{"id":48561,"date":"2023-05-25T02:06:44","date_gmt":"2023-03-10T12:56:42","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/"},"modified":"2024-04-30T05:51:18","modified_gmt":"2024-04-29T21:51:18","slug":"%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/","title":{"rendered":"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565"},"content":{"rendered":"<h1>\u9996\u5148<\/h1>\n<div>\u672c\u6587\u662fCisco Systems Japan Advent Calendar 2023\u7b2c\u4e03\u5929\u7684\u6587\u7ae0\u3002<\/div>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">2017\u5e74\u7248: https:\/\/qiita.com\/advent-calendar\/2017\/cisco<\/ul>\n<\/li>\n<\/ul>\n<p>2018\u5e74\u7248: https:\/\/qiita.com\/advent-calendar\/2018\/cisco<\/p>\n<p>2019\u5e74\u7248: https:\/\/qiita.com\/advent-calendar\/2019\/cisco<\/p>\n<p>2020\u5e74\u7248: https:\/\/qiita.com\/advent-calendar\/2020\/cisco<\/p>\n<p>2020\u5e74\u7248(2\u679a\u76ee): https:\/\/qiita.com\/advent-calendar\/2020\/cisco2<\/p>\n<p>2021\u5e74\u7248: https:\/\/qiita.com\/advent-calendar\/2021\/cisco<\/p>\n<p>2021\u5e74\u7248(2\u679a\u76ee): https:\/\/qiita.com\/advent-calendar\/2021\/cisco2<\/p>\n<p>2022\u5e74\u7248(1,2): https:\/\/qiita.com\/advent-calendar\/2022\/cisco<\/p>\n<p>2023\u5e74\u7248: https:\/\/qiita.com\/advent-calendar\/2023\/cisco &lt;=== \u3053\u3053<\/p>\n<h1>Cisco Identity Services Engine\uff08ISE\uff09\u662f\u4ec0\u4e48\uff1f<\/h1>\n<p>\u601d\u79d1\u8eab\u4efd\u670d\u52a1\u5f15\u64ce\uff08ISE\uff09\u662f\u601d\u79d1\u7cfb\u7edf\u63d0\u4f9b\u7684\u4e00\u79cd\u5b89\u5168\u8f6f\u4ef6\uff0c\u7528\u4e8e\u5728\u7f51\u7edc\u4e0a\u7ba1\u7406\u548c\u63a7\u5236\u8bbe\u5907\u548c\u7528\u6237\uff0c\u5e76\u6267\u884c\u5b89\u5168\u7b56\u7565\u3002<\/p>\n<h1>\u601d\u79d1ISE\u5b89\u5168\u7b56\u7565\u7684\u673a\u5236\u662f\u4ec0\u4e48\uff1f<\/h1>\n<p>\u5b89\u5168\u7b56\u7565\u7531\u4ee5\u4e0b\u8981\u7d20\u7ec4\u6210\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8\uff1a\u4ee5\u4e0b\u306e\uff12\u3064\u306e\u30dd\u30ea\u30b7\u30fc\u3092\u307e\u3068\u3081\u308b\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8<\/ul>\n<\/li>\n<\/ul>\n<p>\u8a8d\u8a3c\u30dd\u30ea\u30b7\u30fc\uff1a\u30a2\u30af\u30bb\u30b9\u3057\u3066\u304d\u305f\u30e6\u30fc\u30b6\u3084\u30c7\u30d0\u30a4\u30b9\u306e\u8a8d\u8a3c\u65b9\u5f0f\u3092\u5b9a\u7fa9<br \/>\n\u8a8d\u53ef\u30dd\u30ea\u30b7\u30fc\uff1a\u30a2\u30af\u30bb\u30b9\u3057\u3066\u304d\u305f\u30e6\u30fc\u30b6\u3084\u30c7\u30d0\u30a4\u30b9\u306b\u5272\u308a\u5f53\u3066\u308b\u6a29\u9650\u3092\u5b9a\u7fa9<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/8-0.png\" alt=\"image.png\" \/><\/div>\n<h1>\u6267\u884c<\/h1>\n<p>\u4f7f\u7528Terraform\uff0c\u53ef\u4ee5\u5728\u6d4f\u89c8\u5668\u4e0a\u9ad8\u6548\u5730\u5c06\u4ee5\u4e0b\u7b56\u7565\u90e8\u7f72\u5230Cisco ISE\u3002<\/p>\n<p>\u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8\u306e\u4f5c\u6210<\/p>\n<p>\u30eb\u30fc\u30eb\u540d\uff1a\u201dWired MAB\u201d<br \/>\n\u6761\u4ef6\uff1a&#8221;WiredMAB&#8221;<br \/>\n\u8a31\u53ef\u3055\u308c\u305f\u30d7\u30ed\u30c8\u30b3\u30eb\u30b5\u30fc\u30d3\u30b9\uff1a&#8221;Default Network Service&#8221;<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/12-0.png\" alt=\"image.png\" \/><\/div>\n<p>\u8a8d\u8a3c\u30dd\u30ea\u30b7\u30fc\u306e\u4f5c\u6210<\/p>\n<p>\u30eb\u30fc\u30eb\u540d\uff1aMAB<br \/>\n\u6761\u4ef6\uff1a&#8221;WiredMAB&#8221;<br \/>\n\u30a2\u30a4\u30c7\u30f3\u30c6\u30a3\u30c6\u30a3\u53c2\u7167\u5834\u6240\uff1a&#8221;Internal Endpoints&#8221;<br \/>\n\u8a8d\u8a3c\u5931\u6557\u6642\u306e\u51e6\u7406<\/p>\n<p>\u63a5\u7d9a\u306b\u5931\u6557\u3057\u305f\u5834\u5408\uff1a&#8221;REJECT&#8221;<br \/>\n\u30e6\u30fc\u30b6\u304c\u898b\u3064\u304b\u3089\u306a\u3044\u5834\u5408\uff1a&#8221;REJECT&#8221;<br \/>\n\u30d7\u30ed\u30bb\u30b9\u304c\u5931\u6557\u3057\u305f\u5834\u5408\uff1a&#8221;DROP&#8221;<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/14-0.png\" alt=\"image.png\" \/><\/div>\n<p>\u8a8d\u53ef\u30dd\u30ea\u30b7\u30fc\u306e\u4f5c\u6210<\/p>\n<p>\u30eb\u30fc\u30eb\u540d\uff1aMAB Endpoints<br \/>\n\u6761\u4ef6\uff1a&#8221;Endpoint Identity Groups:MAB-Endpoints&#8221;<br \/>\n\u7d50\u679c\uff1a&#8221;PermitAccess&#8221;<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/16-0.png\" alt=\"image.png\" \/><\/div>\n<h1>\u81ea\u52a8\u5316\u7684\u8d8b\u52bf<\/h1>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/18-0.jpeg\" alt=\"1205.jpg\" \/><\/div>\n<p>\uff11\uff0e\u5c06\u4ee3\u7801\u4ece\u672c\u5730\u4ed3\u5e93\u63a8\u9001\u5230\u8fdc\u7a0b\u4ed3\u5e93<br \/>\n\uff12\uff0e\u5728Terraform Cloud\u4e0a\u521b\u5efa\u5de5\u4f5c\u7a7a\u95f4\uff0c\u5e76\u5173\u8054GitHub\u548c\u4ed3\u5e93<br \/>\n\uff13\uff0e\u624b\u52a8\u89e6\u53d1\u6267\u884c\uff0c\u5e76\u5c06\u4efb\u52a1\u5206\u914d\u7ed9Agent<br \/>\n\uff14\uff0e\u6267\u884c\u4efb\u52a1\uff0c\u8fdb\u884cCisco ISE\u7684\u914d\u7f6e\u66f4\u6539<\/p>\n<h2>\u73af\u5883\u3002<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">GitHub<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Terraform v1.6.5<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">providers.ciscoise