{"id":48451,"date":"2023-11-20T04:22:36","date_gmt":"2023-07-20T10:10:39","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/"},"modified":"2024-05-04T09:56:07","modified_gmt":"2024-05-04T01:56:07","slug":"%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/","title":{"rendered":"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b"},"content":{"rendered":"<h2>\u5229\u7528\u8fd9\u7bc7\u6587\u7ae0\u521b\u4f5c\u7684\u4e1c\u897f<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">VPC<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">RDS(Aurora)<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">EC2(\u8e0f\u307f\u53f0\u7528\u9014)<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">EC2\u30ad\u30fc\u30da\u30a2<\/ul>\n<p>\u9884\u8ba1\u5c06RDS\u90e8\u7f72\u5728VPC\u7684\u79c1\u6709\u5b50\u7f51\u4e2d\uff0c\u56e0\u6b64\u65e0\u6cd5\u4ece\u672c\u5730\u8bbf\u95ee\u3002<br \/>\n\u5982\u679c\u5728RDS\u7684\u914d\u7f6e\u4e2d\u5c06\u516c\u5171\u53ef\u8bbf\u95ee\u6027\u6253\u5f00\uff0c\u5219\u53ef\u4ee5\u8fdb\u884c\u8bbf\u95ee\uff0c\u4f46\u51fa\u4e8e\u5b89\u5168\u8003\u8651\uff0c\u6700\u597d\u90e8\u7f72\u4e00\u53f0\u8df3\u677f\u670d\u52a1\u5668\uff08EC2\uff09\u3002<br \/>\n\u6b64\u5916\uff0c\u6211\u8ba4\u4e3a\u6784\u5efa\u7684EC2\u4e5f\u53ef\u4ee5\u66ff\u4ee3\u5e38\u89c4\u7684\u5e94\u7528\u670d\u52a1\u5668\u3002<\/p>\n<p>Terraform\u7248\u672c\u4e3a0.12.19\u3002<\/p>\n<h2>\u524d\u63d0\u6761\u4ef6 t\u00ed<\/h2>\n<ul class=\"post-ul\">awscli\u304c\u4f7f\u3048\u308b\u3053\u3068<\/ul>\n<pre class=\"post-pre\"><code>$ brew install awscli\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code>$ aws --version\r\naws-cli\/1.17.0 Python\/3.8.1 Darwin\/19.2.0 botocore\/1.14.0\r\n<\/code><\/pre>\n<ul class=\"post-ul\">Terraform(0.12.19)\u304c\u4f7f\u3048\u308b\u3053\u3068<\/ul>\n<pre class=\"post-pre\"><code>$ wget https:\/\/releases.hashicorp.com\/terraform\/0.12.19\/terraform_0.12.19_darwin_amd64.zip\r\n$ unzip terraform_0.12.19_darwin_amd64.zip -d \/usr\/local\/bin\/\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code>$ terraform -v\r\nTerraform v0.12.19\r\n<\/code><\/pre>\n<h2>\u76ee\u5f55\u7ed3\u6784<\/h2>\n<pre class=\"post-pre\"><code>.\r\n\u251c\u2500\u2500 README.md\r\n\u251c\u2500\u2500 components\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 db\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 backend.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 main.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 outputs.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 provider.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 variables.tf\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 ec2\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 backend.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 main.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 outputs.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 provider.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 variables.tf\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 network\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 backend.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 main.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 outputs.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 provider.tf\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 variables.tf\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 securitygroup\r\n\u2502\u00a0\u00a0     \u251c\u2500\u2500 backend.tf\r\n\u2502\u00a0\u00a0     \u251c\u2500\u2500 main.tf\r\n\u2502\u00a0\u00a0     \u251c\u2500\u2500 outputs.tf\r\n\u2502\u00a0\u00a0     \u251c\u2500\u2500 provider.tf\r\n\u2502\u00a0\u00a0     \u2514\u2500\u2500 variables.tf\r\n\u251c\u2500\u2500 environments\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 production\r\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 terraform.tfvars\r\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 staging\r\n\u2502\u00a0\u00a0     \u2514\u2500\u2500 terraform.tfvars\r\n\u2514\u2500\u2500 modules\r\n    \u251c\u2500\u2500 iam_role\r\n    \u2502\u00a0\u00a0 \u251c\u2500\u2500 main.tf\r\n    \u2502\u00a0\u00a0 \u251c\u2500\u2500 outputs.tf\r\n    \u2502\u00a0\u00a0 \u2514\u2500\u2500 variables.tf\r\n    \u251c\u2500\u2500 key_pair\r\n    \u2502\u00a0\u00a0 \u251c\u2500\u2500 main.tf\r\n    \u2502\u00a0\u00a0 \u251c\u2500\u2500 outputs.tf\r\n    \u2502\u00a0\u00a0 \u2514\u2500\u2500 variables.tf\r\n    \u2514\u2500\u2500 securitygroup\r\n        \u251c\u2500\u2500 main.tf\r\n     \u00a0\u00a0 \u251c\u2500\u2500 outputs.tf\r\n     \u00a0\u00a0 \u2514\u2500\u2500 variables.tf\r\n<\/code><\/pre>\n<p>\u8fd9\u6b21\uff0c\u6211\u4eec\u51c6\u5907\u4e86\u4ee5\u4e0b\u56db\u4e2a\u7ec4\u4ef6\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">db<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">ec2<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">network<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">securitygroup<\/ul>\n<p>AWS\u90e8\u7f72\u662f\u6309\u7167\u8fd9\u4e9b\u5355\u4f4d\u8fdb\u884c\u7684\u3002<br \/>\n\u90e8\u7f72\u987a\u5e8f\u4e3anetwork\u2192securitygroup\u2192db\u2192ec2\u3002<\/p>\n<p>\u540c\u6837\uff0c\u5173\u4e8e\u6a21\u5757\uff0c\u6211\u51c6\u5907\u4e86\u4ee5\u4e0b\u4e09\u4e2a\u9009\u9879\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">iam_role<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">key_pair<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">securitygroup<\/ul>\n<p>\u8fd9\u4e9b\u5df2\u7ecf\u88ab\u6a21\u5757\u5316\uff0c\u4ee5\u4fbf\u6bcf\u6b21\u521b\u5efa\u65f6\u53ef\u4ee5\u91cd\u590d\u4f7f\u7528\u5b9a\u4e49\u3002<\/p>\n<p>\u800c\u4e14\uff0c\u6211\u4eec\u5c06\u73af\u5883\u5206\u4e3a\u6d4b\u8bd5\u73af\u5883\u548c\u751f\u4ea7\u73af\u5883\uff0c\u5e76\u901a\u8fc7terraform\u5de5\u4f5c\u533a\u6765\u8fdb\u884c\u73af\u5883\u5212\u5206\u3002<\/p>\n<h2>\u4e8b\u524d\u51c6\u5907<\/h2>\n<h3>\u521d\u59cb\u5316<\/h3>\n<p>\u9996\u5148\uff0c\u8bf7\u4eceawscli\u4e2d\u8f93\u5165\u60a8\u81ea\u5df1\u7684AWS\u8ba4\u8bc1\u4fe1\u606f\u3002<\/p>\n<pre class=\"post-pre\"><code>$ aws configure --profile { \u81ea\u8eab\u3067\u6c7a\u3081\u305fProfile\u540d }\r\nAWS Access Key ID [None]: { \u81ea\u8eab\u306e\u30a2\u30af\u30bb\u30b9\u30ad\u30fc }\r\nAWS Secret Access Key [None]: { \u81ea\u8eab\u306e\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u30a2\u30af\u30bb\u30b9\u30ad\u30fc }\r\nDefault region name [None]: ap-northeast-1\r\nDefault output format [None]: \r\n<\/code><\/pre>\n<p>\u5728Terraform\u7684\u5b9a\u4e49\u4e2d\u4f7f\u7528\u7684\u540d\u79f0\u4e3aProfile\u540d\u3002\u5e94\u907f\u514d\u4f7f\u7528\u9ed8\u8ba4\u7684\u540d\u79f0\u3002<\/p>\n<h3>\u521b\u5efaS3\u5b58\u50a8\u6876<\/h3>\n<p>\u4e8b\u5148\u624b\u52a8\u521b\u5efaS3\u5b58\u50a8\u6876\u3002<br \/>\n\u6b64\u5b58\u50a8\u6876\u662f\u7528\u4e8e\u4fdd\u5b58Terraform\u72b6\u6001\u7684\u91cd\u8981\u5b58\u50a8\u6876\u3002<br \/>\nTerraform\u5c06\u6839\u636e\u5b58\u50a8\u5728\u8be5\u5b58\u50a8\u6876\u4e2d\u7684\u4fe1\u606f\u6765\u6784\u5efaAWS\u8d44\u6e90\u3002<\/p>\n<p>\u53ef\u4ee5\u5728\u63a7\u5236\u53f0\u754c\u9762\u4e0a\u5b8c\u6210\uff0c\u4e5f\u53ef\u4ee5\u4f7f\u7528\u547d\u4ee4\u884c\u754c\u9762\u5b8c\u6210\u3002<\/p>\n<pre class=\"post-pre\"><code>aws s3 --profile { \u81ea\u8eab\u3067\u6c7a\u3081\u305fProfile\u540d } mb s3:\/\/{ \u81ea\u8eab\u3067\u6c7a\u3081\u305f\u30d0\u30b1\u30c3\u30c8\u540d }\r\n<\/code><\/pre>\n<h3>\u521b\u5efa\u5de5\u4f5c\u7a7a\u95f4<\/h3>\n<p>\u8bf7\u524d\u5f80\u6bcf\u4e2a\u7ec4\u4ef6\u5e76\u6267\u884cterraform init\u548cterraform workspace new {\u73af\u5883\u540d\u79f0}\u3002<\/p>\n<pre class=\"post-pre\"><code>$ cd .