u5e10\u6237ID\u7b49\u4fe1\u606f\uff0c\u8fd9\u4f7f\u5f97\u96be\u4ee5\u5171\u4eab\u6240\u521b\u5efa\u7684\u5de5\u4f5c\u3002\u76f8\u6bd4\u4e4b\u4e0b\uff0cTerraform\u53ef\u4ee5\u901a\u8fc7tfvars\u548ctfstate\u6765\u9690\u85cf\u4e0d\u60f3\u5c55\u793a\u7684\u4fe1\u606f\uff0c\u5e76\u4e14\u4ec5\u901a\u8fc7tf\u6587\u4ef6\u6765\u5171\u4eab\u5b9a\u4e49\u3002<\/p>\n

\u4f7f\u7528Terraform\u521b\u5efaAmplify\u73af\u5883\u3002<\/h2>\n

\u90a3\u4e48\uff0c\u6211\u60f3\u7528Terraform\u6784\u5efaaws-samples\/aws-amplify-vue\u7684\u73af\u5883\uff0c\u5e76\u786e\u4fdd\u5b83\u80fd\u591f\u6b63\u5e38\u5de5\u4f5c\u3002
\n\u6211\u4eec\u4e0d\u4f1a\u6dfb\u52a0\u4e0d\u9700\u8981\u4f7f\u7528\u7684\u8d44\u6e90\uff0c\u8fd9\u4e9b\u8d44\u6e90\u662f\u7531amplify-cli\u751f\u6210\u7684\u3002
\n\u6211\u5df2\u7ecf\u5c06\u521b\u5efa\u7684\u5185\u5bb9\u653e\u5728\u4e86github\u4e0a\u3002
\n\u53ef\u4ee5\u901a\u8fc7git clone -> terraform init & apply -> npm install & start\u6765\u4f7f\u7528\u5b83\uff0c\u5e0c\u671b\u8fd9\u5bf9\u4f60\u6709\u6240\u5e2e\u52a9\u3002<\/p>\n

\u51c6\u5907\u7b79\u5907<\/h3>\n

\u9996\u5148\uff0c\u521b\u5efa\u5fc5\u8981\u7684\u6587\u4ef6\u5e76\u914d\u7f6eTerraform\u7684\u4f7f\u7528\u3002\u8bf7\u5c06tfvars\u548cftstate\u6dfb\u52a0\u5230.gitignore\u4e2d\u3002<\/p>\n

\r\nmkdir <\/span>terraform\r\ntouch <\/span>terraform\/main.tf terraform\/aws-exports.tf terraform\/terraform.tfvars\r\ncat<\/span> <<<\/span>EOF<\/span> >> .gitignore\r\nterraform\/.terraform\r\nterraform\/terraform.tfvars\r\nterraform\/terraform.tfstate*\r\n<\/span>EOF\r\n<\/span>terraform init\r\n<\/code><\/pre>\n
\u7f16\u8f91\u4ee5\u4e0b\u521b\u5efa\u7684\u6587\u4ef6\u3002<\/p>\n
\r\nvariable<\/span> \"app_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"amplify_terraform_example\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"app_env\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"dev\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_profile\"<\/span> {}<\/span>\r\nvariable<\/span> \"aws_default_region\"<\/span> {}<\/span>\r\n\r\nprovider<\/span> \"aws\"<\/span> {<\/span>\r\n  profile<\/span> =<\/span> \"${var.aws_profile}\"<\/span>\r\n  region<\/span>  =<\/span> \"${var.aws_default_region}\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"aws_caller_identity\"<\/span> \"current\"<\/span> {}<\/span>\r\n<\/code><\/pre>\n
main.tf\u8d1f\u8d23\u6267\u884c\u5e94\u7528\u7a0b\u5e8f\u540d\u79f0\u3001\u73af\u5883\u540d\u79f0\u548cAWS\u63d0\u4f9b\u7a0b\u5e8f\u7684\u521d\u59cb\u5316\u3002<\/p>\n
\u7531\u4e8eAWS\u5e10\u6237\u662f\u901a\u8fc7\u914d\u7f6e\u6587\u4ef6\u6307\u5b9a\u7684\uff0c\u6240\u4ee5\u8bf7\u5728\u4f7f\u7528aws-cli\u4e4b\u524d\u63d0\u524d\u521b\u5efa\u914d\u7f6e\u6587\u4ef6\uff0c\u5e76\u5c06\u5176\u4e0eterraform.tfvars\u6587\u4ef6\u4e2d\u7684\u533a\u57df\u8bbe\u7f6e\u4e00\u8d77\u914d\u7f6e\u3002<\/p>\n
resource<\/span> \"local_file\"<\/span> \"aws_exports_js\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"..\/src\/aws-exports.js\"<\/span>\r\n  content<\/span>  =<\/span> <<<\/span>EOF<\/span>\r\nconst awsmobile = {\r\n    \"aws_project_region\": \"${var.aws_default_region}\",\r\n};\r\nexport default awsmobile;\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n<\/code><\/pre>\n
aws-exports.tf\u662f\u7528\u4e8e\u751f\u6210Amplify\u5e94\u7528\u7a0b\u5e8f\u7684\u914d\u7f6e\u6587\u4ef6\u7684\u6587\u4ef6\u3002\u76ee\u524d\u4ec5\u5bfc\u51fa\u533a\u57df\u4fe1\u606f\u3002<\/p>\n
\u5982\u679c\u53ef\u80fd\u7684\u8bdd\uff0c\u5148\u4f7f\u7528terraform plan\u786e\u8ba4\u4e00\u4e0b\u662f\u5426\u6ca1\u6709\u9519\u8bef\u3002<\/p>\n
\u8fdb\u884c\u521d\u59cb\u8bbe\u5b9a<\/h3>\n
\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u5c06\u8fdb\u884c\u76f8\u5f53\u4e8eamplify init\u7684\u8bbe\u7f6e\u3002\u6211\u4eec\u5c06\u521b\u5efa\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u548c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684IAM\u89d2\u8272\u3002\u867d\u7136amplify-cli\u4f1a\u521b\u5efa\u540d\u4e3a”deployment”\u7684CFn S3\u5b58\u50a8\u6876\uff0c\u4f46\u6211\u4eec\u4e0d\u4f1a\u4f7f\u7528\u5b83\uff0c\u6240\u4ee5\u4e0d\u521b\u5efa\u3002<\/p>\n
