{"id":48851,"date":"2022-12-31T10:56:52","date_gmt":"2023-07-25T01:33:19","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/"},"modified":"2024-04-29T07:48:10","modified_gmt":"2024-04-28T23:48:10","slug":"%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/","title":{"rendered":"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001"},"content":{"rendered":"<h2>\u5728\u4e2d\u56fd\u5357\u65b9\uff0c\u6709\u4e00\u5ea7\u7f8e\u4e3d\u7684\u5c0f\u57ce\u5e02\u3002\u8fd9\u5ea7\u57ce\u5e02\u5750\u843d\u5728\u84dd\u5929\u548c\u7fe0\u7eff\u5c71\u8109\u7684\u6620\u886c\u4e0b\uff0c\u98ce\u666f\u5982\u753b\u3002\u4eba\u4eec\u5728\u8fd9\u91cc\u8fc7\u7740\u5b81\u9759\u800c\u5b9c\u4eba\u7684\u751f\u6d3b\uff0c\u8fdc\u79bb\u57ce\u5e02\u7684\u55a7\u56a3\u548c\u538b\u529b\u3002<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u500b\u4eba\u958b\u767a\u30a2\u30d7\u30ea\u3092\u4f5c\u308b\u6642\u306b\u3001LP\u7b49\u306e\u7528\u9014\u3067\u9759\u7684\u30d5\u30a1\u30a4\u30eb\u3092\u5358\u7d14\u306b\u4fdd\u5b58\u30fb\u914d\u4fe1\u3059\u308b\u3060\u3051\u306e\u30b5\u30fc\u30d0\u30fc\u304c\u5fc5\u8981\u306b\u306a\u308b\u3053\u3068\u304c\u591a\u3044\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u6bce\u56de AWS Management Console \u304b\u3089\u540c\u3058\u624b\u9806\u3067\u4f5c\u3063\u3066\u3044\u305f\u304c\u3001\u74b0\u5883\u3054\u3068\u306b\u8a2d\u5b9a\u3057\u305f\u308a\u3059\u308b\u306e\u3067\u5730\u5473\u306b\u9762\u5012\u304f\u3055\u3044<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">terraform \u3067\u300c\u30b3\u30fc\u30c9\u3092\u30b3\u30d4\u30da\u3059\u308b\u3060\u3051\u3067 S3, CloudFront, ACM, Route53 \u5468\u308a\u306e\u8a2d\u5b9a\u3092\u5b8c\u4e86\u3067\u304d\u308b\u300d\u3088\u3046\u306a\u72b6\u614b\u306b\u3057\u305f\u3044<\/ul>\n<\/li>\n<\/ul>\n<p>\u76f8\u624b\u306e\u672c\u68da\u3092\u8997\u3051\u308b\u30de\u30c3\u30c1\u30f3\u30b0\u30b5\u30fc\u30d3\u30b9\u300cMatchLab\u300d\u306e LP \u3092 terraform \u3067\u7ba1\u7406\u3067\u304d\u308b\u3088\u3046\u306b\u3057\u3066\u307f\u305f\u3002<\/p>\n<h2>\u7d22\u5f15<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">terraform \u3068\u306f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u4f7f\u3044\u65b9<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u65e2\u5b58\u306e\u30a4\u30f3\u30d5\u30e9\u3092 terraform \u7ba1\u7406\u306b\u79fb\u884c\u3059\u308b<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">GitLab CI\/CD \u3067\u5909\u66f4\u3092\u691c\u77e5\u3057\u3066\u81ea\u52d5\u5316<\/ul>\n<h2>terraform \u662f\u4ec0\u4e48\uff1f<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">https:\/\/www.terraform.io<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">AWS \u7b49\u306e\u30a4\u30f3\u30d5\u30e9\u306e\u8a2d\u5b9a\u3092\u5ba3\u8a00\u7684\u306b\u66f8\u3044\u3066\u304a\u304f\u3053\u3068\u3067\u3001\u30b3\u30fc\u30c9\u306b\u5fdc\u3058\u3066\u30ea\u30bd\u30fc\u30b9\u3092\u65b0\u898f\u4f5c\u6210\u3057\u305f\u308a\u8a2d\u5b9a\u5909\u66f4\u3057\u305f\u308a\u826f\u3044\u611f\u3058\u306b\u7ba1\u7406\u3057\u3066\u304f\u308c\u308bIaC\u30c4\u30fc\u30eb<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\u30b3\u30fc\u30c9\u3092\u66f8\u3044\u3066 CLI \u4e0a\u3067 terraform plan terraform apply \u306a\u3069\u3068\u5531\u3048\u308b\u3068\u73fe\u5728\u306e\u30a4\u30f3\u30d5\u30e9\u306e\u72b6\u614b\u3068\u8a2d\u5b9a\u306e\u5909\u66f4\u70b9\u3092\u78ba\u8a8d\u3057\u3066\u9069\u7528\u3057\u3066\u304f\u308c\u308b<\/ul>\n<h2>\u7528\u6cd5<\/h2>\n<h3>\u524d\u63d0- \u4e00\u5f00\u59cb\u7684\u6761\u4ef6\u6216\u5047\u8bbe<\/h3>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u4f5c\u696d\u7528\u306e IAM \u30e6\u30fc\u30b6\u30fc\u3092\u767a\u884c\u3057\u3066\u3001 Route53, S3, CloudFront, ACM \u306e\u6a29\u9650\u3092\u4e0e\u3048\u3066\u304a\u304f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u4f5c\u696d\u30b9\u30da\u30fc\u30b9\u306b AWS_ACCESS_KEY, AWS_SECRET_ACCESS_KEY \u3092\u305d\u308c\u305e\u308c\u6307\u5b9a\u3057\u3066\u304a\u304f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">terraform \u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3092\u7f6e\u304f\u7528\u306e S3 \u3092\u4f5c\u3063\u3066\u304a\u304f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">CDN \u306e\u30db\u30b9\u30c8\u540d\u306b\u3059\u308b\u305f\u3081\u306b Route53 \u306b Hosted Zone \u3092\u4f5c\u3063\u3066\u304a\u304f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">ACM \u3067\u4e0a\u8a18\u306e\u30db\u30b9\u30c8\u540d\u304a\u3088\u3073\u914d\u4e0b\u306e\u30b5\u30d6\u30c9\u30e1\u30a4\u30f3\u306e\u6697\u53f7\u5316\u306b\u5bfe\u5fdc\u3067\u304d\u308b SSL Certificate \u3092\u767a\u884c\u3057\u3066\u304a\u304f<\/ul>\n<h3>\u5728\u672c\u5730\u5b89\u88dd Terraform\u3002<\/h3>\n<p>\u5982\u679c\u60a8\u4f7f\u7528\u7684\u662f Mac\uff0c\u53ef\u4ee5\u901a\u8fc7 homebrew \u6765\u5b89\u88c5\u3002\u5176\u4ed6\u60c5\u51b5\u8bf7\u53c2\u8003 https:\/\/www.terraform.io\/downloads\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>brew tap hashicorp\/tap\r\n<span class=\"nv\">$ <\/span>brew <span class=\"nb\">install <\/span>hashicorp\/tap\/terraform\r\n<\/code><\/pre>\n<p>\u7531\u4e8e\u6211\u89c9\u5f97\u5728\u66f4\u6362\u7535\u8111\u65f6\u8fdb\u884c\u91cd\u65b0\u8bbe\u7f6e\u5f88\u9ebb\u70e6\uff0c\u6240\u4ee5\u5c06\u5176Docker\u5316\uff0c\u5e76\u5728\u5bb9\u5668\u5185\u8fdb\u884c\u64cd\u4f5c\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"k\">FROM<\/span><span class=\"s\"> hashicorp\/terraform:1.1.7<\/span>\r\n\r\n<span class=\"k\">WORKDIR<\/span><span class=\"s\"> \/app<\/span>\r\n<\/code><\/pre>\n<p>\u5bf9\u4e8e\u521a\u5f00\u59cb\u4f7f\u7528\u7684\u4eba\u6765\u8bf4\uff0c\u53ef\u4ee5\u5728DockerHub\u4e0a\u68c0\u67e5\u5e76\u5b89\u88c5hashicorp\/terraform\u7684\u6700\u65b0\u7248\u672c\uff0c\u8fd9\u6837\u4f1a\u5f88\u4e0d\u9519\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"na\">version<\/span><span class=\"pi\">:<\/span> <span class=\"s2\">\"<\/span><span class=\"s\">3\"<\/span>\r\n<span class=\"na\">services<\/span><span class=\"pi\">:<\/span>\r\n  <span class=\"na\">terraform<\/span><span class=\"pi\">:<\/span>\r\n    <span class=\"na\">build<\/span><span class=\"pi\">:<\/span> <span class=\"s\">.\/terraform<\/span>\r\n    <span class=\"na\">volumes<\/span><span class=\"pi\">:<\/span>\r\n      <span class=\"pi\">-<\/span> <span class=\"s\">.