\/components\/db\/\r\n$ terraform init\r\n$ terraform workspace new staging\r\n$ terraform workspace new production\r\n$ terraform workspace select staging\r\n<\/code><\/pre>\n<p>\u9002\u7528\u4e8e\u6240\u6709\u56db\u4e2a\u7ec4\u4ef6\u3002<\/p>\n<h2>provider.tf\u7684\u63cf\u8ff0<\/h2>\n<p>\u4e3a\u6bcf\u4e2a\u7ec4\u4ef6\u51c6\u5907\u4e00\u4e2aprovider.tf\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">db<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">ec2<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">network<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">securitygroup<\/ul>\n<p>\u8ba9\u6211\u4eec\u5206\u522b\u6309\u7167\u4ee5\u4e0b\u7684\u65b9\u5f0f\u8fdb\u884c\u5b9a\u4e49\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">variable<\/span> <span class=\"s2\">\"profile\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">default<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u81ea\u8eab\u3067\u6c7a\u3081\u305fProfile\u540d }\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">provider<\/span> <span class=\"s2\">\"aws\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"= 2.45.0\"<\/span>\r\n  <span class=\"nx\">region<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n  <span class=\"nx\">profile<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">profile<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h2>backend.tf\u7684\u63cf\u8ff0<\/h2>\n<p>\u9488\u5bf9\u4ee5\u4e0b\u6bcf\u4e2a\u7ec4\u4ef6\uff0c\u6211\u4f1a\u51c6\u5907\u4e00\u4e2abackend.tf\u6587\u4ef6\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">db<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">ec2<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">network<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">securitygroup<\/ul>\n<p>\u8bf7\u5c06\u4e0a\u8ff0\u5b57\u7b26\u4e32\u653e\u5165component\u540d\u4e2d\u3002\u5982\u679c\u662fdb\u7684\u8bdd\uff0ckey\u5c06\u4f1a\u662f&#8221;db\/terraform.tfstate&#8221;\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">required_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"= 0.12.19\"<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"s2\">\"s3\"<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">region<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n    <span class=\"nx\">encrypt<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n\r\n    <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u5148\u307b\u3069\u4f5c\u6210\u3057\u305fS3\u30d0\u30b1\u30c3\u30c8 }\"<\/span>\r\n    <span class=\"nx\">key<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"{ component\u540d }\/terraform.tfstate\"<\/span>\r\n\r\n    <span class=\"nx\">profile<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u81ea\u8eab\u3067\u6c7a\u3081\u305fProfile\u540d }\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u503c\u5f97\u6ce8\u610f\u7684\u662f\uff0c\u7531\u4e8e\u6b64\u6b21\u60c5\u51b5\u4e0b\u6309\u7ec4\u4ef6\u8fdb\u884c\u4e86\u72b6\u6001\u5206\u79bb\uff0c\u56e0\u6b64\u65e0\u6cd5\u76f4\u63a5\u8bbf\u95ee\u6bcf\u4e2a\u7ec4\u4ef6\u7684\u8d44\u6e90\u4fe1\u606f\u3002<br \/>\n\u4e3e\u4e2a\u4f8b\u5b50\uff0c\u6bd4\u5982\u6211\u60f3\u8981\u521b\u5efa\u4e00\u4e2a EC2 \u5b9e\u4f8b\uff0c\u4f46\u4e0d\u77e5\u9053\u5e94\u8be5\u6307\u5b9a\u54ea\u4e2a VPC\u2026\u2026\u5c31\u662f\u8fd9\u6837\u7684\u60c5\u51b5\u3002<br \/>\n\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\uff0c\u6211\u4eec\u53ef\u4ee5\u5728 backend.tf \u4e2d\u5c06\u5177\u6709\u4f9d\u8d56\u5173\u7cfb\u7684\u7ec4\u4ef6\u5b9a\u4e49\u4e3a\u6570\u636e\u3002<\/p>\n<p>\u5728EC2\u4e0a\u9700\u8981\u521b\u5efaVPC\u548c\u5b89\u5168\u7ec4\uff0c\u56e0\u6b64\u9700\u8981\u5217\u51fa\u7f51\u7edc\u548c\u5b89\u5168\u7ec4\u7ec4\u4ef6\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">required_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"= 0.12.19\"<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"s2\">\"s3\"<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">region<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n    <span class=\"nx\">encrypt<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n\r\n    <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u5148\u307b\u3069\u4f5c\u6210\u3057\u305fS3\u30d0\u30b1\u30c3\u30c8 }\"<\/span>\r\n    <span class=\"nx\">key<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"bastion\/terraform.tfstate\"<\/span>\r\n\r\n    <span class=\"nx\">profile<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u81ea\u8eab\u3067\u6c7a\u3081\u305fProfile\u540d }\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">data<\/span> <span class=\"s2\">\"terraform_remote_state\"<\/span> <span class=\"s2\">\"network\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"s3\"<\/span>\r\n\r\n  <span class=\"nx\">config<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u5148\u307b\u3069\u4f5c\u6210\u3057\u305fS3\u30d0\u30b1\u30c3\u30c8 }\"<\/span>\r\n    <span class=\"nx\">key<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"env:\/${terraform.workspace}\/network\/terraform.tfstate\"<\/span>\r\n    <span class=\"nx\">region<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n\r\n    <span class=\"nx\">profile<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u81ea\u8eab\u3067\u6c7a\u3081\u305fProfile\u540d }\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">data<\/span> <span class=\"s2\">\"terraform_remote_state\"<\/span> <span class=\"s2\">\"securitygroup\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"s3\"<\/span>\r\n\r\n  <span class=\"nx\">config<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u5148\u307b\u3069\u4f5c\u6210\u3057\u305fS3\u30d0\u30b1\u30c3\u30c8 }\"<\/span>\r\n    <span class=\"nx\">key<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"env:\/${terraform.workspace}\/securitygroup\/terraform.tfstate\"<\/span>\r\n    <span class=\"nx\">region<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n\r\n    <span class=\"nx\">profile<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"{ \u81ea\u8eab\u3067\u6c7a\u3081\u305fProfile\u540d }\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u7531\u4e8edb\u7ec4\u4ef6\u9700\u8981\u6307\u5b9aVPC\uff0c\u6240\u4ee5\u6211\u4eec\u9700\u8981\u5728network\u4e2d\u8fdb\u884c\u8bb0\u5f55\u3002<br \/>\n\u540c\u6837\uff0csecuritygroup\u7ec4\u4ef6\u4e5f\u9700\u8981\u6307\u5b9aVPC\uff0c\u6240\u4ee5\u6211\u4eec\u9700\u8981\u5728network\u4e2d\u8fdb\u884c\u8bb0\u5f55\u3002<br \/>\n\u8bf7\u6ce8\u610f\uff0c\u5c3d\u7ba1DB\u548c\u5b89\u5168\u7ec4\u7ec4\u4ef6\u786e\u5b9e\u9700\u8981\uff0c\u4f46\u7531\u4e8e\u5b83\u4eec\u4e0d\u4f1a\u5728\u672a\u6765\u8fdb\u884c\u4fee\u6539\u7684\u5b9a\u4e49\u4e2d\uff0c\u56e0\u6b64\u6211\u4eec\u5c06\u5b83\u4eec\u653e\u5728db\u7ec4\u4ef6\u4e2d\u7f16\u5199\u3002<\/p>\n<h2>\u521b\u5efa\u4e00\u4e2aVPC<\/h2>\n<p>\u6211\u5c06\u521b\u5efa\u4ee5\u4e0b\u5185\u5bb9\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">VPC<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30d1\u30d6\u30ea\u30c3\u30af\u30eb\u30fc\u30c8\u30c6\u30fc\u30d6\u30eb<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30eb\u30fc\u30c8\u30c6\u30fc\u30d6\u30eb (2\u3064)\u3000\u203b\u4e00\u5fdc\u5c06\u6765\u7684\u306bNATGateway\u3092\u5206\u3051\u3089\u308c\u308b\u3088\u3046\u306b\u3057\u3066\u308b<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30d1\u30d6\u30ea\u30c3\u30af\u30b5\u30d6\u30cd\u30c3\u30c8 (\uff12\u3064)<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30b5\u30d6\u30cd\u30c3\u30c8 (2\u3064)<\/ul>\n<h3>VPC \u53ef\u4ee5\u7ffb\u8bd1\u4e3a\u300c\u865a\u62df\u79c1\u4eba\u7f51\u7edc\u300d\u3002<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_vpc\"<\/span> <span class=\"s2\">\"default\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">cidr_block<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"10.1.0.0\/16\"<\/span>\r\n  <span class=\"nx\">enable_dns_support<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n  <span class=\"nx\">enable_dns_hostnames<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u516c\u5171\u8def\u7531\u8868<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route_table\"<\/span> <span class=\"s2\">\"public\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-public-route-table-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u79c1\u6709\u8def\u7531\u8868<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route_table\"<\/span> <span class=\"s2\">\"private_0\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-private-route-table-0-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route_table\"<\/span> <span class=\"s2\">\"private_1\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-private-route-table-1-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u4e92\u8054\u7f51\u7f51\u5173<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_internet_gateway\"<\/span> <span class=\"s2\">\"default\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-internet-gateway-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route\"<\/span> <span class=\"s2\">\"public\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">route_table_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_route_table<\/span><span class=\"err\">.<\/span><span class=\"nx\">public<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">gateway_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_internet_gateway<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">destination_cidr_block<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"0.0.0.0\/0\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u516c\u5171\u5b50\u7f51<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_subnet\"<\/span> <span class=\"s2\">\"public_0\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">cidr_block<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"10.1.0.0\/24\"<\/span>\r\n  <span class=\"nx\">map_public_ip_on_launch<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n  <span class=\"nx\">availability_zone<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1c\"<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-public-subnet-0-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_subnet\"<\/span> <span class=\"s2\">\"public_1\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">cidr_block<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"10.1.1.0\/24\"<\/span>\r\n  <span class=\"nx\">map_public_ip_on_launch<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n  <span class=\"nx\">availability_zone<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1d\"<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-public-subnet-1-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route_table_association\"<\/span> <span class=\"s2\">\"public_0\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">subnet_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_0<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">route_table_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_route_table<\/span><span class=\"err\">.<\/span><span class=\"nx\">public<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route_table_association\"<\/span> <span class=\"s2\">\"public_1\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">subnet_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_1<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">route_table_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_route_table<\/span><span class=\"err\">.<\/span><span class=\"nx\">public<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u79c1\u4eba\u5b50\u7f51<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_subnet\"<\/span> <span class=\"s2\">\"private_0\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">cidr_block<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"10.1.10.0\/24\"<\/span>\r\n  <span class=\"nx\">map_public_ip_on_launch<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n  <span class=\"nx\">availability_zone<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1c\"<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-private-subnet-0-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_subnet\"<\/span> <span class=\"s2\">\"private_1\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">cidr_block<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"10.1.11.0\/24\"<\/span>\r\n  <span class=\"nx\">map_public_ip_on_launch<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n  <span class=\"nx\">availability_zone<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1d\"<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-private-subnet-1-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route_table_association\"<\/span> <span class=\"s2\">\"private_0\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">subnet_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_0<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">route_table_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_route_table<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_0<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_route_table_association\"<\/span> <span class=\"s2\">\"private_1\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">subnet_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_1<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">route_table_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_route_table<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_0<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u6211\u4f1a\u5728outputs.tf\u6587\u4ef6\u4e2d\u5199\u4e0b\u7a0d\u540e\u4ece\u5176\u4ed6\u7ec4\u4ef6\u5f15\u7528\u7684\u8d44\u6e90\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">output<\/span> <span