\r\nresource<\/span> \"aws_iam_role\"<\/span> \"authenticated_user\"<\/span> {<\/span>\r\n  name<\/span>               =<\/span> \"${var.app_name}_${var.app_env}_authed_user_role\"<\/span>\r\n  assume_role_policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Effect\": \"Allow\",\r\n            \"Principal\": {\r\n                \"Federated\": \"cognito-identity.amazonaws.com\"\r\n            },\r\n            \"Action\": \"sts:AssumeRoleWithWebIdentity\",\r\n            \"Condition\": {\r\n                \"ForAnyValue:StringLike\": {\r\n                    \"cognito-identity.amazonaws.com:amr\": \"authenticated\"\r\n                }\r\n            }\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_role\"<\/span> \"unauthenticated_user\"<\/span> {<\/span>\r\n  name<\/span> =<\/span> \"${var.app_name}_${var.app_env}_unauthed_user_role\"<\/span>\r\n  assume_role_policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Effect\": \"Allow\",\r\n            \"Principal\": {\r\n                \"Federated\": \"cognito-identity.amazonaws.com\"\r\n            },\r\n            \"Action\": \"sts:AssumeRoleWithWebIdentity\",\r\n            \"Condition\": {\r\n                \"ForAnyValue:StringLike\": {\r\n                    \"cognito-identity.amazonaws.com:amr\": \"unauthenticated\"\r\n                }\r\n            }\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n<\/code><\/pre>\n
\u9a8c\u8bc1<\/h3>\n
\u8fdb\u884c\u4e0eamplify add auth\u76f8\u5f53\u7684\u8bbe\u7f6e\u3002
\n\u5728\u8ba4\u8bc1\u65b9\u9762\uff0c\u6211\u4eec\u5c06\u6dfb\u52a0cognito\u7528\u6237\u6c60\u548c\u8eab\u4efd\u6c60\u7684\u8d44\u6e90\u3002\u5728\u8eab\u4efd\u6c60\u4e2d\uff0c\u6211\u4eec\u5c06\u8bbe\u7f6e\u4ee5\u524d\u9762\u8bbe\u7f6e\u7684IAM\u89d2\u8272\u7684ID\u5206\u914d\u7ed9\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237\u548c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237\u3002
\n\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4e0d\u4f7f\u7528amplify-cli\u6dfb\u52a0SNS\u4e3b\u9898\u6216Lambda\u51fd\u6570\uff0c\u56e0\u6b64\u4e0b\u9762\u6ca1\u6709\u8fdb\u884c\u63cf\u8ff0\u3002<\/p>\n
\u8bf7\u4fee\u6539 aws-exports.js \u6587\u4ef6\uff0c\u4ee5\u4fbf\u5bfc\u51fa cognito \u7684\u914d\u7f6e\u3002<\/p>\n
\r\nvariable<\/span> \"aws_cognito_user_pool_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"user_pool\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_cognito_user_pool_client_web_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"user_pool_client_web\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_cognito_user_pool_client_app_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"user_pool_client_app\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_cognito_identity_pool_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"identity_pool\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_cognito_user_pool\"<\/span> \"userpool\"<\/span> {<\/span>\r\n  name<\/span> =<\/span> \"${var.app_name}_${var.app_env}_${var.aws_cognito_user_pool_name}\"<\/span>\r\n  auto_verified_attributes<\/span> =<\/span> [<\/span>\r\n    \"email\"<\/span>\r\n  ]<\/span>\r\n\r\n  password_policy<\/span> {<\/span>\r\n    minimum_length<\/span>    =<\/span> 8<\/span>\r\n    require_lowercase<\/span> =<\/span> true<\/span>\r\n    require_numbers<\/span>   =<\/span> true<\/span>\r\n    require_symbols<\/span>   =<\/span> false<\/span>\r\n    require_uppercase<\/span> =<\/span> false<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_cognito_user_pool_client\"<\/span> \"webclient\"<\/span> {<\/span>\r\n  name<\/span>            =<\/span> \"${var.app_name}_${var.app_env}_${var.aws_cognito_user_pool_client_web_name}\"<\/span>\r\n  user_pool_id<\/span>    =<\/span> \"${aws_cognito_user_pool.userpool.id}\"<\/span>\r\n  generate_secret<\/span> =<\/span> false<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_cognito_user_pool_client\"<\/span> \"appclient\"<\/span> {<\/span>\r\n  name<\/span>            =<\/span> \"${var.app_name}_${var.app_env}_${var.aws_cognito_user_pool_client_app_name}\"<\/span>\r\n  user_pool_id<\/span>    =<\/span> \"${aws_cognito_user_pool.userpool.id}\"<\/span>\r\n  generate_secret<\/span> =<\/span> false<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_cognito_identity_pool\"<\/span> \"idpool\"<\/span> {<\/span>\r\n  