\/terraform:\/app<\/span>\r\n    <span class=\"na\">env_file<\/span><span class=\"pi\">:<\/span>\r\n      <span class=\"pi\">-<\/span> <span class=\"s\">.\/env\/terraform.env<\/span>\r\n<\/code><\/pre>\n<p>\u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u5bf9\u4e8e Docker\uff0chashicorp\/terraform\u955c\u50cf\u5df2\u6307\u5b9aentrypoint\uff0c\u56e0\u6b64\u8fdb\u5165\u5bb9\u5668\u65f6\u9700\u8981\u8986\u76d6entrypoint\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>docker-compose run <span class=\"nt\">--rm<\/span> <span class=\"nt\">--entrypoint<\/span> sh terraform\r\n<\/code><\/pre>\n<p>\u53ea\u9700\u8981\u5728\u6700\u540e\u8bbe\u7f6e terraform.env \u6587\u4ef6\u4e2d\u7684 AWS_ACCESS_KEY_ID \u548c AWS_SECRET_ACCESS_KEY\uff0c\u5f00\u53d1\u73af\u5883\u5c31\u4f1a\u5b8c\u6210\u3002<\/p>\n<h3>\u6700\u521d\u7684\u8bbe\u5b9a<\/h3>\n<p>\u9996\u5148\uff0c\u7f16\u5199\u8bbe\u7f6e\u4ee5\u5c06\u5f53\u524d\u57fa\u7840\u8bbe\u65bd\u72b6\u6001\u8bb0\u5f55\u5728S3\u4e0a\u7684tfstate\u6587\u4ef6\u4e2d\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"k\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"s2\">\"s3\"<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"terraform.match-lab.com\"<\/span>\r\n    <span class=\"nx\">key<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"staging\/terraform.tfstate\"<\/span>\r\n    <span class=\"nx\">region<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u63a5\u4e0b\u6765\u6307\u5b9aterraform\u8981\u8fde\u63a5\u7684\u5e73\u53f0\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"k\">provider<\/span> <span class=\"s2\">\"aws\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">region<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"k\">provider<\/span> <span class=\"s2\">\"aws\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">region<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"us-east-1\"<\/span>\r\n  <span class=\"nx\">alias<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"us-east-1\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u5728AWS\u7684\u60c5\u51b5\u4e0b\uff0c\u9700\u8981\u9488\u5bf9\u6bcf\u4e2a\u5730\u533a\u6307\u5b9a\u63d0\u4f9b\u8005\u3002<br \/>\n\u901a\u5e38\u53ea\u9700\u6307\u5b9aap-northeast-1\u5373\u53ef\uff0c\u4f46\u7531\u4e8e\u672c\u6b21\u5c06ACM\u8d44\u6e90\u521b\u5efa\u5728us-east-1\uff0c\u56e0\u6b64\u9700\u8981\u6dfb\u52a0\u4e24\u4e2a\u4ee5\u4fbf\u80fd\u591f\u8bbf\u95eeus-east-1\u3002<\/p>\n<p>\u63a5\u4e0b\u6765\uff0c\u9700\u8981\u6307\u5b9a terraform \u7684\u7248\u672c\u4ee5\u53ca\u7528\u4e8e\u4e86\u89e3 AWS \u670d\u52a1\u548c\u914d\u7f6e\u9879\u7684 provider \u7248\u672c\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"k\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">required_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"1.1.7\"<\/span>\r\n\r\n  <span class=\"nx\">required_providers<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">aws<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"4.4.0\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u5982\u679c\u63d0\u4f9b\u8005\u7684\u7248\u672c\u8fc7\u65e7\uff0c\u5219\u65e0\u6cd5\u8bbf\u95eeAWS\u7684\u6700\u65b0\u8bbe\u7f6e\u9879\uff0c\u56e0\u6b64\u5bf9\u4e8e\u65b0\u624b\u6765\u8bf4\uff0c\u6700\u597d\u67e5\u770bTerraform Registry\u5e76\u6307\u5b9a\u6700\u65b0\u7248\u672c\u3002<\/p>\n<p>\u5982\u679c\u6240\u6709\u4ee5\u4e0a\u7684\u6587\u4ef6\u90fd\u80fd\u591f\u653e\u7f6e\u5728\u540c\u4e00\u4e2a\u76ee\u5f55\u4e2d\uff0c\u90a3\u4e48\u5728\u8be5\u76ee\u5f55\u4e0b\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform init\r\n<\/code><\/pre>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d875f913a08637a6bfaf6\/30-0.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8 2022-03-13 16.47.24.png\" \/><\/div>\n<p>\u8fd9\u6837\u505a\u7684\u8bdd\u4f1a\u751f\u6210\u4e00\u4e2a\u540d\u4e3a.terraform.lock.hcl\u7684\u6587\u4ef6\u548c\u4e00\u4e2a\u540d\u4e3a.terraform\u7684\u6587\u4ef6\u5939\uff0c\u7136\u540e\u4ee5\u597d\u7684\u65b9\u5f0f\u7ed3\u675f\u3002\u5982\u679c\u4f7f\u7528git\u7ba1\u7406\uff0c\u6700\u597d\u5ffd\u7565.terraform\u6587\u4ef6\u5939\u3002<\/p>\n<p>\u81f3\u6b64\uff0c\u521d\u59cb\u8bbe\u7f6e\u5df2\u7ecf\u5b8c\u6210\u3002<\/p>\n<h3>\u5199\u8bbe\u7f6e\u6587\u4ef6<\/h3>\n<h4>\u4e3a\u6bcf\u4e2a\u73af\u5883\u8bbe\u7f6e\u4e0d\u540c\u7684\u53d8\u91cf\u503c\u3002<\/h4>\n<p>\u4e3a\u4e86\u5728\u6bcf\u4e2a\u73af\u5883\u4e2d\u590d\u5236\u7c98\u8d34\u4ee3\u7801\u65f6\u5c3d\u91cf\u4e0d\u8003\u8651\u4efb\u4f55\u4e8b\u60c5\uff0c\u6211\u5e0c\u671b\u80fd\u591f\u5c06\u6bcf\u4e2a\u73af\u5883\u4e2d\u7684\u4e0d\u540c\u503c\u96c6\u4e2d\u7ba1\u7406\u5230\u4e00\u4e2a\u6587\u4ef6\u4e2d\u3002\u56e0\u6b64\uff0c\u6211\u521b\u5efa\u4e86\u4ee5\u4e0b\u6587\u4ef6\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">locals<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">domain_name<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"match-lab.com\"<\/span>\r\n  <span class=\"nx\">bucket_name<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"lp.match-lab.com\"<\/span>\r\n  <span class=\"nx\">static_host_name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"match-lab.com\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">domain_name: Route53 \u3067\u53d6\u5f97\u3057\u305f Hosted Zone \u540d<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">bucket_name: \u9759\u7684\u30d5\u30a1\u30a4\u30eb\u3092\u4fdd\u5b58\u3059\u308b S3 \u306e\u30d0\u30b1\u30c3\u30c8\u540d<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">static_host_name: CloudFront \u304b\u3089\u914d\u4fe1\u3059\u308b\u969b\u306e\u30db\u30b9\u30c8\u540d\uff08\u30b5\u30d6\u30c9\u30e1\u30a4\u30f3\u53ef\uff09<\/ul>\n<p>\u5728\u8fd9\u91cc\u5b9a\u4e49\u7684\u53d8\u91cf\u53ef\u4ee5\u4ece\u6bcf\u4e2a\u8bbe\u7f6e\u6587\u4ef6\u4e2d\u8fdb\u884c\u5f15\u7528\u3002<\/p>\n<h4>\u5f00\u5c55\u5fc5\u8981\u7684\u670d\u52a1<\/h4>\n<pre class=\"post-pre\"><code><span class=\"c1\"># S3 bucket<\/span>\r\n<span class=\"k\">resource<\/span> <span class=\"s2\">\"aws_s3_bucket\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"kd\">local<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucket_name<\/span>\r\n\r\n  <span class=\"nx\">force_destroy<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"c1\"># CloudFront \u304c S3 \u306b\u30d5\u30a1\u30a4\u30eb\u3092\u53d6\u308a\u306b\u884c\u304f\u6642\u306e identity<\/span>\r\n<span class=\"k\">resource<\/span> <span class=\"s2\">\"aws_cloudfront_origin_access_identity\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">comment<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"access-identity-<\/span><span class=\"k\">${<\/span><span class=\"nx\">aws_s3_bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucket_regional_domain_name<\/span><span class=\"k\">}<\/span><span class=\"s2\">\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"c1\"># S3 bucket policy \u3067\u4e0a\u8a18\u306e identity \u306b GetObject \u306e\u6a29\u9650\u3092\u4ed8\u4e0e\u3059\u308b<\/span>\r\n<span class=\"k\">resource<\/span> <span class=\"s2\">\"aws_s3_bucket_policy\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_s3_bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span>\r\n\r\n  <span class=\"nx\">policy<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">jsonencode<\/span><span class=\"p\">(<\/span>\r\n    <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">Id<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"PolicyForCloudFrontPrivateContent\"<\/span>\r\n      <span class=\"nx\">Statement<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span>\r\n        <span class=\"p\">{<\/span>\r\n          <span class=\"nx\">Action<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"s3:GetObject\"<\/span>\r\n          <span class=\"nx\">Effect<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"Allow\"<\/span>\r\n          <span class=\"nx\">Principal<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n            <span class=\"nx\">AWS<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"arn:aws:iam::cloudfront:user\/CloudFront Origin Access Identity <\/span><span class=\"k\">${<\/span><span class=\"nx\">aws_cloudfront_origin_access_identity<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span><span class=\"k\">}<\/span><span class=\"s2\">\"<\/span>\r\n          <span class=\"p\">}<\/span>\r\n          <span class=\"nx\">Resource<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"arn:aws:s3:::<\/span><span class=\"k\">${<\/span><span class=\"kd\">local<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucket_name<\/span><span class=\"k\">}<\/span><span class=\"s2\">\/*\"<\/span>\r\n          <span class=\"nx\">Sid<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"1\"<\/span>\r\n        <span class=\"p\">}<\/span>\r\n      <span class=\"p\">]<\/span>\r\n      <span class=\"nx\">Version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"2008-10-17\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">)<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"c1\"># bucket \u4e0a\u306e object \u3078\u306e\u30a2\u30af\u30bb\u30b9\u6a29\u9650\u3092\u7ba1\u7406\u3059\u308b\u305f\u3081\u306e\u30ea\u30bd\u30fc\u30b9<\/span>\r\n<span class=\"c1\"># ref: https:\/\/docs.aws.amazon.com\/AmazonS3\/latest\/userguide\/about-object-ownership.html<\/span>\r\n<span class=\"k\">resource<\/span> <span class=\"s2\">\"aws_s3_bucket_ownership_controls\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">bucket<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_s3_bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span>\r\n\r\n  <span class=\"nx\">rule<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">object_ownership<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"BucketOwnerEnforced\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"c1\"># CloudFront distribution<\/span>\r\n<span class=\"k\">resource<\/span> <span class=\"s2\">\"aws_cloudfront_distribution\"<\/span> <span class=\"s2\">\"static_cdn\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">enabled<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n\r\n  <span class=\"nx\">origin<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">domain_name<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws_s3_bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucket_regional_domain_name<\/span>\r\n    <span class=\"nx\">origin_id<\/span>   <span class=\"p\">=<\/span> <span class=\"nx\">aws_s3_bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucket_regional_domain_name<\/span>\r\n\r\n    <span class=\"nx\">s3_origin_config<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">origin_access_identity<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"origin-access-identity\/cloudfront\/<\/span><span class=\"k\">${<\/span><span class=\"nx\">aws_cloudfront_origin_access_identity<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span><span class=\"k\">}<\/span><span class=\"s2\">\"<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">aliases<\/span>             <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"kd\">local<\/span><span class=\"p\">.<\/span><span class=\"nx\">static_host_name<\/span><span class=\"p\">]<\/span>\r\n  <span class=\"nx\">default_root_object<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"index.html\"<\/span>\r\n  <span class=\"nx\">is_ipv6_enabled<\/span>     <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n\r\n  <span class=\"nx\">default_cache_behavior<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">allowed_methods<\/span>        <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"GET\"<\/span><span class=\"p\">,<\/span> <span class=\"s2\">\"HEAD\"<\/span><span class=\"p\">]<\/span>\r\n    <span class=\"nx\">cached_methods<\/span>         <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"GET\"<\/span><span class=\"p\">,<\/span> <span class=\"s2\">\"HEAD\"<\/span><span class=\"p\">]<\/span>\r\n    <span class=\"nx\">target_origin_id<\/span>       <span class=\"p\">=<\/span> <span class=\"nx\">aws_s3_bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">static<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucket_regional_domain_name<\/span>\r\n    <span class=\"nx\">viewer_protocol_policy<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"redirect-to-https\"<\/span>\r\n    <span class=\"nx\">cache_policy_id<\/span>        <span class=\"p\">=<\/span> <span class=\"s2\">\"658327ea-f89d-4fab-a63d-7e88639e58f6\"<\/span> <span class=\"c1\"># CloudFront \u306b\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u7528\u610f\u3055\u308c\u3066\u3044\u308b Cache Policy \u306e ID<\/span>\r\n    <span class=\"nx\">compress<\/span>               <span class=\"p\">=<\/span> <span class=\"kc\">true<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">viewer_certificate<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">acm_certificate_arn<\/span>            <span class=\"p\">=<\/span> <span class=\"k\">data<\/span><span class=\"p\">.