class=\"s2\">\"sample_vpc_id\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"sample_vpc_public_subnet_0_id\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_0<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"sample_vpc_public_subnet_1_id\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_1<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"sample_vpc_private_subnet_0_id\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_0<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"sample_vpc_private_subnet_1_id\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_subnet<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_1<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"sample_vpc_cider_block\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_vpc<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">cidr_block<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h2>\u521b\u5efa\u5b89\u5168\u7ec4<\/h2>\n<h3>\u5b89\u5168\u7ec4<\/h3>\n<p>\u5c1d\u8bd5\u5c06\u5b89\u5168\u7ec4\u521b\u5efa\u6a21\u5757\u5316\u3002<\/p>\n<h4>\u6a21\u5757<\/h4>\n<pre class=\"post-pre\"><code><span class=\"nx\">variable<\/span> <span class=\"s2\">\"name\"<\/span> <span class=\"p\">{}<\/span>\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"vpc_id\"<\/span> <span class=\"p\">{}<\/span>\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"port\"<\/span> <span class=\"p\">{}<\/span>\r\n\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"cider_blocks\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">type<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">list<\/span><span class=\"err\">(<\/span><span class=\"nx\">string<\/span><span class=\"err\">)<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_security_group\"<\/span> <span class=\"s2\">\"default\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">vpc_id<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_security_group_rule\"<\/span> <span class=\"s2\">\"ingress\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ingress\"<\/span>\r\n  <span class=\"nx\">from_port<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">port<\/span>\r\n  <span class=\"nx\">to_port<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">port<\/span>\r\n  <span class=\"nx\">protocol<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"tcp\"<\/span>\r\n  <span class=\"nx\">cidr_blocks<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">cider_blocks<\/span>\r\n  <span class=\"nx\">security_group_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_security_group<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_security_group_rule\"<\/span> <span class=\"s2\">\"egress\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"egress\"<\/span>\r\n  <span class=\"nx\">from_port<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n  <span class=\"nx\">to_port<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n  <span class=\"nx\">protocol<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"-1\"<\/span>\r\n  <span class=\"nx\">cidr_blocks<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"0.0.0.0\/0\"<\/span><span class=\"p\">]<\/span>\r\n  <span class=\"nx\">security_group_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_security_group<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nx\">output<\/span> <span class=\"s2\">\"security_group_id\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_security_group<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u60a8\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u65b9\u5f0f\u4ece\u7ec4\u4ef6\u4e2d\u8c03\u7528\u6a21\u5757\u3002<br \/>\n\u672c\u6b21\u8bbe\u7f6e\u7684\u5165\u7ad9\u89c4\u5219\u662fSSH\uff08\u7aef\u53e3=22\uff09\u3002\u8ba9\u6211\u4eec\u5c06\u5176\u8bbe\u7f6e\u4e3a\u53ea\u5141\u8bb8\u4ece\u81ea\u5df1\u7684IP\u5730\u5740SSH\u8bbf\u95ee\u3002<\/p>\n<h4>\u7ec4\u4ef6<\/h4>\n<pre class=\"post-pre\"><code><span class=\"nx\">module<\/span> <span class=\"s2\">\"ec2\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">source<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"..\/..\/modules\/securitygroup\"<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ec2-sg-${terraform.workspace}\"<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"err\">.<\/span><span class=\"nx\">network<\/span><span class=\"err\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample_vpc_id<\/span>\r\n  <span class=\"nx\">port<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">22<\/span>\r\n  <span class=\"nx\">cider_blocks<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">ec2_access_ip<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u8bf7\u6ce8\u610f\u4ecenetwork\u7ec4\u4ef6\u4e2d\u62c9\u53d6\u8d44\u6e90\u4fe1\u606f\u7684vpc_id\u3002<br \/>\n\u6761\u4ef6\u662f\u5b83\u5728\u5148\u524d\u521b\u5efa\u7684components\/network\/outputs.tf\u4e2d\u6709\u6240\u8bb0\u8f7d\uff0c<br \/>\n\u5e76\u4e14\u5728components\/securitygroup\/backend.tf\u4e2d\u4ee5terraform_remote_state\u5f62\u5f0f\u8fdb\u884c\u4e86\u8bb0\u5f55\u3002<\/p>\n<h2>\u521b\u5efaRDS\uff08Aurora)<\/h2>\n<p>\u5728RDS\u4e2d\uff0c\u5c06\u521b\u5efa\u4ee5\u4e0b\u9879\u76ee\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Aurora\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u7528IAM\u30ed\u30fc\u30eb<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30af\u30e9\u30b9\u30bf\u30fc\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u30b0\u30eb\u30fc\u30d7<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">DB\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u30b0\u30eb\u30fc\u30d7<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">DB\u30b5\u30d6\u30cd\u30c3\u30c8\u30b0\u30eb\u30fc\u30d7<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Aurora\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Aurora\u30af\u30e9\u30b9\u30bf\u30fc<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">Aurora\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9<\/ul>\n<h3>\u7528\u4e8eAurora\u76d1\u63a7\u7684IAM\u89d2\u8272<\/h3>\n<p>\u6211\u5c06\u5c1d\u8bd5\u5c06IAM\u89d2\u8272\u7684\u521b\u5efa\u6a21\u5757\u5316\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">variable<\/span> <span class=\"s2\">\"name\"<\/span> <span class=\"p\">{}<\/span>\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"policy\"<\/span> <span class=\"p\">{}<\/span>\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"identifier\"<\/span> <span class=\"p\">{}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_iam_role\"<\/span> <span class=\"s2\">\"default\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"nx\">assume_role_policy<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">aws_iam_policy_document<\/span><span class=\"err\">.<\/span><span class=\"nx\">assume_role<\/span><span class=\"err\">.