identity_pool_name<\/span>               =<\/span> \"${var.app_name}_${var.app_env}_${var.aws_cognito_identity_pool_name}\"<\/span>\r\n  allow_unauthenticated_identities<\/span> =<\/span> true<\/span>\r\n  cognito_identity_providers<\/span> {<\/span>\r\n    client_id<\/span>               =<\/span> \"${aws_cognito_user_pool_client.webclient.id}\"<\/span>\r\n    provider_name<\/span>           =<\/span> \"${aws_cognito_user_pool.userpool.endpoint}\"<\/span>\r\n    server_side_token_check<\/span> =<\/span> false<\/span>\r\n  }<\/span>\r\n  cognito_identity_providers<\/span> {<\/span>\r\n    client_id<\/span>               =<\/span> \"${aws_cognito_user_pool_client.appclient.id}\"<\/span>\r\n    provider_name<\/span>           =<\/span> \"${aws_cognito_user_pool.userpool.endpoint}\"<\/span>\r\n    server_side_token_check<\/span> =<\/span> false<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_cognito_identity_pool_roles_attachment\"<\/span> \"user_role_attachment\"<\/span> {<\/span>\r\n  identity_pool_id<\/span> =<\/span> \"${aws_cognito_identity_pool.idpool.id}\"<\/span>\r\n  roles<\/span> =<\/span> {<\/span>\r\n    \"authenticated\"<\/span>   =<\/span> \"${aws_iam_role.authenticated_user.arn}\"<\/span>\r\n    \"unauthenticated\"<\/span> =<\/span> \"${aws_iam_role.unauthenticated_user.arn}\"<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
\u5982\u679c\u53ef\u4ee5\u7684\u8bdd\uff0c\u8bf7\u6267\u884c\u4e00\u6b21 terraform apply\u3002\u5f53\u60a8\u8bbf\u95ee\u5e94\u7528\u7a0b\u5e8f\u65f6\uff0c\u6267\u884c npm start\uff0c\u6211\u8ba4\u4e3a\u60a8\u5c06\u80fd\u591f\u5728\u5df2\u521b\u5efa\u7684\u7528\u6237\u6c60\u4e2d\u8fdb\u884c\u6ce8\u518c\u548c\u767b\u5f55\u3002<\/p>\n
\u5b58\u50a8\u7a7a\u95f4<\/h3>\n
\u63a5\u4e0b\u6765\uff0c\u60a8\u9700\u8981\u8fdb\u884c\u7c7b\u4f3c\u4e8e”amplify add storage”\u7684\u8bbe\u7f6e\u3002\u9996\u5148\uff0c\u9700\u8981\u521b\u5efa\u4e00\u4e2a\u5b58\u50a8\u6876\u7528\u4e8e\u5b58\u50a8\u3002<\/p>\n
\r\nvariable<\/span> \"aws_s3_bucket_storage_name\"<\/span> {<\/span>\r\n  type<\/span> =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"storage-bucket\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_s3_bucket\"<\/span> \"storage_bucket\"<\/span> {<\/span>\r\n  bucket<\/span> =<\/span> \"${replace(var.app_name, \"<\/span>_<\/span>\", \"<\/span>-<\/span>\")}-${var.app_env}-${var.aws_s3_bucket_storage_name}\"<\/span>\r\n  cors_rule<\/span> {<\/span>\r\n    allowed_headers<\/span> =<\/span> [<\/span>\"*\"<\/span>]<\/span>\r\n    allowed_methods<\/span> =<\/span> [<\/span>\"GET\"<\/span>,<\/span> \"HEAD\"<\/span>,<\/span> \"PUT\"<\/span>,<\/span> \"POST\"<\/span>,<\/span> \"DELETE\"<\/span>]<\/span>\r\n    allowed_origins<\/span> =<\/span> [<\/span>\"*\"<\/span>]<\/span>\r\n    expose_headers<\/span> =<\/span> [<\/span>\r\n      \"x-amz-server-side-encryption\"<\/span>,<\/span>\r\n      \"x-amz-request-id\"<\/span>,<\/span>\r\n      \"x-amz-id-2\"<\/span>,<\/span>\r\n      \"ETag\"<\/span>\r\n    ]<\/span>\r\n    max_age_seconds<\/span> =<\/span> 3000<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
\u7136\u540e\uff0c\u6211\u4eec\u5c06\u6388\u4e88IAM\u89d2\u8272\u5bf9\u8be5\u5b58\u50a8\u6876\u7684\u6743\u9650\u3002\u6839\u636e\u793a\u4f8b\u5e94\u7528\u7684\u5b9e\u73b0\u65b9\u5f0f\uff0c\u6211\u4eec\u9700\u8981\u4ec5\u5141\u8bb8\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237\u8bbf\u95ee\u3002\u5982\u679c\u8981\u4e3a\u8bbf\u5ba2\u63d0\u4f9b\u8bbf\u95ee\u6743\u9650\uff0c\u5219\u53ea\u9700\u5728\u6b64\u5904\u5c06\u7b56\u7565\u8fde\u63a5\u5230\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237\u5373\u53ef\u3002<\/p>\n
\u8fd9\u4e2a\u5728amplify-cli\u91cc\u9762\u5f88\u5bb9\u6613\u505a\u5230\uff0c\u4f46\u662f\u5728Terraform\u91cc\u5374\u76f8\u5f53\u9ebb\u70e6\u3002\u6211\u8ba4\u4e3a\u8fd9\u4e2aIAM\u7684\u8bbe\u7f6e\u662fAmplify\u7684\u6838\u5fc3\u90e8\u5206\uff0c\u5982\u679c\u81ea\u5df1\u53bb\u8bbe\u7f6e\u7684\u8bdd\uff0c\u7406\u89e3\u4f1a\u66f4\u52a0\u6df1\u5165\u3002<\/p>\n