Version0.6.22-beta<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">WSL2(Ubuntu-22.04)<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">tfc-agent_1.14.1<\/ul>\n<h1>\u5efa\u7acb\u7a0b\u5e8f<\/h1>\n<p>1. Terraform\u4ee3\u7801<br \/>\n2. \u5c06\u4ee3\u7801\u63a8\u9001\u5230GitHub<br \/>\n3. Terraform Cloud\u914d\u7f6e<br \/>\n4. \u8fdb\u884c\u64cd\u4f5c\u9a8c\u8bc1<\/p>\n<h2>\uff11\uff0e\u571f\u58e4\u6574\u7406\u4ee3\u7801\u3002<\/h2>\n<p>\u8bf7\u53c2\u8003\u7531Hashicorp\u793e\u63d0\u4f9b\u7684Cisco Identity Services Engine\uff08ISE\uff09\u7684\u5b98\u65b9\u6587\u6863\u3002<\/p>\n<p>&nbsp;<\/p>\n<p>\u4ee5\u4e0b\u662fTerraform\u6267\u884c\u7684\u5404\u4e2a\u6587\u4ef6\u7684\u67b6\u6784\u548c\u89d2\u8272\u3002<\/p>\n<p>Policyset\uff1a\u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8\u306e\u4f5c\u6210<\/p>\n<p>Authentication\uff1a\u8a8d\u8a3c\u30dd\u30ea\u30b7\u30fc\u306e\u4f5c\u6210<\/p>\n<p>Authorization\uff1a\u8a8d\u53ef\u30dd\u30ea\u30b7\u30fc\u306e\u4f5c\u6210<\/p>\n<pre class=\"post-pre\"><code>.\r\n\u251c\u2500\u2500 work\r\n\u2502   \u251c\u2500\u2500 Policyset\r\n\u2502   \u2502   \u251c\u2500\u2500 main.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 providers.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 variables.tf\r\n\u2502   \u2502   \u2514\u2500\u2500 outputs.tf\r\n\u2502   \u2502     \r\n\u2502   \u251c\u2500\u2500 Authentication\r\n\u2502   \u2502   \u251c\u2500\u2500 main.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 providers.tf\r\n\u2502   \u2502   \u2514\u2500\u2500 variables.tf\r\n\u2502   \u2502\r\n\u2502   \u251c\u2500\u2500 Authorization\r\n\u2502   \u2502   \u251c\u2500\u2500 main.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 providers.tf\r\n\u2502   \u2502   \u2514\u2500\u2500 variables.tf  \r\n<\/code><\/pre>\n<h2>1-1. \u653f\u7b56\u96c6(\u521b\u5efa\u653f\u7b56\u96c6)<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">main.tf\uff1a\u30ea\u30bd\u30fc\u30b9\u306e\u5b9a\u7fa9\u3001\u30e1\u30a4\u30f3\u30b3\u30fc\u30c9<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">providers.tf\uff1a\u30b5\u30fc\u30d3\u30b9\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u5b9a\u7fa9<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">variables.tf\uff1a\u5909\u6570\u306e\u5b9a\u7fa9<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">output.tf\uff1a\u5b9f\u884c\u5f8c\u306b\u51fa\u529b\u3059\u308b\u5185\u5bb9\u306e\u5b9a\u7fa9<\/ul>\n<h2>\u4e3b.tf<\/h2>\n<pre class=\"post-pre\"><code><span class=\"c1\">## Cisco ISE\u306e\u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8\u3092\u7ba1\u7406\u3059\u308b\u30ea\u30bd\u30fc\u30b9\u3092\u5b9a\u7fa9<\/span>\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"ciscoise_network_access_policy_set\"<\/span> <span class=\"s2\">\"example\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">provider<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">ciscoise<\/span>\r\n  <span class=\"nx\">parameters<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"err\">\u3000<\/span><span class=\"c1\"># \u30eb\u30fc\u30eb\u540d<\/span>\r\n    <span class=\"nx\">name<\/span>         <span class=\"p\">=<\/span> <span class=\"s2\">\"Wired MAB\"<\/span>\r\n    <span class=\"c1\"># \u5099\u8003<\/span>\r\n    <span class=\"nx\">description<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"test policy set\"<\/span>\r\n    <span class=\"c1\"># \u30c7\u30d5\u30a9\u30eb\u30c8\u30dd\u30ea\u30b7\u30fc\u304b\u3069\u3046\u304b<\/span>\r\n    <span class=\"nx\">default<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"false\"<\/span>\r\n<span class=\"err\">\u3000\u3000<\/span><span class=\"c1\"># \u30dd\u30ea\u30b7\u30fc\u304c\u9069\u7528\u3055\u308c\u305f\u56de\u6570<\/span>\r\n    <span class=\"nx\">hit_counts<\/span>   <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n<span class=\"err\">\u3000\u3000<\/span><span class=\"c1\"># \u30dd\u30ea\u30b7\u30fc\u306e\u512a\u5148\u5ea6<\/span>\r\n    <span class=\"nx\">rank<\/span>         <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n    <span class=\"c1\"># \u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8\u304c\u9069\u7528\u3055\u308c\u308b\u30d7\u30ed\u30c8\u30b3\u30eb\u30b5\u30fc\u30d3\u30b9\u540d<\/span>\r\n    <span class=\"nx\">service_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Default Network Access\"<\/span>\r\n    <span class=\"c1\"># \u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8\u306e\u72b6\u614b<\/span>\r\n    <span class=\"nx\">state<\/span>        <span class=\"p\">=<\/span> <span class=\"s2\">\"enabled\"<\/span>\r\n\r\n    <span class=\"nx\">condition<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"err\">\u3000<\/span><span class=\"c1\"># \u6761\u4ef6\u30bf\u30a4\u30d7\u306e\u6307\u5b9a<\/span>\r\n      <span class=\"nx\">condition_type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ConditionAttributes\"<\/span>\r\n      <span class=\"c1\"># \u6761\u4ef6\u306e\u5c5e\u6027\u540d<\/span>\r\n      <span class=\"nx\">attribute_name<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"RadiusFlowType\"<\/span>\r\n      <span class=\"c1\"># \u6761\u4ef6\u306e\u5c5e\u6027\u5024<\/span>\r\n      <span class=\"nx\">attribute_value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"WiredMAB\"<\/span>\r\n      <span class=\"c1\"># \u6761\u4ef6\u306e\u8f9e\u66f8\u540d<\/span>\r\n      <span class=\"nx\">dictionary_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Normalised Radius\"<\/span>\r\n      <span class=\"c1\"># \u6bd4\u8f03\u6f14\u7b97\u5b50<\/span>\r\n      <span class=\"nx\">operator<\/span>        <span class=\"p\">=<\/span> <span class=\"s2\">\"equals\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u8d44\u6e90 &#8220;ciscoise_network_access_policy_set&#8221; &#8220;example&#8221; {}\uff1a<br \/>\n\u5b9a\u4e49\u7ba1\u7406Cisco ISE\u7684\u7b56\u7565\u96c6\u8d44\u6e90<br \/>\n\u53c2\u6570{}\uff1a\u5b9a\u4e49\u7b56\u7565\u96c6\u7684\u540d\u79f0\u3001\u4f18\u5148\u7ea7\u7b49\u672c\u8eab\u7684\u5b9a\u4e49<br \/>\n\u6761\u4ef6{}\uff1a\u6307\u5b9a\u5e94\u7528\u7b56\u7565\u96c6\u7684\u6761\u4ef6<\/p>\n<p>\u30fb\u79ef\u5206<br \/>\n\u672c\u6b21\u6211\u4eec\u9009\u62e9\u4e86ConditionAttributes\u4f5c\u4e3acondition_type\u6765\u521b\u5efa\u57fa\u4e8e\u5c5e\u6027\u503c\u7684\u6761\u4ef6\uff0c\u4f46\u8fd8\u6709\u5176\u4ed6\u9009\u9879\u5982\u4e0b\uff1a<br \/>\nConditionReference\uff1a\u5f15\u7528\u73b0\u6709\u6761\u4ef6<br \/>\nConditionAndBlock\/OrBlock\uff1a\u7ec4\u5408\u591a\u4e2a\u6761\u4ef6\u4ee5\u521b\u5efa\u903b\u8f91\u4e0a\u7684AND\u6216OR\u6761\u4ef6<\/p>\n<h2>\u63d0\u4f9b\u8005.tf<\/h2>\n<pre class=\"post-pre\"><code><span class=\"nx\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">required_providers<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">ciscoise<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">source<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"CiscoISE\/ciscoise\"<\/span>\r\n      <span class=\"nx\">version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"0.6.22-beta\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<span class=\"nx\">provider<\/span> <span class=\"s2\">\"ciscoise\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"c1\">## \u8a8d\u8a3c\u60c5\u5831\u3092\u5916\u90e8\u304b\u3089\u53d6\u5f97\u3059\u308b\u305f\u3081\u306e\u5909\u6570\u3092\u5b9a\u7fa9<\/span>\r\n  <span class=\"nx\">username<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"p\">.<\/span><span class=\"nx\">ciscoise_username<\/span>\r\n  <span class=\"nx\">password<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"p\">.<\/span><span class=\"nx\">ciscoise_password<\/span>\r\n  <span class=\"nx\">base_url<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">var<\/span><span class=\"p\">.<\/span><span class=\"nx\">ciscoise_base_url<\/span>\r\n  <span class=\"c1\">## SSL\u8a3c\u660e\u66f8\u306e\u691c\u8a3c<\/span>\r\n  <span class=\"nx\">ssl_verify<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"false\"<\/span>\r\n  <span class=\"c1\">## \u30ea\u30af\u30a8\u30b9\u30c8\u306e\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u5024<\/span>\r\n  <span class=\"nx\">single_request_timeout<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">150<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>terraform{}\uff1a\u7528\u4e8e\u6307\u5b9a\u63d0\u4f9b\u7a0b\u5e8f\u548c\u7248\u672c\u3002<br \/>\nprovider{}\uff1a\u7528\u4e8e\u914d\u7f6e\u63d0\u4f9b\u7a0b\u5e8f\u7684\u5177\u4f53\u8bbe\u7f6e\uff0c\u5982\u8ba4\u8bc1\u4fe1\u606f\u548cURL\u3002<\/p>\n<h2>variables.tf (\u53d8\u91cf.tf)<\/h2>\n<pre class=\"post-pre\"><code><span class=\"nx\">variable<\/span> <span class=\"s2\">\"ciscoise_username\"<\/span> <span class=\"p\">{<\/span>\r\n<span class=\"err\">\u3000<\/span><span class=\"c1\">## \u5909\u6570\u306e\u30c7\u30fc\u30bf\u578b\u3092\u6587\u5b57\u5217\u578b\u306b\u6307\u5b9a<\/span>\r\n  <span class=\"nx\">type<\/span>        <span class=\"p\">=<\/span> <span class=\"nx\">string<\/span>\r\n  <span class=\"nx\">description<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Username\"<\/span>\r\n  <span class=\"c1\">## \u30c7\u30d5\u30a9\u30eb\u30c8\u5024\u306e\u5b9a\u7fa9<\/span>\r\n  <span class=\"nx\">default<\/span>     <span class=\"p\">=<\/span> <span class=\"s2\">\"*****\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"ciscoise_password\"<\/span> <span class=\"p\">{<\/span>\r\n<span class=\"err\">\u3000<\/span><span class=\"c1\">## \u5909\u6570\u306e\u30c7\u30fc\u30bf\u578b\u3092\u6587\u5b57\u5217\u578b\u306b\u6307\u5b9a<\/span>\r\n  <span class=\"nx\">type<\/span>        <span class=\"p\">=<\/span> <span class=\"nx\">string<\/span>\r\n  <span class=\"nx\">description<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Password\"<\/span>\r\n  <span class=\"c1\">## \u30c7\u30d5\u30a9\u30eb\u30c8\u5024\u306e\u5b9a\u7fa9<\/span>\r\n  <span class=\"nx\">default<\/span>     <span class=\"p\">=<\/span> <span class=\"s2\">\"*****\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"ciscoise_base_url\"<\/span> <span class=\"p\">{<\/span>\r\n<span class=\"err\">\u3000<\/span><span class=\"c1\">## \u5909\u6570\u306e\u30c7\u30fc\u30bf\u578b\u3092\u6587\u5b57\u5217\u578b\u306b\u6307\u5b9a<\/span>\r\n  <span class=\"nx\">type<\/span>        <span class=\"p\">=<\/span> <span class=\"nx\">string<\/span>\r\n  <span class=\"c1\">## \u30c7\u30d5\u30a9\u30eb\u30c8\u5024\u306e\u5b9a\u7fa9 <\/span>\r\n  <span class=\"nx\">default<\/span>     <span class=\"p\">=<\/span> <span class=\"s2\">\"https:\/\/*****\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u53d8\u91cf &#8220;ciscoise_username&#8221; {}\uff1a\u5b9a\u4e49\u4e00\u4e2a\u53d8\u91cf\u3002<\/p>\n<h2>output.tf\u6587\u4ef6<\/h2>\n<pre class=\"post-pre\"><code><span class=\"nx\">output<\/span> <span class=\"s2\">\"policy_set_id\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8ID\u306e\u53d6\u5f97<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">ciscoise_network_access_policy_set<\/span><span class=\"p\">.<\/span><span class=\"nx\">example<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">output<\/span> <span class=\"s2\">\"policy_set_id_value\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8ID\u306e\u4e00\u90e8\u3092\u53d6\u5f97<\/span>\r\n  <span class=\"nx\">value<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">substr<\/span><span class=\"p\">(<\/span><span class=\"nx\">ciscoise_network_access_policy_set<\/span><span class=\"p\">.<\/span><span class=\"nx\">example<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span><span class=\"p\">,<\/span> <span class=\"mi\">4<\/span><span class=\"p\">,<\/span> <span class=\"mi\">36<\/span><span class=\"p\">)<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u901a\u8fc7\u8f93\u51fa\u201cpolicy_set_id\u201d {}\uff1a\u6765\u663e\u793a\u4ece\u6267\u884c\u7ed3\u679c\u4e2d\u83b7\u53d6\u7684\u4fe1\u606f\u3002\u6216\u8005\uff0c\u4f7f\u5176\u53ef\u5728\u53e6\u4e00\u4e2a\u76ee\u5f55\u4e2d\u4f7f\u7528\u3002<\/p>\n<ul class=\"post-ul\">\u30dd\u30a4\u30f3\u30c8<\/ul>\n<p>\u53d6\u5f97\u7684\u503c\u5b58\u50a8\u5728ciscoise_network_access_policy_set.example.id\u4e2d\uff0c\u9700\u7b26\u5408\u4ee5\u4e0b\u683c\u5f0f\u3002<\/p>\n<pre class=\"post-pre\"><code>policy_set_id = \"id:=e20eeef6-****-****-****-************\\\\name:=test-policyset\r\n<\/code><\/pre>\n<p>\u7531\u4e8e\u9700\u8981\u5f15\u75281-2, 1-3\u4e2d\u7684\u7b56\u7565\u96c6ID\uff0c\u56e0\u6b64\u4f7f\u7528substr() \u51fd\u6570\u4ec5\u8f93\u51faUUID\u3002<br \/>\n\u503c = substr(ciscoise_network_access_policy_set.example.id, 4, 36)<\/p>\n<pre class=\"post-pre\"><code>policy_set_id_value = \"e20eeef6****-****-****-************\"\r\n<\/code><\/pre>\n<h2>1-2. \u521b\u5efa\u8ba4\u8bc1\u7b56\u7565 (Authentication Policy Creation)<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">main.tf<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">providers.tf\uff081.1\u3068\u540c\u4e00\u30d5\u30a1\u30a4\u30eb\u306e\u305f\u3081\u8aac\u660e\u7701\u7565\uff09<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">variables.tf\uff081.1\u3068\u540c\u4e00\u30d5\u30a1\u30a4\u30eb\u306e\u305f\u3081\u8aac\u660e\u7701\u7565\uff09<\/ul>\n<h2>\u4e3b\u8981.tf<\/h2>\n<pre class=\"post-pre\"><code>\r\n<span class=\"c1\">## \u30ea\u30e2\u30fc\u30c8\u30b9\u30c6\u30fc\u30c8\u306e\u30c7\u30fc\u30bf\u3092\u53d6\u5f97\u3059\u308b<\/span>\r\n<span class=\"nx\">data<\/span> <span class=\"s2\">\"terraform_remote_state\"<\/span> <span class=\"s2\">\"status\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"c1\">## \u30ea\u30e2\u30fc\u30c8\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u3092\u6307\u5b9a<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"remote\"<\/span>\r\n\r\n  <span class=\"nx\">config<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"c1\">## Terraform Cloud\u306e\u7d44\u7e54\u540d\u3092\u6307\u5b9a<\/span>\r\n    <span class=\"nx\">organization<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Terraform-Cloud-ISE\"<\/span>\r\n    <span class=\"nx\">workspaces<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"c1\">## Workspace\u540d\u3092\u6307\u5b9a<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"policyset_create\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<span class=\"c1\">## \u8a8d\u8a3c\u30dd\u30ea\u30b7\u30fc\u3092\u7ba1\u7406\u3059\u308bTerraform\u30ea\u30bd\u30fc\u30b9\u3092\u5b9a\u7fa9<\/span>\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"ciscoise_network_access_authentication_rules\"<\/span> <span class=\"s2\">\"example\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">provider<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">ciscoise<\/span>\r\n  <span class=\"nx\">parameters<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"c1\">## \u30a2\u30a4\u30c7\u30f3\u30c6\u30a3\u30c6\u30a3\u53c2\u7167\u5834\u6240<\/span>\r\n    <span class=\"nx\">identity_source_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Internal Endpoints\"<\/span>\r\n    <span class=\"c1\">## \u8a8d\u8a3c\u304c\u5931\u6557\u3057\u305f\u5834\u5408\u306e\u52d5\u4f5c<\/span>\r\n    <span class=\"nx\">if_auth_fail<\/span>         <span class=\"p\">=<\/span> <span class=\"s2\">\"REJECT\"<\/span>\r\n    <span