<\/span><span class=\"nx\">json<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">data<\/span> <span class=\"s2\">\"aws_iam_policy_document\"<\/span> <span class=\"s2\">\"assume_role\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">statement<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">actions<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"sts:AssumeRole\"<\/span><span class=\"p\">]<\/span>\r\n\r\n    <span class=\"nx\">principals<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Service\"<\/span>\r\n      <span class=\"nx\">identifiers<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">identifier<\/span><span class=\"p\">]<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_iam_policy\"<\/span> <span class=\"s2\">\"default\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"nx\">policy<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">policy<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_iam_role_policy_attachment\"<\/span> <span class=\"s2\">\"default\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">policy_arn<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_iam_policy<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">arn<\/span>\r\n  <span class=\"nx\">role<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_iam_role<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nx\">output<\/span> <span class=\"s2\">\"iam_role_arn\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_iam_role<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">arn<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"iam_role_name\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_iam_role<\/span><span class=\"err\">.<\/span><span class=\"nx\">default<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u5f53\u6a21\u5757\u521b\u5efa\u597d\u540e\uff0c\u8ba9\u6211\u4eec\u4ece\u7ec4\u4ef6\u4e2d\u8bd5\u7740\u8c03\u7528\u4e00\u4e0b\u3002<br \/>\nAWS\u5b98\u65b9\u5df2\u7ecf\u5b58\u5728\u540d\u4e3aAmazonRDSEnhancedMonitoringRole\u7684\u7b56\u7565\u3002<br \/>\n\u8ba9\u6211\u4eec\u5e94\u7528\u5b83\u3002<br \/>\n\u6ce8\u610f\uff0c\u6bcf\u4e2a\u670d\u52a1\u90fd\u6709\u4e00\u4e2a\u56fa\u5b9a\u7684\u6807\u8bc6\u7b26\uff0c\u8bf7\u6ce8\u610f\u3002<br \/>\n\u672c\u6b21\u7684\u6807\u8bc6\u7b26\u662fmonitoring.rds.amazonaws.com\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">data<\/span> <span class=\"s2\">\"aws_iam_policy\"<\/span> <span class=\"s2\">\"aurora_monitoring_policy\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">arn<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"arn:aws:iam::aws:policy\/service-role\/AmazonRDSEnhancedMonitoringRole\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">data<\/span> <span class=\"s2\">\"aws_iam_policy_document\"<\/span> <span class=\"s2\">\"aurora_monitoring\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">source_json<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">aws_iam_policy<\/span><span class=\"err\">.<\/span><span class=\"nx\">aurora_monitoring_policy<\/span><span class=\"err\">.<\/span><span class=\"nx\">policy<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">module<\/span> <span class=\"s2\">\"aurora_monitoring_role\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">source<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"..\/..\/modules\/iam_role\"<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"aurora_monitoring_role\"<\/span>\r\n  <span class=\"nx\">identifier<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"monitoring.rds.amazonaws.com\"<\/span>\r\n  <span class=\"nx\">policy<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">aws_iam_policy_document<\/span><span class=\"err\">.<\/span><span class=\"nx\">aurora_monitoring<\/span><span class=\"err\">.<\/span><span class=\"nx\">json<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u96c6\u7fa4\u53c2\u6570\u7ec4<\/h3>\n<p>\u8fd9\u6b21\u6211\u4eec\u5c06\u628acharset\u76f8\u5173\u7684\u914d\u7f6e\u6539\u6210utf8mb4\uff0c\u5e76\u5c06\u65f6\u533a\u8bbe\u4e3a\u4e1c\u4eac\u3002<br \/>\n\u6b64\u5916\uff0c\u8bf7\u6839\u636e\u9700\u6c42\u8bbe\u7f6e\u9002\u5f53\u7684\u53c2\u6570\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_rds_cluster_parameter_group\"<\/span> <span class=\"s2\">\"sample\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-cluster-paameter-group-${terraform.workspace}\"<\/span>\r\n  <span class=\"nx\">family<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"aurora-mysql5.7\"<\/span>\r\n\r\n  <span class=\"nx\">parameter<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"character_set_client\"<\/span>\r\n    <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"utf8mb4\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">parameter<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"character_set_connection\"<\/span>\r\n    <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"utf8mb4\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">parameter<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"character_set_database\"<\/span>\r\n    <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"utf8mb4\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">parameter<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"character_set_results\"<\/span>\r\n    <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"utf8mb4\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">parameter<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"character_set_server\"<\/span>\r\n    <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"utf8mb4\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">parameter<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"time_zone\"<\/span>\r\n    <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Asia\/Tokyo\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u6570\u636e\u5e93\u53c2\u6570\u7ec4<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_db_parameter_group\"<\/span> <span class=\"s2\">\"sample\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-db-paameter-group-${terraform.workspace}\"<\/span>\r\n  <span class=\"nx\">family<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"aurora-mysql5.7\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>DB\u5b50\u7f51\u7ec4<\/h3>\n<p>\u8bf7\u6ce8\u610f\uff0c\u5b50\u7f51\u7684ID\u9700\u8981\u4ecenetwork\u7ec4\u4ef6\u4e2d\u83b7\u53d6\u8d44\u6e90\u4fe1\u606f\u3002<br \/>\n\u6761\u4ef6\u662f\u5728\u521a\u521a\u521b\u5efa\u7684components\/network\/outputs.tf\u4e2d\u6709\u8bb0\u5f55\uff0c<br \/>\n\u5e76\u4e14\u5728components\/db\/backend.tf\u4e2d\u4ee5terraform_remote_state\u7684\u5f62\u5f0f\u8fdb\u884c\u4e86\u8bb0\u5f55\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_db_subnet_group\"<\/span> <span class=\"s2\">\"sample\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-db-subnet-group-${terraform.workspace}\"<\/span>\r\n  <span class=\"nx\">subnet_ids<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span>\r\n    <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"err\">.