\r\nresource<\/span> \"aws_iam_role\"<\/span> \"authenticated_user\"<\/span> {<\/span>\r\n  name<\/span>               =<\/span> \"${var.app_name}_${var.app_env}_authed_user_role\"<\/span>\r\n  assume_role_policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Effect\": \"Allow\",\r\n            \"Principal\": {\r\n                \"Federated\": \"cognito-identity.amazonaws.com\"\r\n            },\r\n            \"Action\": \"sts:AssumeRoleWithWebIdentity\",\r\n            \"Condition\": {\r\n                \"ForAnyValue:StringLike\": {\r\n                    \"cognito-identity.amazonaws.com:amr\": \"authenticated\"\r\n                }\r\n            }\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_role\"<\/span> \"unauthenticated_user\"<\/span> {<\/span>\r\n  name<\/span>               =<\/span> \"${var.app_name}_${var.app_env}_unauthed_user_role\"<\/span>\r\n  assume_role_policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Effect\": \"Allow\",\r\n            \"Principal\": {\r\n                \"Federated\": \"cognito-identity.amazonaws.com\"\r\n            },\r\n            \"Action\": \"sts:AssumeRoleWithWebIdentity\",\r\n            \"Condition\": {\r\n                \"ForAnyValue:StringLike\": {\r\n                    \"cognito-identity.amazonaws.com:amr\": \"unauthenticated\"\r\n                }\r\n            }\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy\"<\/span> \"storage_upload\"<\/span> {<\/span>\r\n  name<\/span>   =<\/span> \"${var.app_name}_${var.app_env}_storage_upload_policy\"<\/span>\r\n  policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Action\": [\r\n                \"s3:PutObject\"\r\n            ],\r\n            \"Resource\": [\r\n                \"${aws_s3_bucket.storage_bucket.arn}\/uploads\/*\"\r\n            ],\r\n            \"Effect\": \"Allow\"\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy_attachment\"<\/span> \"attach_storage_upload\"<\/span> {<\/span>\r\n  name<\/span>       =<\/span> \"attach_storage_upload\"<\/span>\r\n  roles<\/span>      =<\/span> [<\/span>\"${aws_iam_role.authenticated_user.name}\"<\/span>]<\/span>\r\n  policy_arn<\/span> =<\/span> \"${aws_iam_policy.storage_upload.arn}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy\"<\/span> \"storage_read\"<\/span> {<\/span>\r\n  name<\/span>   =<\/span> \"${var.app_name}_${var.app_env}_storage_read_policy\"<\/span>\r\n  policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Action\": [\r\n                \"s3:GetObject\"\r\n            ],\r\n            \"Resource\": [\r\n                \"${aws_s3_bucket.storage_bucket.arn}\/protected\/*\"\r\n            ],\r\n            \"Effect\": \"Allow\"\r\n        },\r\n        {\r\n            \"Condition\": {\r\n                \"StringLike\": {\r\n                    \"s3:prefix\": [\r\n                        \"public\/\",\r\n                        \"public\/*\",\r\n                        \"protected\/\",\r\n                        \"protected\/*\",\r\n                        \"private\/$${cognito-identity.amazonaws.com:sub}\/\",\r\n                        \"private\/$${cognito-identity.amazonaws.com:sub}\/*\"\r\n                    ]\r\n                }\r\n            },\r\n            \"Action\": [\r\n                \"s3:ListBucket\"\r\n            ],\r\n            \"Resource\": [\r\n                \"${aws_s3_bucket.storage_bucket.arn}\"\r\n            ],\r\n            \"Effect\": \"Allow\"\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy_attachment\"<\/span> \"attach_storage_read\"<\/span> {<\/span>\r\n  name<\/span>       =<\/span> \"attach_storage_read\"<\/span>\r\n  roles<\/span>      =<\/span> [<\/span>\"${aws_iam_role.authenticated_user.name}\"<\/span>]<\/span>\r\n  policy_arn<\/span> =<\/span> \"${aws_iam_policy.storage_read.arn}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy\"<\/span> \"storage_write_public\"<\/span> {<\/span>\r\n  name<\/span>   =<\/span> \"${var.app_name}_${var.app_env}_storage_write_public_policy\"<\/span>\r\n  policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Action\": [\r\n                \"s3:PutObject\",\r\n                \"s3:GetObject\",\r\n                \"s3:DeleteObject\"\r\n            ],\r\n            \"Resource\": [\r\n                \"${aws_s3_bucket.storage_bucket.arn}\/public\/*\"\r\n            ],\r\n            \"Effect\": \"Allow\"\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy_attachment\"<\/span> \"attach_storage_write_public\"<\/span> {<\/span>\r\n  name<\/span>       =<\/span> \"attach_storage_write_public\"<\/span>\r\n  roles<\/span>      =<\/span> [<\/span>\"${aws_iam_role.authenticated_user.name}\"<\/span>]<\/span>\r\n  policy_arn<\/span> =<\/span> \"${aws_iam_policy.storage_write_public.arn}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy\"<\/span> \"storage_write_protected\"<\/span> {<\/span>\r\n  name<\/span>   =<\/span> \"${var.app_name}_${var.app_env}_storage_write_protected_policy\"<\/span>\r\n  policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Action\": [\r\n                \"s3:PutObject\",\r\n                \"s3:GetObject\",\r\n                \"s3:DeleteObject\"\r\n            ],\r\n            \"Resource\": [\r\n                \"${aws_s3_bucket.storage_bucket.arn}\/protected\/$${cognito-identity.amazonaws.com:sub}\/*\"\r\n            ],\r\n            \"Effect\": \"Allow\"\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy_attachment\"<\/span> \"attach_storage_write_protected\"<\/span> {<\/span>\r\n  name<\/span>       =<\/span> \"attach_storage_write_protected\"<\/span>\r\n  roles<\/span>      =<\/span> [<\/span>\"${aws_iam_role.authenticated_user.name}\"<\/span>]<\/span>\r\n  policy_arn<\/span> =<\/span> \"${aws_iam_policy.storage_write_protected.arn}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy\"<\/span> \"storage_write_private\"<\/span> {<\/span>\r\n  name<\/span>   =<\/span> \"${var.app_name}_${var.app_env}_storage_write_private_policy\"<\/span>\r\n  policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Action\": [\r\n                \"s3:PutObject\",\r\n                \"s3:GetObject\",\r\n                \"s3:DeleteObject\"\r\n            ],\r\n            \"Resource\": [\r\n                \"${aws_s3_bucket.storage_bucket.arn}\/private\/$${cognito-identity.amazonaws.com:sub}\/*\"\r\n            ],\r\n            \"Effect\": \"Allow\"\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_policy_attachment\"<\/span> \"attach_storage_write_private\"<\/span> {<\/span>\r\n  name<\/span>       =<\/span> \"attach_storage_write_private\"<\/span>\r\n  roles<\/span>      =<\/span> [<\/span>\"${aws_iam_role.authenticated_user.name}\"<\/span>]<\/span>\r\n  policy_arn<\/span> =<\/span> \"${aws_iam_policy.storage_write_private.arn}\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
\u6211\u4eec\u5c06\u5728aws-exports.js\u6587\u4ef6\u4e2d\u8bbe\u7f6e\u5bfc\u51fa\u5b58\u50a8\u6876\u540d\u79f0\u7b49\u4fe1\u606f\u3002<\/p>\n
\u5f53\u4f60\u767b\u5f55\u540e\u8fdb\u5165\u4e2a\u4eba\u8d44\u6599\u9875\u9762\u65f6\uff0c\u6211\u8ba4\u4e3a\u4f60\u53ef\u4ee5\u4e0a\u4f20\u81ea\u5df1\u7684\u5934\u50cf\u3002\u8fd9\u4e9b\u5934\u50cf\u5c06\u4f1a\u516c\u5f00\u4e0a\u4f20\uff0c\u56e0\u6b64\u5e94\u8be5\u53ef\u4ee5\u8bbf\u95ee\u5176\u4ed6\u8d26\u6237\u7684\u5934\u50cf\u3002<\/p>\n
Appsync GraphQL API -> Appsync \u56fe\u5f62\u67e5\u8be2API<\/h3>\n
\u6700\u7d42\u6dfb\u52a0\u529f\u80fd\u662f\u4e3a\u5e94\u7528\u7a0b\u5e8f\u6dfb\u52a0Appsync\u3002\u8fd9\u76f8\u5f53\u4e8e\u8fd0\u884camplify add api\u547d\u4ee4\u3002
\n\u6211\u4eec\u5c06\u521b\u5efaDynamoDB\u8868\uff0c\u5e76\u5c06\u5176\u4f5c\u4e3a\u6570\u636e\u6e90\u914d\u7f6e\u5230Appsync\u4e0a\u7684GraphQL API\u4e2d\u3002<\/p>\n
\u5728\u8fd9\u91cc\u8bbe\u7f6eGraphQL\u7684\u6a21\u5f0f\u548c\u89e3\u6790\u5668\u3002\u5173\u4e8e\u5185\u5bb9\u6211\u4e0d\u8fdb\u884c\u89e3\u91ca\uff0c\u4f46\u662f\u6a21\u5f0f\u548c\u89e3\u6790\u5668\u5728terraform\/appsync\/graphql\u7684\u6587\u4ef6\u5939\u4e0b\u4ee5\u6587\u4ef6\u5f62\u5f0f\u8fdb\u884c\u914d\u7f6e\uff0c\u60a8\u53ef\u4ee5\u81ea\u7531\u5b9a\u5236\u3002\u4f7f\u7528amplify-cli\u65f6\uff0c\u4f1a\u81ea\u52a8\u751f\u6210\u8ba2\u9605\u7b49\u6a21\u5f0f\uff0c\u4f46\u662f\u73b0\u5728\u4e0d\u9700\u8981\uff0c\u6240\u4ee5\u6211\u6ca1\u6709\u6dfb\u52a0\u3002<\/p>\n