class=\"c1\">## \u30e6\u30fc\u30b6\u304c\u898b\u3064\u304b\u3089\u306a\u304b\u3063\u305f\u5834\u5408\u306e\u52d5\u4f5c<\/span>\r\n    <span class=\"nx\">if_user_not_found<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"REJECT\"<\/span>\r\n    <span class=\"c1\">## \u30d7\u30ed\u30bb\u30b9\u304c\u5931\u6557\u3057\u305f\u5834\u5408\u306e\u52d5\u4f5c<\/span>\r\n    <span class=\"nx\">if_process_fail<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"DROP\"<\/span>\r\n\r\n<span class=\"err\">\u3000\u3000<\/span><span class=\"c1\">## \u30ea\u30e2\u30fc\u30c8\u30b9\u30c6\u30fc\u30c8\u304b\u3089\u53d6\u5f97\u3057\u305f`policy_set_id_value`\u3092\u53c2\u7167\u3057\u30dd\u30ea\u30b7\u30fcID\u3092\u6307\u5b9a<\/span>\r\n    <span class=\"nx\">policy_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"p\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"p\">.<\/span><span class=\"nx\">policy_set_id_value<\/span>\r\n    <span class=\"nx\">rule<\/span> <span class=\"p\">{<\/span>\r\n\r\n      <span class=\"nx\">condition<\/span> <span class=\"p\">{<\/span>\r\n<span class=\"err\">\u3000\u3000\u3000\u3000<\/span><span class=\"c1\">## \u6761\u4ef6\u30bf\u30a4\u30d7\u306e\u6307\u5b9a <\/span>\r\n        <span class=\"nx\">condition_type<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"ConditionAttributes\"<\/span>\r\n        <span class=\"c1\">## \u6761\u4ef6\u306e\u5c5e\u6027\u540d<\/span>\r\n        <span class=\"nx\">attribute_name<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"RadiusFlowType\"<\/span>\r\n        <span class=\"c1\">## \u6761\u4ef6\u306e\u5c5e\u6027\u5024<\/span>\r\n        <span class=\"nx\">attribute_value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"WiredMAB\"<\/span>\r\n        <span class=\"c1\">## \u6761\u4ef6\u306e\u8f9e\u66f8\u540d<\/span>\r\n        <span class=\"nx\">dictionary_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Normalised Radius\"<\/span>\r\n        <span class=\"c1\">## \u6bd4\u8f03\u6f14\u7b97\u5b50<\/span>\r\n        <span class=\"nx\">operator<\/span>        <span class=\"p\">=<\/span> <span class=\"s2\">\"equals\"<\/span>\r\n      <span class=\"p\">}<\/span>\r\n      <span class=\"c1\">## \u30c7\u30d5\u30a9\u30eb\u30c8\u30dd\u30ea\u30b7\u30fc\u304b\u3069\u3046\u304b<\/span>\r\n      <span class=\"nx\">default<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"false\"<\/span>\r\n      <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u304c\u9069\u7528\u3055\u308c\u305f\u56de\u6570<\/span>\r\n      <span class=\"nx\">hit_counts<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n      <span class=\"c1\">## \u30eb\u30fc\u30eb\u540d<\/span>\r\n      <span class=\"nx\">name<\/span>       <span class=\"p\">=<\/span> <span class=\"s2\">\"MAB\"<\/span>\r\n      <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u306e\u512a\u5148\u5ea6<\/span>\r\n      <span class=\"nx\">rank<\/span>       <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n      <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u306e\u72b6\u614b<\/span>\r\n      <span class=\"nx\">state<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"enabled\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u8d44\u6e90 &#8220;ciscoise_network_access_authentication_rules&#8221; &#8220;example&#8221;{}\uff1a<br \/>\n\u7ba1\u7406Cisco ISE\u7684\u8ba4\u8bc1\u7b56\u7565\u8d44\u6e90<\/p>\n<p>\u6570\u636e\u201cterraform_remote_state\u201d &#8220;status{}\uff1a\u5f15\u7528\u53e6\u4e00\u4e2a\u6587\u4ef6\u5939\u4e2d\u7684.tfstate\u6587\u4ef6\u7684\u8f93\u51fa\u3002<\/p>\n<p>\u8d44\u6e90 &#8220;ciscoise_network_access_authentication_rules&#8221; &#8220;example&#8221;{}\uff1a<br \/>\n\u7528\u4e8e\u7ba1\u7406 Cisco ISE \u7684\u7f51\u7edc\u8bbf\u95ee\u8ba4\u8bc1\u89c4\u5219<\/p>\n<ul class=\"post-ul\">\u30dd\u30a4\u30f3\u30c8<\/ul>\n<p>\u5728output.tf\u6587\u4ef6\u4e2d\uff0c\u4f7f\u7528data.terraform_remote_state.status.outputs.policy_set_id_value\u6765\u5f15\u7528\u901a\u8fc7policy_id\u8f93\u51fa\u7684\u7b56\u7565ID\u3002<\/p>\n<h2>1.3. \u6388\u6743\uff08\u521b\u5efa\u8ba4\u53ef\u7b56\u7565\uff09<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">main.tf<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">providers.tf\uff081.1\u3068\u540c\u4e00\u30d5\u30a1\u30a4\u30eb\u306e\u305f\u3081\u8aac\u660e\u7701\u7565\uff09<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">variables.tf\uff081.1\u3068\u540c\u4e00\u30d5\u30a1\u30a4\u30eb\u306e\u305f\u3081\u8aac\u660e\u7701\u7565\uff09<\/ul>\n<h2>\u4e3b.tf<\/h2>\n<pre class=\"post-pre\"><code><span class=\"nx\">data<\/span> <span class=\"s2\">\"terraform_remote_state\"<\/span> <span class=\"s2\">\"status\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"c1\">## \u30ea\u30e2\u30fc\u30c8\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u3092\u6307\u5b9a<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"remote\"<\/span>\r\n\r\n  <span class=\"nx\">config<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"c1\">## Terraform Cloud\u306e\u7d44\u7e54\u540d\u3092\u6307\u5b9a<\/span>\r\n    <span class=\"nx\">organization<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Terraform-Cloud-ISE\"<\/span>\r\n    <span class=\"nx\">workspaces<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"c1\">## Workspace\u540d\u3092\u6307\u5b9a<\/span>\r\n    <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"policyset_create\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<span class=\"c1\">## Cisco ISE\u306e\u8a8d\u53ef\u30dd\u30ea\u30b7\u30fc\u7ba1\u7406\u3059\u308bTerraform\u30ea\u30bd\u30fc\u30b9\u3092\u5b9a\u7fa9<\/span>\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"ciscoise_network_access_authorization_rules\"<\/span> <span class=\"s2\">\"example\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">provider<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">ciscoise<\/span>\r\n  <span class=\"nx\">parameters<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"c1\">## \u30ea\u30e2\u30fc\u30c8\u30b9\u30c6\u30fc\u30c8\u304b\u3089\u53d6\u5f97\u3057\u305f`policy_set_id_value`\u3092\u4f7f\u7528\u3057\u3066\u30dd\u30ea\u30b7\u30fcID\u3092\u6307\u5b9a<\/span>\r\n    <span class=\"nx\">policy_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"p\">.<\/span><span class=\"nx\">terraform_remote_state<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">.<\/span><span class=\"nx\">outputs<\/span><span class=\"p\">.<\/span><span class=\"nx\">policy_set_id_value<\/span>\r\n    <span class=\"c1\">## \u8a8d\u53ef\u30eb\u30fc\u30eb\u306e\u7d50\u679c\u3092\u6307\u5b9a<\/span>\r\n    <span class=\"nx\">profile<\/span>   <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"PermitAccess\"<\/span><span class=\"p\">]<\/span>\r\n    <span class=\"nx\">rule<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"err\">\u3000<\/span><span class=\"c1\">## \u30eb\u30fc\u30eb\u306e\u6761\u4ef6\u3092\u6307\u5b9a<\/span>\r\n      <span class=\"nx\">condition<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"c1\">## \u6761\u4ef6\u30bf\u30a4\u30d7\u306e\u6307\u5b9a <\/span>\r\n        <span class=\"nx\">condition_type<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"ConditionAttributes\"<\/span>\r\n        <span class=\"c1\">## \u6761\u4ef6\u306e\u5c5e\u6027\u540d<\/span>\r\n        <span class=\"nx\">attribute_name<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"Name\"<\/span>\r\n        <span class=\"c1\">## \u6761\u4ef6\u306e\u5c5e\u6027\u5024<\/span>\r\n        <span class=\"nx\">attribute_value<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Endpoint Identity Groups:MAB-Endpoints\"<\/span>\r\n        <span class=\"c1\">## \u6761\u4ef6\u306e\u8f9e\u66f8\u540d<\/span>\r\n        <span class=\"nx\">dictionary_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"IdentityGroup\"<\/span>\r\n        <span class=\"c1\">## \u6bd4\u8f03\u6f14\u7b97\u5b50<\/span>\r\n        <span class=\"nx\">operator<\/span>        <span class=\"p\">=<\/span> <span class=\"s2\">\"equals\"<\/span>\r\n      <span class=\"p\">}<\/span>\r\n    <span class=\"c1\">## \u30c7\u30d5\u30a9\u30eb\u30c8\u30dd\u30ea\u30b7\u30fc\u304b\u3069\u3046\u304b<\/span>\r\n    <span class=\"nx\">default<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"false\"<\/span>\r\n    <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u304c\u9069\u7528\u3055\u308c\u305f\u56de\u6570<\/span>\r\n    <span class=\"nx\">hit_counts<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n    <span class=\"c1\">## \u30eb\u30fc\u30eb\u540d<\/span>\r\n    <span class=\"nx\">name<\/span>       <span class=\"p\">=<\/span> <span class=\"s2\">\"MAB Endpoints\"<\/span>\r\n    <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u306e\u512a\u5148\u5ea6<\/span>\r\n    <span class=\"nx\">rank<\/span>       <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n    <span class=\"c1\">## \u30dd\u30ea\u30b7\u30fc\u306e\u72b6\u614b<\/span>\r\n    <span class=\"nx\">state<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"enabled\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u8d44\u6e90\u201cciscoise_network_access_authorization_rules\u201d\u201cexample\u201d {}\uff1a<br \/>\n\u7ba1\u7406Cisco ISE\u7684\u6388\u6743\u7b56\u7565\u7684\u8d44\u6e90\u3002<\/p>\n<h2>\u5c06\u4ee3\u7801\u63a8\u9001\u5230GitHub\u3002<\/h2>\n<p>\u5c06\u4f7f\u7528Terraform\u7f16\u5199\u7684\u4ee3\u7801\u63a8\u9001\u5230\u8fdc\u7a0b\u4ee3\u7801\u5e93<br \/>\n\u7701\u7565\u4e86\u5c06\u4ee3\u7801\u63a8\u9001\u5230GitHub\u7684\u65b9\u6cd5<\/p>\n<h2>\u4e09\uff0eTerraform Cloud\u914d\u7f6e<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Workspace\u3092\uff13\u3064\u4f5c\u6210<\/ul>\n<\/li>\n<\/ul>\n<p>policy_create\uff1a\u30dd\u30ea\u30b7\u30fc\u30bb\u30c3\u30c8\u4f5c\u6210\u7528<\/p>\n<p>authn_create\uff1a\u8a8d\u8a3c\u30dd\u30ea\u30b7\u30fc\u4f5c\u6210\u7528<\/p>\n<p>authz_create\uff1a\u8a8d\u53ef\u30dd\u30ea\u30b7\u30fc\u4f5c\u6210\u7528<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/68-0.jpeg\" alt=\"terraform5.jpg\" \/><\/div>\n<h2>\u521b\u5efaWorkspace<\/h2>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/70-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/71-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/72-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/73-0.png\" alt=\"workspace6.