<\/span><span class=\"nx\">network<\/span><span class=\"err\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample_vpc_private_subnet_0_id<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"err\">.<\/span><span class=\"nx\">network<\/span><span class=\"err\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample_vpc_private_subnet_1_id<\/span><span class=\"p\">,<\/span>\r\n  <span class=\"p\">]<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u5965\u7f57\u62c9\u5b89\u5168\u96c6\u56e2<\/h3>\n<p>\u4e5f\u8bb8\u672c\u6765\u5e94\u8be5\u7528securitygroup\u7ec4\u4ef6\u6765\u521b\u5efa\uff0c\u4f46\u7531\u4e8e\u5b83\u662f\u9488\u5bf9\u7ec8\u751f\u56fa\u5b9a\u7684\u5165\u7ad9\u8bbe\u7f6e\uff0c\u6211\u8ba4\u4e3a\u4e5f\u53ef\u4ee5\u5728db\u7ec4\u4ef6\u4e2d\u521b\u5efa\u3002<br \/>\n\u5982\u679c\u8fd8\u6ca1\u6709\u521b\u5efa\u7528\u4e8e\u5b89\u5168\u7ec4\u7684\u6a21\u5757\uff0c\u8bf7\u56de\u5230\u672c\u6587\u7a0d\u4f5c\u786e\u8ba4\u3002<\/p>\n<p>\u5728\u672c\u6b21\u4e2d\uff0cPort = 3306\u5c06\u5141\u8bb8\u4f7f\u7528VPC\u5185\uff08CiderBlock\uff09\u8fdb\u884c\u8bbf\u95ee\u3002<br \/>\n\u7531\u4e8e\u662f\u79c1\u6709\u5b50\u7f51\uff0c\u65e0\u6cd5\u4ece\u5916\u90e8\u8bbf\u95ee\uff0c<br \/>\n\u4f46\u5047\u8bbe\u5728\u540c\u4e00VPC\u5185\u90e8\u7f72\u4e86\u4f4d\u4e8e\u516c\u5171\u5b50\u7f51\u7684EC2\u5b9e\u4f8b\uff0c\u90a3\u4e48\u5c31\u53ef\u4ee5\u8fdb\u884c\u8bbf\u95ee\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">module<\/span> <span class=\"s2\">\"aurora_sg\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">source<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"..\/..\/modules\/securitygroup\"<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-db-${terraform.workspace}\"<\/span>\r\n  <span class=\"nx\">vpc_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"err\">.<\/span><span class=\"nx\">network<\/span><span class=\"err\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample_vpc_id<\/span>\r\n  <span class=\"nx\">port<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">3306<\/span>\r\n  <span class=\"nx\">cider_blocks<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"err\">.<\/span><span class=\"nx\">network<\/span><span class=\"err\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample_vpc_cider_block<\/span><span class=\"p\">]<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u6781\u5149\u96c6\u7fa4<\/h3>\n<p>\u5728\u96c6\u7fa4\u4e2d\uff0c\u9700\u8981\u6ce8\u610f\u7684\u662f\u4e3b\u5bc6\u7801\u3002<br \/>\n\u6839\u636e\u672c\u6587\u7684\u65b9\u6cd5\uff0c\u9996\u5148\u8bbe\u7f6e\u4e00\u4e2a\u968f\u610f\u7684\u5bc6\u7801\uff0c\u7136\u540e\u5728\u63a7\u5236\u53f0\u754c\u9762\u4e0a\u624b\u52a8\u66f4\u6539\u3002<br \/>\n\u8bf7\u6ce8\u610f\u751f\u547d\u5468\u671f\u680f\u3002\u4ece\u4e0b\u6b21\u66f4\u6539\u5f00\u59cb\uff0c\u5c06\u5ffd\u7565\u4e3b\u5bc6\u7801\u7684\u66f4\u6539\u8bbe\u7f6e\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_rds_cluster\"<\/span> <span class=\"s2\">\"sample\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">cluster_identifier<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-${terraform.workspace}\"<\/span>\r\n  <span class=\"nx\">master_username<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample\"<\/span>\r\n  <span class=\"nx\">master_password<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"initial_password\"<\/span> <span class=\"c1\"># \u624b\u52d5\u3067\u5909\u66f4\u3059\u308b\u3053\u3068<\/span>\r\n  <span class=\"nx\">database_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample\"<\/span>\r\n  <span class=\"nx\">backup_retention_period<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">7<\/span>\r\n  <span class=\"nx\">preferred_backup_window<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"09:30-10:00\"<\/span> <span class=\"c1\"># UTC<\/span>\r\n  <span class=\"nx\">preferred_maintenance_window<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"wed:10:30-wed:11:00\"<\/span> <span class=\"c1\"># UTC<\/span>\r\n  <span class=\"nx\">engine<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"aurora-mysql\"<\/span>\r\n  <span class=\"nx\">engine_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"5.7.mysql_aurora.2.07.1\"<\/span>\r\n  <span class=\"nx\">port<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">3306<\/span>\r\n  <span class=\"nx\">vpc_security_group_ids<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"nx\">module<\/span><span class=\"err\">.<\/span><span class=\"nx\">aurora_sg<\/span><span class=\"err\">.<\/span><span class=\"nx\">security_group_id<\/span><span class=\"p\">]<\/span>\r\n  <span class=\"nx\">db_subnet_group_name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_db_subnet_group<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"nx\">db_cluster_parameter_group_name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_rds_cluster_parameter_group<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"nx\">storage_encrypted<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n  <span class=\"nx\">deletion_protection<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">deletion_protection<\/span>\r\n  <span class=\"nx\">enabled_cloudwatch_logs_exports<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"audit\"<\/span><span class=\"p\">,<\/span> <span class=\"s2\">\"error\"<\/span><span class=\"p\">,<\/span> <span class=\"s2\">\"general\"<\/span><span class=\"p\">,<\/span> <span class=\"s2\">\"slowquery\"<\/span><span class=\"p\">]<\/span>\r\n  <span class=\"nx\">skip_final_snapshot<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n  <span class=\"nx\">final_snapshot_identifier<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-${terraform.workspace}-final-snapshot\"<\/span>\r\n\r\n  <span class=\"nx\">lifecycle<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">ignore_changes<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"nx\">master_password<\/span><span class=\"p\">]<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u5965\u7f57\u62c9\u5b9e\u4f8b<\/h3>\n<p>\u503c\u6b64\u4e00\u65f6\uff0c\u6211\u4eec\u9884\u8ba1\u5728\u6682\u5b58\u73af\u5883\u548c\u751f\u4ea7\u73af\u5883\u4e2d\uff0c\u5b9e\u4f8b\u6570\u91cf\u548c\u5b9e\u4f8b\u7c7b\u578b\u4f1a\u6709\u6240\u5dee\u5f02\u3002<br \/>\n\u5177\u4f53\u800c\u8a00\uff0c\u6682\u5b58\u73af\u5883\u5c06\u4f7f\u7528\u4e00\u53f0\u5c0f\u89c4\u683c\u7684\u5b9e\u4f8b\uff0c<br \/>\n\u751f\u4ea7\u73af\u5883\u5c06\u4f7f\u7528\u4e24\u53f0\u4e2d\u5230\u5927\u89c4\u683c\u7684\u5b9e\u4f8b\u3002<br \/>\n\u6211\u4eec\u5c06\u5728\u4e0b\u9762\u5bf9\u8fd9\u4e9b\u53d8\u91cf\u8fdb\u884c\u5b9a\u4e49\u3002<\/p>\n<pre class=\"post-pre\"><code># Aurora\u30b9\u30da\u30c3\u30af\r\ninstance_class = \"db.t3.small\"\r\n\r\n# Aurora\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u6570\r\ncluster_instance_count = 1\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code># Aurora\u30b9\u30da\u30c3\u30af\r\ninstance_class = \"db.r5.large\"\r\n\r\n# Aurora\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u6570\r\ncluster_instance_count = 2\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_rds_cluster_instance\"<\/span> <span class=\"s2\">\"sample\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">count<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">cluster_instance_count<\/span>\r\n  <span class=\"nx\">identifier<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-${terraform.workspace}-${count.index}\"<\/span>\r\n  <span class=\"nx\">cluster_identifier<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_rds_cluster<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n  <span class=\"nx\">instance_class<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">instance_class<\/span>\r\n  <span class=\"nx\">db_subnet_group_name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_db_subnet_group<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"nx\">db_parameter_group_name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_db_parameter_group<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample<\/span><span class=\"err\">.