\r\nvariable<\/span> \"aws_dynamodb_table_todos_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"TodoTable\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_iam_role_appsync_todos_api_name\"<\/span> {<\/span>\r\n  type<\/span>        =<\/span> \"string\"<\/span>\r\n  default<\/span>     =<\/span> \"appsync_todos_api_role\"<\/span>\r\n  description<\/span> =<\/span> \"Appsync execution role\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_iam_role_policy_appsync_todos_api_name\"<\/span> {<\/span>\r\n  type<\/span>        =<\/span> \"string\"<\/span>\r\n  default<\/span>     =<\/span> \"appsync_todos_api_role_policy\"<\/span>\r\n  description<\/span> =<\/span> \"Appsync execution role policy\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_appsync_datasource_todos_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"TodoDatasource\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"aws_appsync_graphql_api_todos_name\"<\/span> {<\/span>\r\n  type<\/span>    =<\/span> \"string\"<\/span>\r\n  default<\/span> =<\/span> \"todos_api\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"local_file\"<\/span> \"graphql_todos_api_schema\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"appsync\/graphql\/schema.graphql\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"local_file\"<\/span> \"graphql_resolver_create_todo\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"appsync\/graphql\/resolvers\/createTodo.vm\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"local_file\"<\/span> \"graphql_resolver_update_todo\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"appsync\/graphql\/resolvers\/updateTodo.vm\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"local_file\"<\/span> \"graphql_resolver_delete_todo\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"appsync\/graphql\/resolvers\/deleteTodo.vm\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"local_file\"<\/span> \"graphql_resolver_get_todo\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"appsync\/graphql\/resolvers\/getTodo.vm\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"local_file\"<\/span> \"graphql_resolver_list_todos\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"appsync\/graphql\/resolvers\/listTodos.vm\"<\/span>\r\n}<\/span>\r\n\r\ndata<\/span> \"local_file\"<\/span> \"graphql_resolver_response\"<\/span> {<\/span>\r\n  filename<\/span> =<\/span> \"appsync\/graphql\/resolvers\/response.vm\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_dynamodb_table\"<\/span> \"todos_table\"<\/span> {<\/span>\r\n  name<\/span>         =<\/span> \"${var.app_name}_${var.app_env}_${var.aws_dynamodb_table_todos_name}\"<\/span>\r\n  billing_mode<\/span> =<\/span> \"PAY_PER_REQUEST\"<\/span>\r\n  hash_key<\/span>     =<\/span> \"id\"<\/span>\r\n\r\n  attribute<\/span> {<\/span>\r\n    name<\/span> =<\/span> \"id\"<\/span>\r\n    type<\/span> =<\/span> \"S\"<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_iam_role\"<\/span> \"appsync_todos_api_role\"<\/span> {<\/span>\r\n  name<\/span>               =<\/span> \"${var.aws_iam_role_appsync_todos_api_name}\"<\/span>\r\n  assume_role_policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Action\": \"sts:AssumeRole\",\r\n            \"Principal\": {\r\n                \"Service\": \"appsync.amazonaws.com\"\r\n            },\r\n            \"Effect\": \"Allow\"\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_iam_role_policy\"<\/span> \"appsync_todos_api_role_policy\"<\/span> {<\/span>\r\n  name<\/span> =<\/span> \"${var.aws_iam_role_policy_appsync_todos_api_name}\"<\/span>\r\n  role<\/span> =<\/span> \"${aws_iam_role.appsync_todos_api_role.id}\"<\/span>\r\n  policy<\/span> =<\/span> <<<\/span>EOF<\/span>\r\n{\r\n    \"Version\": \"2012-10-17\",\r\n    \"Statement\": [\r\n        {\r\n            \"Action\": [\r\n                \"dynamodb:*\"\r\n            ],\r\n            \"Effect\": \"Allow\",\r\n            \"Resource\": [\r\n                \"${aws_dynamodb_table.todos_table.arn}\",\r\n                \"${aws_dynamodb_table.todos_table.arn}\/*\"\r\n            ]\r\n        }\r\n    ]\r\n}\r\n<\/span>EOF\r\n<\/span>}<\/span>\r\n\r\nresource<\/span> \"aws_appsync_graphql_api\"<\/span> \"todos_api\"<\/span> {<\/span>\r\n  authentication_type<\/span> =<\/span> \"AMAZON_COGNITO_USER_POOLS\"<\/span>\r\n  name<\/span>                =<\/span> \"${var.app_name}_${var.app_env}_${var.aws_appsync_graphql_api_todos_name}\"<\/span>\r\n  schema<\/span>              =<\/span> \"${data.local_file.graphql_todos_api_schema.content}\"<\/span>\r\n  