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/74-0.png\" alt=\"image.png\" \/><\/div>\n<h2>3-2. \u5de5\u4f5c\u7a7a\u95f4\u7684\u8bbe\u7f6e<\/h2>\n<h3>\u8bbe\u7f6e\u5de5\u4f5c\u76ee\u5f55<\/h3>\n<p>\u8bbe\u7f6eTerraform\u6267\u884c\u7684\u76ee\u5f55<br \/>\n\u7531\u4e8e\u5f53\u524d\u4ed3\u5e93\u6839\u76ee\u5f55\u4e3a .\/work\uff0c\u56e0\u6b64\u9700\u8981\u7528\u76f8\u5bf9\u8def\u5f84\u6307\u5b9a\u6bcf\u4e2a\u5de5\u4f5c\u7a7a\u95f4\u7684\u5de5\u4f5c\u76ee\u5f55\u3002<\/p>\n<pre class=\"post-pre\"><code>.\r\n\u251c\u2500\u2500 work\r\n\u2502   \u251c\u2500\u2500 Policyset\r\n\u2502   \u2502   \u251c\u2500\u2500 main.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 providers.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 variables.tf\r\n\u2502   \u2502   \u2514\u2500\u2500 outputs.tf\r\n\u2502   \u2502     \r\n\u2502   \u251c\u2500\u2500 Authentication\r\n\u2502   \u2502   \u251c\u2500\u2500 main.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 providers.tf\r\n\u2502   \u2502   \u2514\u2500\u2500 variables.tf\r\n\u2502   \u2502\r\n\u2502   \u251c\u2500\u2500 Authorization\r\n\u2502   \u2502   \u251c\u2500\u2500 main.tf\r\n\u2502   \u2502   \u251c\u2500\u2500 providers.tf\r\n\u2502   \u2502   \u2514\u2500\u2500 variables.tf  \r\n<\/code><\/pre>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/79-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/80-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/81-0.png\" alt=\"image.png\" \/><\/div>\n<h3>\u81ea\u52a8\u7533\u8bf7\u8bbe\u7f6e<\/h3>\n<p>\u5982\u679c\u8ba1\u5212\u6210\u529f\uff0c\u5c06\u8bbe\u7f6e\u81ea\u52a8\u6267\u884c\u5e94\u7528\u3002<br \/>\n\u5728\u5de5\u4f5c\u533a\u5e94\u7528\u5b8c\u6210\u540e\uff0c\u8fd8\u4f1a\u542f\u7528\u81ea\u52a8\u89e6\u53d1\u5668\u6765\u6267\u884c\u4e0b\u4e00\u4e2a\u5de5\u4f5c\u533a\u7684\u8bbe\u7f6e\u3002<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/84-0.png\" alt=\"image.png\" \/><\/div>\n<h3>\u8bbe\u5b9a\u6267\u884c\u89e6\u53d1\u5668<\/h3>\n<p>\u5c06policyset_create\u7684\u5e94\u7528\u4f5c\u4e3a\u89e6\u53d1\u5668\uff0c\u81ea\u52a8\u6267\u884cauthn_create\uff08\u521b\u5efa\u8ba4\u8bc1\u7b56\u7565\uff09\u548cauthz_create\uff08\u521b\u5efa\u6388\u6743\u7b56\u7565\uff09\u7684\u8bbe\u7f6e\u3002<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/87-0.png\" alt=\"image.png\" \/><\/div>\n<h3>\u8fdc\u7a0b\u72b6\u6001\u5171\u4eab\u7684\u8bbe\u7f6e<\/h3>\n<p>\u8fdb\u884c\u5c06terraform_remote_state\u4e0e\u5176\u4ed6\u5de5\u4f5c\u533a\u5171\u4eab\u7684\u8bbe\u7f6e\u3002<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/90-0.png\" alt=\"image.png\" \/><\/div>\n<h3>\u4ee3\u7406\u4eba\u7684\u8bbe\u7f6e<\/h3>\n<p>\u7531\u4e8e\u672c\u6b21\u8bbe\u5b9a\u66f4\u6539\u7684Cisco ISE\u5b58\u5728\u4e8e\u79c1\u6709\u7f51\u7edc\u4e2d\uff0c\u56e0\u6b64\u9700\u8981\u5b89\u88c5Agent\u3002<br \/>\n\u7701\u7565Agent\u7684\u5b89\u88c5\u65b9\u6cd5\u3002<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/93-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/94-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/95-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/96-0.png\" alt=\"image.png\" \/><\/div>\n<p>\u4ee3\u7406\u4eba\u79fb\u52a8\u5230\u5df2\u5b89\u88c5\u4ee3\u7406\u7684\u76ee\u5f55\uff0c\u5e76\u8bbe\u7f6e\u4ee4\u724c\u548c\u4ee3\u7406\u540d\u79f0\uff0c\u7136\u540e\u542f\u52a8\u4ee3\u7406\u3002\u203b\u8bf7\u53c2\u8003\u751f\u6210\u4ee4\u724c\u65f6\u7684\u547d\u4ee4\u8bf4\u660e\u3002<\/p>\n<pre class=\"post-pre\"><code>$ export TFC_AGENT_TOKEN= &lt;token&gt;\r\n$ export TFC_AGENT_NAME=CiscoISE-Agent\r\n$ .\/tfc-agent\r\n2023-12-06T17:40:30.410+0900 [INFO]  agent: Starting: agent_name=CiscoISE-Agent agent_version=1.14.1\r\n2023-12-06T17:40:30.500+0900 [INFO]  core: Starting: version=1.14.1\r\n2023-12-06T17:40:31.448+0900 [INFO]  core: Agent registered successfully with Terraform Cloud: agent_id=&lt;agent id&gt; agent_pool_id=&lt;agent pool id&gt;\r\n2023-12-06T17:40:31.573+0900 [INFO]  agent: Core version is up to date: version=1.14.1\r\n2023-12-06T17:40:31.573+0900 [INFO]  core: Waiting for next job\r\n<\/code><\/pre>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/99-0.png\" alt=\"image.png\" \/><\/div>\n<h2>4. \u9a8c\u8bc1\u52a8\u4f5c<\/h2>\n<p>\u7531\u4e8e\u51c6\u5907\u5de5\u4f5c\u5df2\u7ecf\u5b8c\u6210\uff0c\u73b0\u5728\u53ef\u4ee5\u5b9e\u9645\u6267\u884c\u4e00\u4e0b\u4e86\u3002<\/p>\n<h2>4.1 \u901a\u8fc7 Terraform Cloud \u8fdb\u884c\u90e8\u7f72<\/h2>\n<p>\u4ece\u8bbe\u7f6e\u6267\u884c\u89e6\u53d1\u5668\u4e2d\uff0c\u5f53 policyset_create \u6267\u884c\u6210\u529f\u65f6\uff0cauthn_create \/ authz_create \u4f1a\u81ea\u52a8\u6267\u884c\uff0c\u56e0\u6b64\u53ea\u9700\u8981\u624b\u52a8\u8fd0\u884c policyset_create\u3002<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/104-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/105-0.png\" alt=\"image.png\" \/><\/div>\n<h2>4.2 \u6267\u884c\u7ed3\u679c\uff08\u521b\u5efa\u7b56\u7565\u96c6\uff09<\/h2>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/107-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/108-0.png\" alt=\"image.png\" \/><\/div>\n<h2>4.3 \u6267\u884c\u7ed3\u679c\uff08authn_create\/authz_create\uff09<\/h2>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/110-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/111-0.png\" alt=\"image.png\" \/><\/div>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/112-0.png\" alt=\"image.png\" \/><\/div>\n<h1>\u6700\u540e<\/h1>\n<p>\u8fd9\u6b21\u6211\u5c1d\u8bd5\u4f7f\u7528Terraform\u6765\u914d\u7f6eISE\uff0c\u4f46\u662f\u53d1\u73b0\u7f16\u5199\u4ee3\u7801\u7684\u65b9\u5f0f\u5f88\u7279\u522b\uff0c\u6709\u4e9b\u8d44\u6e90\u53ef\u80fd\u56e0\u4e3aTerraform\u7248\u672c\u4e0d\u540c\u800c\u65e0\u6cd5\u8fd0\u884c\uff0c\u6240\u4ee5\u9047\u5230\u4e86\u4e00\u4e9b\u56f0\u96be\u3002<br \/>\n\u53e6\u5916\uff0c\u6211\u89c9\u5f97\u4e0d\u4ec5\u4ec5\u662f\u5b89\u5168\u7b56\u7565\uff0c\u5982\u679c\u80fd\u591f\u6839\u636e\u9891\u7e41\u914d\u7f6e\u7684\u9879\u76ee\u548c\u5e38\u89c1\u7684\u4f7f\u7528\u60c5\u51b5\u521b\u5efa\u6a21\u677f\uff0c\u53ef\u80fd\u4f1a\u66f4\u52a0\u9ad8\u6548\u3002<br \/>\n\u6211\u5c06\u7ee7\u7eed\u63a2\u7d22Terraform\u7684\u53ef\u80fd\u6027\u3002<\/p>\n<h1>\u514d\u8d23\u4e8b\u9879<\/h1>\n<p>\u5728\u672c\u7f51\u7ad9\u548c\u76f8\u5173\u8bc4\u8bba\u4e2d\u8868\u8fbe\u7684\u610f\u89c1\u662f\u6295\u7a3f\u8005\u672c\u4eba\u7684\u4e2a\u4eba\u610f\u89c1\uff0c\u4e0d\u4ee3\u8868\u601d\u79d1\u516c\u53f8\u7684\u89c2\u70b9\u3002\u672c\u7f51\u7ad9\u7684\u5185\u5bb9\u4ec5\u4f9b\u4fe1\u606f\u63d0\u4f9b\u76ee\u7684\uff0c\u4e0d\u65e8\u5728\u63a8\u8350\u6216\u4ee3\u8868\u601d\u79d1\u6216\u5176\u4ed6\u76f8\u5173\u65b9\u7684\u610f\u89c1\u3002\u6bcf\u4e2a\u7528\u6237\u901a\u8fc7\u5728\u672c\u7f51\u7ad9\u4e0a\u53d1\u5e03\u3001\u94fe\u63a5\u6216\u4ee5\u5176\u4ed6\u65b9\u5f0f\u4e0a\u4f20\u7684\u6240\u6709\u4fe1\u606f\u5185\u5bb9\u8d1f\u6709\u5168\u90e8\u8d23\u4efb\uff0c\u5e76\u540c\u610f\u514d\u9664\u601d\u79d1\u516c\u53f8\u5bf9\u4e8e\u4f7f\u7528\u672c\u7f51\u7ad9\u6240\u4ea7\u751f\u7684\u4efb\u4f55\u8d23\u4efb\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9996\u5148 \u672c\u6587\u662fCisco Systems Japan Advent Calendar 2023\u7b2c\u4e03\u5929\u7684\u6587\u7ae0\u3002 2 [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48561","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u521b\u5efacisco-ise\u7b56\u7565\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565\" \/>\n<meta property=\"og:description\" content=\"\u9996\u5148 \u672c\u6587\u662fCisco Systems Japan Advent Calendar 2023\u7b2c\u4e03\u5929\u7684\u6587\u7ae0\u3002 2 [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u521b\u5efacisco-ise\u7b56\u7565\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-10T12:56:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-29T21:51:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/8-0.png\" \/>\n<meta name=\"author\" content=\"\u9038, \u79d1\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u9038, \u79d1\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/\",\"name\":\"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-03-10T12:56:42+00:00\",\"dateModified\":\"2024-04-29T21:51:18+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\",\"name\":\"\u9038, \u79d1\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"caption\":\"\u9038, \u79d1\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u521b\u5efacisco-ise\u7b56\u7565\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565","og_description":"\u9996\u5148 \u672c\u6587\u662fCisco Systems Japan Advent Calendar 2023\u7b2c\u4e03\u5929\u7684\u6587\u7ae0\u3002 2 [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u521b\u5efacisco-ise\u7b56\u7565\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-03-10T12:56:42+00:00","article_modified_time":"2024-04-29T21:51:18+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8604913a08637a6bae8d\/8-0.png"}],"author":"\u9038, \u79d1","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u9038, \u79d1","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"4 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/","name":"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-03-10T12:56:42+00:00","dateModified":"2024-04-29T21:51:18+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528Terraform\u521b\u5efaCisco ISE\u7b56\u7565"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487","name":"\u9038, \u79d1","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","caption":"\u9038, \u79d1"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%88%9b%e5%bb%bacisco-ise%e7%ad%96%e7%95%a5%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48561","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=48561"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48561\/revisions"}],"predecessor-version":[{"id":90085,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48561\/revisions\/90085"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=48561"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=48561"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=48561"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}