<\/span><span class=\"nx\">name<\/span>\r\n  <span class=\"nx\">monitoring_role_arn<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">module<\/span><span class=\"err\">.<\/span><span class=\"nx\">aurora_monitoring_role<\/span><span class=\"err\">.<\/span><span class=\"nx\">iam_role_arn<\/span>\r\n  <span class=\"nx\">monitoring_interval<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">60<\/span>\r\n  <span class=\"nx\">engine<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"aurora-mysql\"<\/span>\r\n  <span class=\"nx\">engine_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"5.7.mysql_aurora.2.07.1\"<\/span>\r\n  <span class=\"nx\">ca_cert_identifier<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"rds-ca-2019\"<\/span>\r\n\r\n  <span class=\"c1\"># \u5909\u66f4\u3092\u3059\u3050\u306b\u9069\u7528\u3059\u308b\u5834\u5408<\/span>\r\n  <span class=\"c1\"># apply_immediately = true<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h2>\u521b\u5efaEC2\u5b9e\u4f8b<\/h2>\n<p>\u5728\u672c\u6587\u4e2d\uff0c\u6211\u4eec\u521b\u5efa\u4e86\u4e00\u4e2a\u7528\u4f5c\u8df3\u677f\u670d\u52a1\u5668\u7684EC2\uff0c\u4f46\u4e5f\u53ef\u4ee5\u4f5c\u4e3a\u5e94\u7528\u7a0b\u5e8f\u670d\u52a1\u5668\u3002\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\uff0c\u8bf7\u786e\u4fdd\u521b\u5efa\u9002\u5f53\u7684\u5b89\u5168\u7ec4\u3002<\/p>\n<p>\u5728EC2\u7ec4\u4ef6\u4e2d\u521b\u5efa\u7684\u8d44\u6e90\u5982\u4e0b\uff1a<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30ad\u30fc\u30da\u30a2<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9<\/ul>\n<h3>\u5bc6\u94a5\u5bf9<\/h3>\n<p>\u5bc6\u94a5\u5bf9\u8fdb\u884c\u6a21\u5757\u5316\u3002<br \/>\n\u8bf7\u6ce8\u610f\u6587\u4ef6\u6743\u9650\u3002<br \/>\n\u5f53\u8fdb\u884cSSH\u8fde\u63a5\u65f6\uff0c\u4f1a\u51fa\u73b0\u9519\u8bef\u3002<br \/>\n\u4f8b\u5982\uff09file_permission = &#8220;0400&#8221;<\/p>\n<p>\u516c\u94a5\u6587\u4ef6(public_key_file)\u548c\u79c1\u94a5\u6587\u4ef6(private_key_file)\u7528\u4e8e\u6307\u5b9a\u5bc6\u94a5\u7684\u8f93\u51fa\u4f4d\u7f6e\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">variable<\/span> <span class=\"s2\">\"public_key_file\"<\/span> <span class=\"p\">{}<\/span>\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"private_key_file\"<\/span> <span class=\"p\">{}<\/span>\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"key_name\"<\/span> <span class=\"p\">{}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"tls_private_key\"<\/span> <span class=\"s2\">\"keygen\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">algorithm<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"RSA\"<\/span>\r\n  <span class=\"nx\">rsa_bits<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">4096<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"local_file\"<\/span> <span class=\"s2\">\"private_key_pem\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">filename<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_key_file<\/span>\r\n  <span class=\"nx\">content<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">tls_private_key<\/span><span class=\"err\">.<\/span><span class=\"nx\">keygen<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_key_pem<\/span>\r\n  <span class=\"nx\">file_permission<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"0400\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"local_file\"<\/span> <span class=\"s2\">\"public_key_openssh\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">filename<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_key_file<\/span>\r\n  <span class=\"nx\">content<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">tls_private_key<\/span><span class=\"err\">.<\/span><span class=\"nx\">keygen<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_key_openssh<\/span>\r\n  <span class=\"nx\">file_permission<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"0600\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nx\">output<\/span> <span class=\"s2\">\"private_key_file\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_key_file<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"private_key_pem\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">tls_private_key<\/span><span class=\"err\">.<\/span><span class=\"nx\">keygen<\/span><span class=\"err\">.<\/span><span class=\"nx\">private_key_pem<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"public_key_file\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_key_file<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"public_key_openssh\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">tls_private_key<\/span><span class=\"err\">.<\/span><span class=\"nx\">keygen<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_key_openssh<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_key_pair\"<\/span> <span class=\"s2\">\"key_pair\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">key_name<\/span>   <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"err\">.<\/span><span class=\"nx\">key_name<\/span>\r\n  <span class=\"nx\">public_key<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">tls_private_key<\/span><span class=\"err\">.<\/span><span class=\"nx\">keygen<\/span><span class=\"err\">.<\/span><span class=\"nx\">public_key_openssh<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"key_name\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_key_pair<\/span><span class=\"err\">.<\/span><span class=\"nx\">key_pair<\/span><span class=\"err\">.<\/span><span class=\"nx\">key_name<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u8fd9\u662f\u7ec4\u4ef6\u7684\u5904\u7406\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">module<\/span> <span class=\"s2\">\"ec2_key\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">source<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"..\/..\/modules\/key_pair\"<\/span>\r\n  <span class=\"nx\">public_key_file<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\".