user_pool_config<\/span> {<\/span>\r\n    aws_region<\/span>     =<\/span> \"${var.aws_default_region}\"<\/span>\r\n    default_action<\/span> =<\/span> \"ALLOW\"<\/span>\r\n    user_pool_id<\/span>   =<\/span> \"${aws_cognito_user_pool.userpool.id}\"<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_appsync_datasource\"<\/span> \"todos_datasource\"<\/span> {<\/span>\r\n    api_id<\/span>           =<\/span> \"${aws_appsync_graphql_api.todos_api.id}\"<\/span>\r\n    name<\/span>             =<\/span> \"${var.aws_appsync_datasource_todos_name}\"<\/span>\r\n    service_role_arn<\/span> =<\/span> \"${aws_iam_role.appsync_todos_api_role.arn}\"<\/span>\r\n    type<\/span>             =<\/span> \"AMAZON_DYNAMODB\"<\/span>\r\n    dynamodb_config<\/span> {<\/span>\r\n        table_name<\/span> =<\/span> \"${aws_dynamodb_table.todos_table.name}\"<\/span>\r\n    }<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_appsync_resolver\"<\/span> \"create_todo\"<\/span> {<\/span>\r\n  api_id<\/span>            =<\/span> \"${aws_appsync_graphql_api.todos_api.id}\"<\/span>\r\n  field<\/span>             =<\/span> \"createTodo\"<\/span>\r\n  type<\/span>              =<\/span> \"Mutation\"<\/span>\r\n  data_source<\/span>       =<\/span> \"${aws_appsync_datasource.todos_datasource.name}\"<\/span>\r\n  request_template<\/span>  =<\/span> \"${data.local_file.graphql_resolver_create_todo.content}\"<\/span>\r\n  response_template<\/span> =<\/span> \"${data.local_file.graphql_resolver_response.content}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_appsync_resolver\"<\/span> \"update_todo\"<\/span> {<\/span>\r\n  api_id<\/span>            =<\/span> \"${aws_appsync_graphql_api.todos_api.id}\"<\/span>\r\n  field<\/span>             =<\/span> \"updateTodo\"<\/span>\r\n  type<\/span>              =<\/span> \"Mutation\"<\/span>\r\n  data_source<\/span>       =<\/span> \"${aws_appsync_datasource.todos_datasource.name}\"<\/span>\r\n  request_template<\/span>  =<\/span> \"${data.local_file.graphql_resolver_update_todo.content}\"<\/span>\r\n  response_template<\/span> =<\/span> \"${data.local_file.graphql_resolver_response.content}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_appsync_resolver\"<\/span> \"delete_todo\"<\/span> {<\/span>\r\n  api_id<\/span>            =<\/span> \"${aws_appsync_graphql_api.todos_api.id}\"<\/span>\r\n  field<\/span>             =<\/span> \"deleteTodo\"<\/span>\r\n  type<\/span>              =<\/span> \"Mutation\"<\/span>\r\n  data_source<\/span>       =<\/span> \"${aws_appsync_datasource.todos_datasource.name}\"<\/span>\r\n  request_template<\/span>  =<\/span> \"${data.local_file.graphql_resolver_delete_todo.content}\"<\/span>\r\n  response_template<\/span> =<\/span> \"${data.local_file.graphql_resolver_response.content}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_appsync_resolver\"<\/span> \"get_todo\"<\/span> {<\/span>\r\n  api_id<\/span>            =<\/span> \"${aws_appsync_graphql_api.todos_api.id}\"<\/span>\r\n  field<\/span>             =<\/span> \"getTodo\"<\/span>\r\n  type<\/span>              =<\/span> \"Query\"<\/span>\r\n  data_source<\/span>       =<\/span> \"${aws_appsync_datasource.todos_datasource.name}\"<\/span>\r\n  request_template<\/span>  =<\/span> \"${data.local_file.graphql_resolver_get_todo.content}\"<\/span>\r\n  response_template<\/span> =<\/span> \"${data.local_file.graphql_resolver_response.content}\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"aws_appsync_resolver\"<\/span> \"list_todos\"<\/span> {<\/span>\r\n  api_id<\/span>            =<\/span> \"${aws_appsync_graphql_api.todos_api.id}\"<\/span>\r\n  field<\/span>             =<\/span> \"listTodos\"<\/span>\r\n  type<\/span>              =<\/span> \"Query\"<\/span>\r\n  data_source<\/span>       =<\/span> \"${aws_appsync_datasource.todos_datasource.name}\"<\/span>\r\n  request_template<\/span>  =<\/span> \"${data.local_file.graphql_resolver_list_todos.content}\"<\/span>\r\n  response_template<\/span> =<\/span> \"${data.local_file.graphql_resolver_response.content}\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
\u8bf7\u786e\u4fdd\u5728 aws-exports.js \u6587\u4ef6\u4e2d\u8bbe\u7f6e GraphQL \u7684\u7aef\u70b9\u7b49\u3002