<\/span><span class=\"nx\">aws_acm_certificate<\/span><span class=\"p\">.<\/span><span class=\"nx\">certificate<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span>\r\n    <span class=\"nx\">cloudfront_default_certificate<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n    <span class=\"nx\">minimum_protocol_version<\/span>       <span class=\"p\">=<\/span> <span class=\"s2\">\"TLSv1.2_2021\"<\/span>\r\n    <span class=\"nx\">ssl_support_method<\/span>             <span class=\"p\">=<\/span> <span class=\"s2\">\"sni-only\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">restrictions<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">geo_restriction<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">restriction_type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"none\"<\/span>\r\n      <span class=\"nx\">locations<\/span>        <span class=\"p\">=<\/span> <span class=\"p\">[]<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"c1\"># CDN \u914d\u4fe1\u6642\u306b\u5229\u7528\u3059\u308b Route53 Record<\/span>\r\n<span class=\"c1\"># CloudFront distribution \u3078\u306e alias \u306b\u306a\u3063\u3066\u3044\u308b<\/span>\r\n<span class=\"k\">resource<\/span> <span class=\"s2\">\"aws_route53_record\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">zone_id<\/span> <span class=\"p\">=<\/span> <span class=\"k\">data<\/span><span class=\"p\">.<\/span><span class=\"nx\">aws_route53_zone<\/span><span class=\"p\">.<\/span><span class=\"nx\">primary<\/span><span class=\"p\">.<\/span><span class=\"nx\">zone_id<\/span>\r\n  <span class=\"nx\">name<\/span>    <span class=\"p\">=<\/span> <span class=\"kd\">local<\/span><span class=\"p\">.<\/span><span class=\"nx\">static_host_name<\/span>\r\n  <span class=\"nx\">type<\/span>    <span class=\"p\">=<\/span> <span class=\"s2\">\"A\"<\/span>\r\n\r\n  <span class=\"nx\">alias<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">evaluate_target_health<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n    <span class=\"nx\">name<\/span>                   <span class=\"p\">=<\/span> <span class=\"nx\">aws_cloudfront_distribution<\/span><span class=\"p\">.<\/span><span class=\"nx\">static_cdn<\/span><span class=\"p\">.<\/span><span class=\"nx\">domain_name<\/span>\r\n    <span class=\"nx\">zone_id<\/span>                <span class=\"p\">=<\/span> <span class=\"nx\">aws_cloudfront_distribution<\/span><span class=\"p\">.<\/span><span class=\"nx\">static_cdn<\/span><span class=\"p\">.<\/span><span class=\"nx\">hosted_zone_id<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h4>\u4ece\u591a\u4e2a\u73af\u5883\u4e2d\u8bfb\u53d6\u7528\u4f5c\u5916\u90e8\u8d44\u6e90\u7684\u8d44\u6e90\u3002<\/h4>\n<p>\u6211\u6b63\u5728\u8003\u8651\u9488\u5bf9\u6bcf\u4e2a\u73af\u5883\u5efa\u7acb\u4e00\u4e2a\u9759\u6001\u6587\u4ef6\u5206\u53d1\u670d\u52a1\u5668\u7684\u7528\u4f8b\u3002<\/p>\n<p>\u5047\u8bbe\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\uff0c\u751f\u4ea7\u73af\u5883\u4e3a https:\/\/match-lab.com\uff0c\u5f00\u53d1\u73af\u5883\u4e3a https:\/\/dev.match-lab.com\uff0cAWS Route53\u7684\u6258\u7ba1\u533a\u548cACM\u7684\u8bc1\u4e66\u5c06\u5728\u591a\u4e2a\u73af\u5883\u4e2d\u5171\u4eab\u4e00\u4e2a\u3002<\/p>\n<p>\u5982\u679c\u8981\u76f4\u63a5\u4f7f\u7528terraform\u6765\u7ba1\u7406\u8fd9\u79cd\u60c5\u51b5\uff0c\u90a3\u4e48\u5f53\u5728\u5176\u4e2d\u4e00\u4e2a\u73af\u5883\u4e2d\u5e94\u7528\u66f4\u6539\u65f6\uff0c\u5171\u4eab\u7684\u8d44\u6e90\u5c06\u540c\u65f6\u66f4\u6539\uff0c\u5bfc\u81f4\u5728\u53e6\u4e00\u4e2a\u73af\u5883\u4e2d\u4e5f\u4f1a\u53d1\u751f\u66f4\u6539\u3002<\/p>\n<p>\u56e0\u6b64\uff0c\u8003\u8651\u5230\u8d44\u6e90\u7684\u53d8\u66f4\u9891\u7387\u8f83\u4f4e\uff0c\u6211\u4eec\u51b3\u5b9a\u5728 terraform \u7ba1\u7406\u4e4b\u5916\u624b\u52a8\u521b\u5efa\u5e76\u5c06\u5176\u4f5c\u4e3a\u5916\u90e8\u8d44\u6e90\u52a0\u8f7d\u5230 terraform \u4e2d\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"k\">data<\/span> <span class=\"s2\">\"aws_route53_zone\"<\/span> <span class=\"s2\">\"primary\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"kd\">local<\/span><span class=\"p\">.<\/span><span class=\"nx\">domain_name<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"k\">data<\/span> <span class=\"s2\">\"aws_acm_certificate\"<\/span> <span class=\"s2\">\"certificate\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"k\">provider<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">aws<\/span><span class=\"p\">.<\/span><span class=\"nx\">us<\/span><span class=\"err\">-<\/span><span class=\"nx\">east<\/span><span class=\"err\">-<\/span><span class=\"mi\">1<\/span>\r\n  <span class=\"nx\">domain<\/span>   <span class=\"p\">=<\/span> <span class=\"kd\">local<\/span><span class=\"p\">.<\/span><span class=\"nx\">domain_name<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u901a\u8fc7\u8fd9\u6837\uff0c\u60a8\u53ef\u4ee5\u4ee5 data.aws_route53_zone.primary \u548c data.aws_acm_certificate.certificate \u7684\u540d\u79f0\u8bbf\u95ee\u73b0\u6709\u8d44\u6e90\u3002<\/p>\n<h3>\u786e\u8ba4\u8bbe\u5b9a\u53d8\u66f4\u70b9<\/h3>\n<p>\u7531\u4e8e\u5df2\u7ecf\u9f50\u5907\u4e86\u6240\u9700\u7684\u6587\u4ef6\uff0c\u73b0\u5728\u5c06\u5e94\u7528\u66f4\u6539\u5e76\u8fdb\u884c\u6a21\u62df\u4ee5\u786e\u8ba4\u7ed3\u679c\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform plan\r\nTerraform used the selected providers to generate the following execution plan. Resource actions are indicated with the\r\nfollowing symbols:\r\n  + create\r\n\r\nTerraform will perform the following actions:\r\n\r\n  <span class=\"c\"># aws_cloudfront_distribution.static_cdn will be created<\/span>\r\n  + resource <span class=\"s2\">\"aws_cloudfront_distribution\"<\/span> <span class=\"s2\">\"static_cdn\"<\/span> <span class=\"o\">{<\/span>\r\n      + aliases                        <span class=\"o\">=<\/span> <span class=\"o\">[<\/span>\r\n          + <span class=\"s2\">\"match-lab.com\"<\/span>,\r\n        <span class=\"o\">]<\/span>\r\n      + arn                            <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + caller_reference               <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + default_root_object            <span class=\"o\">=<\/span> <span class=\"s2\">\"index.html\"<\/span>\r\n      + domain_name                    <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + enabled                        <span class=\"o\">=<\/span> <span class=\"nb\">true<\/span>\r\n      + etag                           <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + hosted_zone_id                 <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + http_version                   <span class=\"o\">=<\/span> <span class=\"s2\">\"http2\"<\/span>\r\n      + <span class=\"nb\">id<\/span>                             <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + in_progress_validation_batches <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + is_ipv6_enabled                <span class=\"o\">=<\/span> <span class=\"nb\">true<\/span>\r\n      + last_modified_time             <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + price_class                    <span class=\"o\">=<\/span> <span class=\"s2\">\"PriceClass_All\"<\/span>\r\n      + retain_on_delete               <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n      + status                         <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + tags_all                       <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + trusted_key_groups             <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + trusted_signers                <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + wait_for_deployment            <span class=\"o\">=<\/span> <span class=\"nb\">true<\/span>\r\n\r\n      + default_cache_behavior <span class=\"o\">{<\/span>\r\n          + allowed_methods        <span class=\"o\">=<\/span> <span class=\"o\">[<\/span>\r\n              + <span class=\"s2\">\"GET\"<\/span>,\r\n              + <span class=\"s2\">\"HEAD\"<\/span>,\r\n            <span class=\"o\">]<\/span>\r\n          + cache_policy_id        <span class=\"o\">=<\/span> <span class=\"s2\">\"658327ea-f89d-4fab-a63d-7e88639e58f6\"<\/span>\r\n          + cached_methods         <span class=\"o\">=<\/span> <span class=\"o\">[<\/span>\r\n              + <span class=\"s2\">\"GET\"<\/span>,\r\n              + <span class=\"s2\">\"HEAD\"<\/span>,\r\n            <span class=\"o\">]<\/span>\r\n          + compress               <span class=\"o\">=<\/span> <span class=\"nb\">true<\/span>\r\n          + default_ttl            <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + max_ttl                <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + min_ttl                <span class=\"o\">=<\/span> 0\r\n          + target_origin_id       <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + trusted_key_groups     <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + trusted_signers        <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + viewer_protocol_policy <span class=\"o\">=<\/span> <span class=\"s2\">\"redirect-to-https\"<\/span>\r\n        <span class=\"o\">}<\/span>\r\n\r\n      + origin <span class=\"o\">{<\/span>\r\n          + connection_attempts <span class=\"o\">=<\/span> 3\r\n          + connection_timeout  <span class=\"o\">=<\/span> 10\r\n          + domain_name         <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + origin_id           <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n\r\n          + s3_origin_config <span class=\"o\">{<\/span>\r\n              + origin_access_identity <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n            <span class=\"o\">}<\/span>\r\n        <span class=\"o\">}<\/span>\r\n\r\n      + restrictions <span class=\"o\">{<\/span>\r\n          + geo_restriction <span class=\"o\">{<\/span>\r\n              + locations        <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n              + restriction_type <span class=\"o\">=<\/span> <span class=\"s2\">\"none\"<\/span>\r\n            <span class=\"o\">}<\/span>\r\n        <span class=\"o\">}<\/span>\r\n\r\n      + viewer_certificate <span class=\"o\">{<\/span>\r\n          + acm_certificate_arn            <span class=\"o\">=<\/span> <span class=\"s2\">\"arn:aws:acm:us-east-1:270422322105:certificate\/bfa4a6f0-3487-460b-84fb-fb845b9440ef\"<\/span>\r\n          + cloudfront_default_certificate <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n          + minimum_protocol_version       <span class=\"o\">=<\/span> <span class=\"s2\">\"TLSv1.2_2021\"<\/span>\r\n          + ssl_support_method             <span class=\"o\">=<\/span> <span class=\"s2\">\"sni-only\"<\/span>\r\n        <span class=\"o\">}<\/span>\r\n    <span class=\"o\">}<\/span>\r\n\r\n  <span class=\"c\"># aws_cloudfront_origin_access_identity.static will be created<\/span>\r\n  + resource <span class=\"s2\">\"aws_cloudfront_origin_access_identity\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"o\">{<\/span>\r\n      + caller_reference                <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + cloudfront_access_identity_path <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + comment                         <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + etag                            <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + iam_arn                         <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + <span class=\"nb\">id<\/span>                              <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + s3_canonical_user_id            <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n    <span class=\"o\">}<\/span>\r\n\r\n  <span class=\"c\"># aws_route53_record.static will be created<\/span>\r\n  + resource <span class=\"s2\">\"aws_route53_record\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"o\">{<\/span>\r\n      + allow_overwrite <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + fqdn            <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + <span class=\"nb\">id<\/span>              <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + name            <span class=\"o\">=<\/span> <span class=\"s2\">\"match-lab.com\"<\/span>\r\n      + <span class=\"nb\">type<\/span>            <span class=\"o\">=<\/span> <span class=\"s2\">\"A\"<\/span>\r\n      + zone_id         <span class=\"o\">=<\/span> <span class=\"s2\">\"Z28PJVS3TJX39E\"<\/span>\r\n\r\n      + <span class=\"nb\">alias<\/span> <span class=\"o\">{<\/span>\r\n          + evaluate_target_health <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n          + name                   <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + zone_id                <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n        <span class=\"o\">}<\/span>\r\n    <span class=\"o\">}<\/span>\r\n\r\n  <span class=\"c\"># aws_s3_bucket.static will be created<\/span>\r\n  + resource <span class=\"s2\">\"aws_s3_bucket\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"o\">{<\/span>\r\n      + acceleration_status                  <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + acl                                  <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + arn                                  <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + bucket                               <span class=\"o\">=<\/span> <span class=\"s2\">\"lp.match-lab.com\"<\/span>\r\n      + bucket_domain_name                   <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + bucket_regional_domain_name          <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + cors_rule                            <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + force_destroy                        <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n      + grant                                <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + hosted_zone_id                       <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + <span class=\"nb\">id<\/span>                                   <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + lifecycle_rule                       <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + logging                              <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + object_lock_enabled                  <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + policy                               <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + region                               <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + replication_configuration            <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + request_payer                        <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + server_side_encryption_configuration <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + tags_all                             <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + versioning                           <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + website                              <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + website_domain                       <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + website_endpoint                     <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n\r\n      + object_lock_configuration <span class=\"o\">{<\/span>\r\n          + object_lock_enabled <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n          + rule                <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n        <span class=\"o\">}<\/span>\r\n    <span class=\"o\">}<\/span>\r\n\r\n  <span class=\"c\"># aws_s3_bucket_ownership_controls.static will be created<\/span>\r\n  + resource <span class=\"s2\">\"aws_s3_bucket_ownership_controls\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"o\">{<\/span>\r\n      + bucket <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + <span class=\"nb\">id<\/span>     <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n\r\n      + rule <span class=\"o\">{<\/span>\r\n          + object_ownership <span class=\"o\">=<\/span> <span class=\"s2\">\"BucketOwnerEnforced\"<\/span>\r\n        <span class=\"o\">}<\/span>\r\n    <span class=\"o\">}<\/span>\r\n\r\n  <span class=\"c\"># aws_s3_bucket_policy.static will be created<\/span>\r\n  + resource <span class=\"s2\">\"aws_s3_bucket_policy\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"o\">{<\/span>\r\n      + bucket <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + <span class=\"nb\">id<\/span>     <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + policy <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n    <span class=\"o\">}<\/span>\r\n\r\nPlan: 6 to add, 0 to change, 0 to destroy.\r\n\r\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\r\nNote: You didn<span class=\"s1\">'t use the -out option to save this plan, so Terraform can'<\/span>t guarantee to take exactly these actions <span class=\"k\">if <\/span>you\r\nrun <span class=\"s2\">\"terraform apply\"<\/span> now.\r\n<\/code><\/pre>\n<p>\u53ef\u4ee5\u4e8b\u5148\u77e5\u9053\u54ea\u4e9b\u8d44\u6e90\u4f1a\u88ab\u6dfb\u52a0\/\u66f4\u6539\/\u5220\u9664\uff0c\u6240\u4ee5\u5728\u5e94\u7528\u4e4b\u524d\u53ef\u4ee5\u7ecf\u5e38\u786e\u8ba4\uff0c\u8fd9\u6837\u5c31\u53ef\u4ee5\u653e\u5fc3\u4e86\u3002<\/p>\n<h3>\u5e94\u7528\u8bbe\u7f6e\u66f4\u6539<\/h3>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform apply\r\n<\/code><\/pre>\n<p>\u5f53\u88ab\u786e\u8ba4\u53ef\u4ee5\u6267\u884c\u65f6\uff0c\u56de\u7b54&#8221;\u662f&#8221;\u540e\u5c06\u4f1a\u6267\u884c\u64cd\u4f5c\u3002<br \/>\n\u5b83\u4f1a\u7acb\u5373\u5e2e\u6211\u4eec\u521b\u5efa\u65b0\u7684S3 bucket\u3001CloudFront Distribution\u548cRoute53 Record\u7b49\u3002<\/p>\n<p>\u4e3a\u4e86\u786e\u8ba4\u64cd\u4f5c\u662f\u5426\u6210\u529f\uff0c\u5c1d\u8bd5\u5c06\u4e00\u4e2a\u56fe\u7247\u6587\u4ef6\u4e0a\u4f20\u5230\u65b0\u5efa\u7684S3\uff0c\u5e76\u6253\u5f00\u6307\u5b9a\u7684\u57df\u540d\uff0c\u56fe\u7247\u987a\u5229\u663e\u793a\u51fa\u6765\u3002<\/p>\n<h3>\u5904\u7406\u4e0d\u518d\u9700\u8981\u7684\u73af\u5883<\/h3>\n<p>\u5f53\u9700\u8981\u5220\u9664\u6574\u4e2a\u73af\u5883\u65f6\uff0c\u53ea\u9700\u4e00\u4e2a\u547d\u4ee4\u5373\u53ef\u5b8c\u6210\u5220\u9664\u3002<br \/>\n\uff08\u7531\u4e8e\u6587\u4ef6\u5b58\u5728\u4e8eS3\u4e2d\uff0c\u65e0\u6cd5\u76f4\u63a5\u5220\u9664\u5b58\u50a8\u6876\uff0c\u56e0\u6b64\u9700\u8981\u4e8b\u5148\u5220\u9664\u6587\u4ef6\u3002\uff09<\/p>\n<p>\u5728\u6267\u884c\u5220\u9664\u547d\u4ee4\u4e4b\u524d\uff0c\u5148\u786e\u8ba4\u5b9e\u9645\u5c06\u5220\u9664\u4ec0\u4e48\u5185\u5bb9\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform plan <span class=\"nt\">-destroy<\/span>\r\n<\/code><\/pre>\n<p>\u6267\u884c\u5220\u9664\u547d\u4ee4\u524d\u8bf7\u786e\u8ba4\u6ca1\u6709\u95ee\u9898\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform destroy\r\n<\/code><\/pre>\n<p>\u7528\u8fd9\u4e2a\u65b9\u6cd5\u53ef\u4ee5\u5b8c\u5168\u5220\u9664\u3002<\/p>\n<h2>\u5c06\u73b0\u6709\u7684\u57fa\u7840\u8bbe\u65bd\u8fc1\u79fb\u5230 Terraform \u7ba1\u7406\u4e0b<\/h2>\n<p>\u6709\u65f6\u5019\uff0c\u5df2\u7ecf\u901a\u8fc7 AWS \u7ba1\u7406\u63a7\u5236\u53f0\u521b\u5efa\u7684\u8d44\u6e90\u5e0c\u671b\u540e\u6765\u8f6c\u79fb\u5230 terraform \u8fdb\u884c\u7ba1\u7406\u3002<br \/>\n\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\uff0c\u53ef\u4ee5\u901a\u8fc7\u5c06\u73b0\u6709\u8d44\u6e90\u53cd\u6620\u5230 tfstate \u6587\u4ef6\u4e2d\uff0c\u6765\u5b9e\u73b0\u8fc1\u79fb \u2192 \u7136\u540e\u4fee\u6539\u914d\u7f6e\u6587\u4ef6\uff0c\u4ee5\u786e\u4fdd tfstate \u6587\u4ef6\u4e0e\u8d44\u6e90\u4e00\u81f4\uff0c\u6700\u540e\u5b8c\u6210\u8fc1\u79fb\u7684\u6b65\u9aa4\u3002<\/p>\n<h3>\u5c06\u73b0\u6709\u8d44\u6e90\u540c\u6b65\u5230 tfstate \u4e2d<\/h3>\n<p>\u4f7f\u7528 Terraform import \u547d\u4ee4\u3002<br \/>\n\u4f8b\u5982\uff0c\u8981\u5c06\u73b0\u6709\u7684 S3 \u5b58\u50a8\u6876\u53cd\u6620\u5230 tfstate \u4e2d\uff0c\u53ef\u4ee5\u5148\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u6dfb\u52a0 resource \u5757\uff0c\u7136\u540e\u6267\u884c\u547d\u4ee4\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"k\">resource<\/span> <span class=\"s2\">\"aws_s3_bucket\"<\/span> <span class=\"s2\">\"static\"<\/span> <span class=\"p\">{<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform import aws_s3_bucket.static match-lab.com\r\n<\/code><\/pre>\n<p>\u5f53\u60a8\u60f3\u8981\u67e5\u627e\u8981\u5bfc\u5165\u7684\u8d44\u6e90\u540d\u79f0\u65f6\uff0c\u53ef\u4ee5\u5728\u6587\u6863\u4e2d\u8fdb\u884c\u641c\u7d22\uff0c\u7acb\u5373\u5c31\u80fd\u627e\u5230\u3002<\/p>\n<p>\u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u5982\u679c\u4e0d\u5c0f\u5fc3\u5bfc\u5165\u4e86\u9519\u8bef\u7684\u8d44\u6e90\uff0c\u76f4\u63a5\u5220\u9664\u8d44\u6e90\u5757\u540e\uff0c\u4e0b\u4e00\u6b21\u5e94\u7528\u65f6\u5bfc\u5165\u7684\u8d44\u6e90\u5c06\u88ab\u5220\u9664\uff0c\u56e0\u6b64\u9700\u8981\u5c06\u5176\u4ecetfstate\u7ba1\u7406\u4e2d\u6392\u9664\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform state <span class=\"nb\">rm <\/span>aws_s3_bucket.static\r\n<\/code><\/pre>\n<h3>\u4e3a\u4e86\u786e\u4fdd\u4e0etfstate\u6ca1\u6709\u5dee\u5f02\uff0c\u4fee\u6539\u914d\u7f6e\u6587\u4ef6\u3002<\/h3>\n<p>\u4f7f\u7528terraform plan\u547d\u4ee4\u53ef\u4ee5\u663e\u793a\u7f3a\u5c11\u7684\u914d\u7f6e\u9879\u4ee5\u53ca\u5728\u5f53\u524d\u60c5\u51b5\u4e0b\u6267\u884c\u4f1a\u4ea7\u751f\u7684\u5dee\u5f02\uff0c\u56e0\u6b64\u9700\u8981\u586b\u8865\u914d\u7f6e\u6587\u4ef6\u4e2d\u7684\u5dee\u5f02\u90e8\u5206\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nv\">$ <\/span>terraform plan\r\n<\/code><\/pre>\n<p>\u4e00\u65e6\u6ca1\u6709\u5dee\u5f02\uff0c\u5373\u53ef\u5e94\u7528\u5e76\u4e14\u4e0d\u4f1a\u4ea7\u751f\u4efb\u4f55\u53d8\u5316\uff0c\u8fd9\u6837\u6211\u4eec\u5c31\u53ef\u4ee5\u987a\u5229\u5730\u5c06\u5176\u7eb3\u5165terraform\u7684\u7ba1\u7406\u4e4b\u4e0b\u3002\u592a\u68d2\u4e86\uff01<\/p>\n<h2>\u901a\u8fc7GitLab CI\/CD\u68c0\u6d4b\u5230\u53d8\u66f4\u5e76\u81ea\u52a8\u5316\u64cd\u4f5c\u3002<\/h2>\n<p>\u6211\u7684\u4e00\u4e2aIaC\u7684\u91cd\u8981\u4f18\u70b9\u662f\u80fd\u591f\u901a\u8fc7\u7248\u672c\u7ba1\u7406\u6765\u7ba1\u7406\u53d8\u66f4\uff0c\u56e0\u6b64\u6211\u5e0c\u671b\u5728\u5408\u5e76PR\u65f6\u80fd\u591f\u81ea\u52a8\u5728CI\u4e2d\u5e94\u7528\u3002<br \/>\n\u7531\u4e8e\u8fd9\u4e2a\u9879\u76ee\u4f7f\u7528\u7684\u662fGitLab\uff0c\u6240\u4ee5\u6211\u4f7f\u7528\u4e86GitLab CI\/CD\u5e76\u8fdb\u884c\u4e86\u4ee5\u4e0b\u914d\u7f6e\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"na\">cache<\/span><span class=\"pi\">:<\/span>\r\n  <span class=\"na\">paths<\/span><span class=\"pi\">:<\/span>\r\n    <span class=\"pi\">-<\/span> <span class=\"s\">.\/terraform\/.terraform<\/span>\r\n<span class=\"na\">terraform-apply-staging<\/span><span class=\"pi\">:<\/span>\r\n  <span class=\"na\">image<\/span><span class=\"pi\">:<\/span>\r\n    <span class=\"na\">name<\/span><span class=\"pi\">:<\/span> <span class=\"s\">hashicorp\/terraform:1.1.7<\/span>\r\n    <span class=\"na\">entrypoint<\/span><span class=\"pi\">:<\/span> <span class=\"pi\">[<\/span><span class=\"s2\">\"<\/span><span class=\"s\">\"<\/span><span class=\"pi\">]<\/span>\r\n  <span class=\"na\">stage<\/span><span class=\"pi\">:<\/span> <span class=\"s\">deploy<\/span>\r\n  <span class=\"na\">environment<\/span><span class=\"pi\">:<\/span>\r\n    <span class=\"na\">name<\/span><span class=\"pi\">:<\/span> <span class=\"s\">terraform<\/span>\r\n  <span class=\"na\">rules<\/span><span class=\"pi\">:<\/span>\r\n    <span class=\"pi\">-<\/span> <span class=\"na\">if<\/span><span class=\"pi\">:<\/span> <span class=\"s1\">'<\/span><span class=\"s\">$CI_COMMIT_BRANCH<\/span> <span class=\"s\">==<\/span> <span class=\"s\">\"master\"'<\/span>\r\n      <span class=\"na\">changes<\/span><span class=\"pi\">:<\/span>\r\n        <span class=\"pi\">-<\/span> <span class=\"s\">terraform\/**\/*<\/span>\r\n  <span class=\"na\">script<\/span><span class=\"pi\">:<\/span>\r\n    <span class=\"pi\">-<\/span> <span class=\"s\">cd ${CI_PROJECT_DIR}\/terraform<\/span>\r\n    <span class=\"pi\">-<\/span> <span class=\"s\">terraform init<\/span>\r\n    <span class=\"pi\">-<\/span> <span class=\"s\">terraform apply -auto-approve<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u958b\u767a\u74b0\u5883\u3068\u540c\u69d8\u306b Docker \u306e hashicorp\/terraform \u30a4\u30e1\u30fc\u30b8\u3092\u5229\u7528\u3057\u305f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">entrypoint \u3092 [&#8220;&#8221;] \u3067\u4e0a\u66f8\u304d\u3059\u308b\u3053\u3068\u3067 script \u3092\u5b9f\u884c\u3067\u304d\u308b\u3088\u3046\u306b\u3057\u305f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">master \u30d6\u30e9\u30f3\u30c1\u306b\u30de\u30fc\u30b8\u3055\u308c\u305f\u6642\u70b9\u3067 apply \u3092\u5b9f\u884c\u3059\u308b\u3088\u3046\u306b\u3057\u305f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">CI \u4e0a\u3067 yes \u3068\u56de\u7b54\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u305a\u30a8\u30e9\u30fc\u306b\u306a\u308b\u306e\u3067 -auto-approve \u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u6307\u5b9a\u3057\u305f<\/ul>\n<\/li>\n<\/ul>\n<p>.terraform \u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306f\u30d0\u30fc\u30b8\u30e7\u30f3\u3092\u5909\u66f4\u3057\u306a\u3044\u9650\u308a\u6bce\u56de\u540c\u3058\u306a\u306e\u3067 cache \u3057\u305f<\/p>\n<h2>\u603b\u7ed3<\/h2>\n<p>\u5728\u5bfc\u5165\u73b0\u6709\u8d44\u6e90\u7684\u8fc7\u7a0b\u4e2d\uff0c\u6211\u610f\u8bc6\u5230\u5728\u4e0d\u540c\u73af\u5883\u4e2d\u5b58\u5728\u4e0d\u540c\u7684\u914d\u7f6e\u5dee\u5f02\uff0c\u5e76\u80fd\u591f\u7edf\u4e00\u8fd9\u4e9b\u5dee\u5f02\uff0c\u540c\u65f6\u901a\u8fc7\u67e5\u9605 Terraform \u6587\u6863\uff0c\u6211\u53d1\u73b0\u4e86\u4e00\u4e9b\u6211\u4e0d\u719f\u6089\u7684\u914d\u7f6e\u9879\uff0c\u8fd9\u8ba9\u6211\u5b66\u5230\u4e86\u5f88\u591a\u4e1c\u897f\u3002<\/p>\n<p>GitLab \u5b98\u65b9\u6709\u4e00\u4e2a\u7c7b\u4f3c\u4e8e\u4e3a Terraform \u521b\u5efa\u7684\u914d\u7f6e\u96c6\u5408\u7684 GitLab CI\uff0c\u5f53\u6211\u9605\u8bfb\u5b83\u65f6\uff0c\u53ef\u4ee5\u4e86\u89e3\u5230\u4e00\u4e9b\u65b0\u7684\u8bbe\u7f6e\u9879\uff0c\u975e\u5e38\u65b9\u4fbf\u3002<\/p>\n<p>\u6211\u89c9\u5f97\u4ee5\u540e\u8981\u642d\u5efa\u9759\u6001\u6587\u4ef6\u4f20\u8f93\u670d\u52a1\u5668\u7684\u8bdd\uff0c\u53ea\u9700\u590d\u5236\u7c98\u8d34\u8fd9\u4e2a\uff0c\u5c31\u80fd\u8f7b\u677e\u5b8c\u6210\uff0c\u611f\u89c9\u4f1a\u8f7b\u677e\u5f88\u591a\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5728\u4e2d\u56fd\u5357\u65b9\uff0c\u6709\u4e00\u5ea7\u7f8e\u4e3d\u7684\u5c0f\u57ce\u5e02\u3002\u8fd9\u5ea7\u57ce\u5e02\u5750\u843d\u5728\u84dd\u5929\u548c\u7fe0\u7eff\u5c71\u8109\u7684\u6620\u886c\u4e0b\uff0c\u98ce\u666f\u5982\u753b\u3002\u4eba\u4eec\u5728\u8fd9\u91cc\u8fc7\u7740\u5b81\u9759\u800c\u5b9c\u4eba\u7684\u751f\u6d3b [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48851","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u901a\u8fc7terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001\" \/>\n<meta property=\"og:description\" content=\"\u5728\u4e2d\u56fd\u5357\u65b9\uff0c\u6709\u4e00\u5ea7\u7f8e\u4e3d\u7684\u5c0f\u57ce\u5e02\u3002\u8fd9\u5ea7\u57ce\u5e02\u5750\u843d\u5728\u84dd\u5929\u548c\u7fe0\u7eff\u5c71\u8109\u7684\u6620\u886c\u4e0b\uff0c\u98ce\u666f\u5982\u753b\u3002\u4eba\u4eec\u5728\u8fd9\u91cc\u8fc7\u7740\u5b81\u9759\u800c\u5b9c\u4eba\u7684\u751f\u6d3b [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u901a\u8fc7terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-25T01:33:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-28T23:48:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d875f913a08637a6bfaf6\/30-0.png\" \/>\n<meta name=\"author\" content=\"\u6e05, \u5b87\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6e05, \u5b87\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/\",\"name\":\"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-07-25T01:33:19+00:00\",\"dateModified\":\"2024-04-28T23:48:10+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e\",\"name\":\"\u6e05, \u5b87\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g\",\"caption\":\"\u6e05, \u5b87\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyu\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u901a\u8fc7terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\/","og_locale":"zh_CN","og_type":"article","og_title":"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001","og_description":"\u5728\u4e2d\u56fd\u5357\u65b9\uff0c\u6709\u4e00\u5ea7\u7f8e\u4e3d\u7684\u5c0f\u57ce\u5e02\u3002\u8fd9\u5ea7\u57ce\u5e02\u5750\u843d\u5728\u84dd\u5929\u548c\u7fe0\u7eff\u5c71\u8109\u7684\u6620\u886c\u4e0b\uff0c\u98ce\u666f\u5982\u753b\u3002\u4eba\u4eec\u5728\u8fd9\u91cc\u8fc7\u7740\u5b81\u9759\u800c\u5b9c\u4eba\u7684\u751f\u6d3b [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u901a\u8fc7terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-07-25T01:33:19+00:00","article_modified_time":"2024-04-28T23:48:10+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d875f913a08637a6bfaf6\/30-0.png"}],"author":"\u6e05, \u5b87","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6e05, \u5b87","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"6 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/","name":"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-07-25T01:33:19+00:00","dateModified":"2024-04-28T23:48:10+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u901a\u8fc7Terraform\uff0c\u5c06\u9759\u6001\u6587\u4ef6\u4f20\u9012\u670d\u52a1\u5668\u7684\u57fa\u7840\u8bbe\u65bd\u8c03\u6574\u4e3a\u53ef\u8fdb\u884c\u590d\u5236\u7c98\u8d34\u7684\u72b6\u6001"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/1a6ecd3d914d22a5ac32791ffc1fbd8e","name":"\u6e05, \u5b87","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4b2016c18459a605fc469c7566608f5686491baa112d0871ee613f61b7210565?s=96&d=mm&r=g","caption":"\u6e05, \u5b87"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyu\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e9%80%9a%e8%bf%87terraform%ef%bc%8c%e5%b0%86%e9%9d%99%e6%80%81%e6%96%87%e4%bb%b6%e4%bc%a0%e9%80%92%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e5%9f%ba%e7%a1%80%e8%ae%be%e6%96%bd%e8%b0%83%e6%95%b4%e4%b8%ba\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48851","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=48851"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48851\/revisions"}],"predecessor-version":[{"id":83973,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48851\/revisions\/83973"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=48851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=48851"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=48851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}