\/ec2-${terraform.workspace}.id_rsa.pub\"<\/span>\r\n  <span class=\"nx\">private_key_file<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\".\/ec2-${terraform.workspace}.id_rsa\"<\/span>\r\n  <span class=\"nx\">key_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ec2-${terraform.workspace}\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h3>\u5b9e\u4f8b<\/h3>\n<p>\u8ba9\u6211\u4eec\u6307\u5b9a\u5148\u524d\u521b\u5efa\u7684\u5bc6\u94a5\u5bf9\u3002<br \/>\n\u8bf7\u6ce8\u610f\uff0cAMI\u662fAmazon Linux2\u3002\u867d\u7136\u672c\u6587\u4e2d\u76f4\u63a5\u5199\u5165\u4e86AMI\u7684ID\uff0c<br \/>\n\u4f46\u6839\u636e\u8981\u6c42\uff0c\u60a8\u53ef\u4ee5\u81ea\u7531\u9009\u62e9\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_instance\"<\/span> <span class=\"s2\">\"ec2\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">ami<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ami-011facbea5ec0363b\"<\/span>\r\n  <span class=\"nx\">instance_type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"t3.nano\"<\/span>\r\n  <span class=\"nx\">availability_zone<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1c\"<\/span>\r\n  <span class=\"nx\">ebs_optimized<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n  <span class=\"nx\">vpc_security_group_ids<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"err\">.<\/span><span class=\"nx\">securitygroup<\/span><span class=\"err\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"err\">.<\/span><span class=\"nx\">ec2_security_group_id<\/span><span class=\"p\">]<\/span>\r\n  <span class=\"nx\">key_name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">module<\/span><span class=\"err\">.<\/span><span class=\"nx\">ec2_key<\/span><span class=\"err\">.<\/span><span class=\"nx\">key_name<\/span>\r\n  <span class=\"nx\">subnet_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"err\">.<\/span><span class=\"nx\">network<\/span><span class=\"err\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"err\">.<\/span><span class=\"nx\">sample_vpc_public_subnet_0_id<\/span>\r\n  <span class=\"nx\">associate_public_ip_address<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n\r\n  <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">Name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"sample-${terraform.workspace}\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h2>\u90e8\u7f72<\/h2>\n<p>\u7ec8\u4e8e\u8981\u90e8\u7f72\u4e86\uff01\u5728\u6267\u884c\u90e8\u7f72\u547d\u4ee4\u65f6\uff0c\u8bf7\u4e0d\u8981\u5fd8\u8bb0\u6307\u5b9a\u73af\u5883\u53d8\u91cf\u6587\u4ef6\u3002\u6b64\u5916\uff0c\u8bf7\u6ce8\u610f\u5de5\u4f5c\u7a7a\u95f4\u3002\u5f53\u8981\u90e8\u7f72\u5230\u6682\u5b58\u73af\u5883\u65f6\uff0c\u8bf7\u9009\u62e9terraform\u5de5\u4f5c\u7a7a\u95f4\u4e3astaging\u3002<\/p>\n<pre class=\"post-pre\"><code>$ cd .\/components\/network\/\r\n$ terraform workspace select staging\r\n\r\n$ terraform plan -var-file=\"..\/..\/environments\/$(terraform workspace show)\/terraform.tfvars\"\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code>$ terraform apply -var-file=\"..\/..\/environments\/$(terraform workspace show)\/terraform.tfvars\"\r\n<\/code><\/pre>\n<p>\u5982\u679c\u4ee5\u7f51\u7edc\u2192\u5b89\u5168\u7ec4\u2192\u6570\u636e\u5e93\u2192EC2\u7684\u987a\u5e8f\u8fdb\u884c\u90e8\u7f72\uff0c\u6211\u8ba4\u4e3a\u5e94\u8be5\u53ef\u4ee5\u987a\u5229\u5b8c\u6210\u3002<\/p>\n<p>\u4ee5\u4e0a &#8211; In Chinese, this term typically means &#8220;above&#8221; or &#8220;the above.&#8221; However, without additional context, it is challenging to provide a more accurate paraphrase.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5229\u7528\u8fd9\u7bc7\u6587\u7ae0\u521b\u4f5c\u7684\u4e1c\u897f VPC &nbsp; RDS(Aurora) &nbsp; EC2(\u8e0f\u307f\u53f0\u7528\u9014) &#038;n [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48451","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\uff080-12\uff09\u4ecevpc\u521b\u5efaec2\u548crds\u7684\u793a\u4f8b\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b\" \/>\n<meta property=\"og:description\" content=\"\u5229\u7528\u8fd9\u7bc7\u6587\u7ae0\u521b\u4f5c\u7684\u4e1c\u897f VPC &nbsp; RDS(Aurora) &nbsp; EC2(\u8e0f\u307f\u53f0\u7528\u9014) &amp;n [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\uff080-12\uff09\u4ecevpc\u521b\u5efaec2\u548crds\u7684\u793a\u4f8b\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-20T10:10:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-04T01:56:07+00:00\" \/>\n<meta name=\"author\" content=\"\u96c5, \u609f\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u96c5, \u609f\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/\",\"name\":\"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-07-20T10:10:39+00:00\",\"dateModified\":\"2024-05-04T01:56:07+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6\",\"name\":\"\u96c5, \u609f\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g\",\"caption\":\"\u96c5, \u609f\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/yawu\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\uff080-12\uff09\u4ecevpc\u521b\u5efaec2\u548crds\u7684\u793a\u4f8b\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b","og_description":"\u5229\u7528\u8fd9\u7bc7\u6587\u7ae0\u521b\u4f5c\u7684\u4e1c\u897f VPC &nbsp; RDS(Aurora) &nbsp; EC2(\u8e0f\u307f\u53f0\u7528\u9014) &n [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\uff080-12\uff09\u4ecevpc\u521b\u5efaec2\u548crds\u7684\u793a\u4f8b\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-07-20T10:10:39+00:00","article_modified_time":"2024-05-04T01:56:07+00:00","author":"\u96c5, \u609f","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u96c5, \u609f","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"8 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/","name":"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-07-20T10:10:39+00:00","dateModified":"2024-05-04T01:56:07+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528Terraform\uff080.12\uff09\u4eceVPC\u521b\u5efaEC2\u548cRDS\u7684\u793a\u4f8b"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/f044a4b7fa4ee2701702942002419ca6","name":"\u96c5, \u609f","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e71a913e914f1aad1efc391f92084294bac54bc782acd289638580134cf667a6?s=96&d=mm&r=g","caption":"\u96c5, \u609f"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/yawu\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%ef%bc%880-12%ef%bc%89%e4%bb%8evpc%e5%88%9b%e5%bb%baec2%e5%92%8crds%e7%9a%84%e7%a4%ba%e4%be%8b%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48451","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=48451"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48451\/revisions"}],"predecessor-version":[{"id":97631,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48451\/revisions\/97631"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=48451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=48451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=48451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}