\n\u4ee5\u4e0a\u6b65\u9aa4\u5b8c\u6210\u540e\uff0c\u6267\u884c terraform apply \u540e\u5c31\u53ef\u4ee5\u6267\u884c Todo \u7684\u6dfb\u52a0\/\u5b8c\u6210\/\u5220\u9664\u64cd\u4f5c\u4e86\u3002<\/p>\n
\u603b\u7ed3<\/h2>\n
\u6211\u5df2\u7ecf\u4f7f\u7528Terraform\u521b\u5efa\u4e86\u4e00\u4e2a\u6837\u672c\u5b9e\u65bd\u73af\u5883\u3002\u867d\u7136\u8fd8\u6709\u4e00\u4e9b\u4e3b\u673a\u6258\u7ba1\u7684\u914d\u7f6e\u7b49\u8bbe\u7f6e\uff0c\u4f46\u662f\u53ea\u8981\u80fd\u591f\u5b8c\u6210\u5230\u8fd9\u4e00\u6b65\uff0c\u6211\u89c9\u5f97\u90a3\u4e5f\u4e0d\u662f\u592a\u56f0\u96be\uff0c\u5c31\u4e0d\u8d58\u8ff0\u4e86\u3002
\n\u4f7f\u7528Terraform\u9010\u4e00\u914d\u7f6e\u6bcf\u4e2a\u8d44\u6e90\u52a0\u6df1\u4e86\u5bf9Amplify\u7684\u7406\u89e3\u3002\u5e0c\u671b\u80fd\u591f\u8fdb\u4e00\u6b65\u52a0\u6df1\u7406\u89e3\uff0c\u751a\u81f3\u80fd\u591f\u4e3aamplify-cli\u505a\u51fa\u8d21\u732e\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u4f60\u597d\u3002\u6211\u662f\u4e00\u540d\u524d\u7aef\u521d\u5b66\u8005\u3002 \u6700\u8fd1\uff0c\u6211\u8bd5\u56fe\u4f7f\u7528Amplify\u548cAppsync\u6765\u5b66\u4e60Vue.js\u3002\u5728\u6b64\u8fc7\u7a0b\u4e2d\uff0c\u6211\u89c9 […]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48051","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528terraform\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform\" \/>\n<meta property=\"og:description\" content=\"\u4f60\u597d\u3002\u6211\u662f\u4e00\u540d\u524d\u7aef\u521d\u5b66\u8005\u3002 \u6700\u8fd1\uff0c\u6211\u8bd5\u56fe\u4f7f\u7528Amplify\u548cAppsync\u6765\u5b66\u4e60Vue.js\u3002\u5728\u6b64\u8fc7\u7a0b\u4e2d\uff0c\u6211\u89c9 […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528terraform\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-11T00:19:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-15T04:29:56+00:00\" \/>\n<meta name=\"author\" content=\"\u6587, \u7fd4\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6587, \u7fd4\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/\",\"name\":\"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2022-12-11T00:19:16+00:00\",\"dateModified\":\"2024-01-15T04:29:56+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\",\"name\":\"\u6587, \u7fd4\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"caption\":\"\u6587, \u7fd4\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528terraform\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform","og_description":"\u4f60\u597d\u3002\u6211\u662f\u4e00\u540d\u524d\u7aef\u521d\u5b66\u8005\u3002 \u6700\u8fd1\uff0c\u6211\u8bd5\u56fe\u4f7f\u7528Amplify\u548cAppsync\u6765\u5b66\u4e60Vue.js\u3002\u5728\u6b64\u8fc7\u7a0b\u4e2d\uff0c\u6211\u89c9 […]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528terraform\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2022-12-11T00:19:16+00:00","article_modified_time":"2024-01-15T04:29:56+00:00","author":"\u6587, \u7fd4","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6587, \u7fd4","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"9 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/","name":"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2022-12-11T00:19:16+00:00","dateModified":"2024-01-15T04:29:56+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u5982\u679c\u8981\u8fdb\u884c\u653e\u5927\uff0c\u53ef\u4ee5\u4f7f\u7528Terraform"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c","name":"\u6587, \u7fd4","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","caption":"\u6587, \u7fd4"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%a6%82%e6%9e%9c%e8%a6%81%e8%bf%9b%e8%a1%8c%e6%94%be%e5%a4%a7%ef%bc%8c%e5%8f%af%e4%bb%a5%e4%bd%bf%e7%94%a8terraform%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48051","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=48051"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48051\/revisions"}],"predecessor-version":[{"id":59477,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48051\/revisions\/59477"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=48051"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=48051"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=48051"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}