- \u7d44\u7e54\u306e\u4f5c\u6210\u3068\u5171\u6709 VPC \u69cb\u7bc9<\/ul>\n<\/li>\n<\/ul>\n
- \n
- \u524d\u671f\u51c6\u5907 \/ \u57df\u540d\u83b7\u53d6\u00b7CloudIdentity\u542f\u7528\uff08\u624b\u52a8\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u521b\u5efaterraform\u7ba1\u7406\u9879\u76ee\uff08prestage\/\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u7ec4\u7ec7\u8bbe\u7f6e\uff08organaization.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u521b\u5efa\u4e3b\u673a\u9879\u76ee\uff08host.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u521b\u5efa\u670d\u52a1\u9879\u76ee\uff08service1.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u521b\u5efa\u5b50\u7f51\uff08subnet.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u8bbe\u7f6e\u9632\u706b\u5899\uff08firewall.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u8bbe\u7f6eDNS\uff08\u9650\u5b9a\u516c\u5f00Google\u8bbf\u95ee\uff09\uff08dns.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u521b\u5efaHA VPN\uff08vpn.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u8bbe\u7f6e\u9762\u5411\u4e92\u8054\u7f51\u7684NAT\uff08cloudnat.tf\uff09<\/ol>\n<\/li>\n<\/ol>\n
- \n
- \u30c9\u30e1\u30a4\u30f3\u53d6\u5f97<\/ul>\n<\/li>\n<\/ul>\n
- \n
- Create the Terraform Admin Project<\/ul>\n<\/li>\n<\/ul>\n
terraform admin project \u306e\u4f5c\u6210
\n\u7d44\u7e54\u914d\u4e0b\u306e\u6307\u5b9a\u3092\u3059\u308b<\/p>\nCreate the Terraform service account<\/p>\n
terraform \u3092\u52d5\u304b\u3059\u305f\u3081\u306e service account \u3092\u4f5c\u6210\u3059\u308b
\nprestage \u306f gcloud \u306e\u8a8d\u8a3c\u30a2\u30ab\u30a6\u30f3\u30c8\u3067\u52d5\u304b\u3059\u304c\u3001\u4eca\u5f8c\u30b5\u30fc\u30d0\u7b49\u3067\u52d5\u304b\u3059\u3053\u3068\u304c\u53ef\u80fd\u306b\u306a\u308b
\nservice account \u306e\u8a8d\u8a3c\u30ad\u30fc (json) \u306f\u30d5\u30a1\u30a4\u30eb\u3068\u3057\u3066\u51fa\u529b\u3057\u3001\u305d\u306e\u5f8c\u306e\u5fc5\u8981\u30b3\u30de\u30f3\u30c9\u306f output \u3067\u51fa\u529b\u3059\u308b
\nterraform \u3067\u5fc5\u8981\u306a API \u3092\u6709\u52b9\u5316\u3059\u308b<\/p>\nAdd organization\/folder-level permissions<\/p>\n
terraform service account \u306b\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u4f5c\u6210\u6a29\u9650\u3068\u8ab2\u91d1\u30e6\u30fc\u30b6\u6a29\u9650\u306a\u3069\u3092\u4ed8\u4e0e\u3059\u308b<\/p>\n
terraform state \u306e\u4fdd\u5b58\u5148\u30b9\u30c8\u30ec\u30fc\u30b8\u306e\u4f5c\u6210 \/ Set up remote state in Cloud Storage<\/p>\n
terraform \u306e backend \u306b\u3059\u308b Cloud Storage \u3092\u4f5c\u6210\u3059\u308b
\nbackend \u8a2d\u5b9a\u306e\u8a18\u8f09\u65b9\u6cd5\u306f output \u3067\u51fa\u529b\u3059\u308b<\/p>\n\u251c\u2500\u2500 prestage\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 main.tf\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 output.tf\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 variables.tf\r\n<\/code><\/pre>\n\u4f5c\u4e3a\u53d8\u91cf\uff0c\u51c6\u5907\u4ee5\u4e0b\u5185\u5bb9\uff1a
\n\u6839\u636e\u8bc4\u8bba\u6240\u5199\uff0c\u5728\u88ab\u6807\u8bb0\u4e3a xxx \u5e76\u906e\u853d\u7684\u5730\u65b9\u8fdb\u884c\u66f4\u6539\u3002<\/p>\n# org_id (\u4e0b\u8a18\u3067\u51fa\u529b\u3055\u308c\u308b \"ID\" \u3092 \"org_id\" \u306e\u5024\u306b\u3059\u308b)<\/span>\r\n## gcloud organizations list<\/span>\r\n# billing_account (\u4e0b\u8a18\u3067\u51fa\u529b\u3055\u308c\u308b \"ACCOUNT_ID\" \u3092 \"billing_account\" \u306e\u5024\u306b\u3059\u308b)<\/span>\r\n## gcloud beta billing accounts list<\/span>\r\n# gcp-terraform-admin@[xxx.xxx]<\/span>\r\n## \u7d44\u7e54\u3067\u4f7f\u7528\u3059\u308b\u30c9\u30e1\u30a4\u30f3(xxx.xxx)\u306e Cloud Identity \u3067\u4e8b\u524d\u306b Terraform \u7ba1\u7406\u30e6\u30fc\u30b6\u30b0\u30eb\u30fc\u30d7\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u30b0\u30eb\u30fc\u30d7\u3092\u4f5c\u6210\u3057\u3066\u304a\u304f(\u540c\u3058\u6a29\u9650\u306b\u3057\u3066\u5207\u308a\u5206\u3051\u3088\u3046)<\/span>\r\n# org_name<\/span>\r\n## \u7d44\u7e54\u306e\u8b58\u5225\u5b50\u3001\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306e\u547d\u540d\u306b\u5fc5\u8981\u306a\u3060\u3051\u3067\u4f55\u3067\u3082\u826f\u3044<\/span>\r\n\r\nvariable<\/span> \"gcp_common\"<\/span> {<\/span>\r\n type<\/span> =<\/span> object<\/span>(<\/span>{<\/span>\r\n org_name<\/span> =<\/span> string<\/span>\r\n org_id<\/span> =<\/span> string<\/span>\r\n billing_account<\/span> =<\/span> string<\/span>\r\n }<\/span>)<\/span>\r\n default<\/span> =<\/span> {<\/span>\r\n org_name<\/span> =<\/span> \"xxxxxx\"<\/span>\r\n org_id<\/span> =<\/span> \"xxxxxxxxxxxx\"<\/span>\r\n billing_account<\/span> =<\/span> \"xxxxxx-xxxxxx-xxxxxx\"<\/span>\r\n }<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"admin_user_group\"<\/span> {<\/span>\r\n type<\/span> =<\/span> object<\/span>(<\/span>{<\/span>\r\n email<\/span> =<\/span> string<\/span>\r\n }<\/span>)<\/span>\r\n default<\/span> =<\/span> {<\/span>\r\n email<\/span> =<\/span> \"gcp-terraform-admin@[xxx.xxx]\"<\/span>\r\n }<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"terraform_pj\"<\/span> {<\/span>\r\n type<\/span> =<\/span> object<\/span>(<\/span>{<\/span>\r\n identity_name<\/span> =<\/span> string<\/span>\r\n }<\/span>)<\/span>\r\n default<\/span> =<\/span> {<\/span>\r\n identity_name<\/span> =<\/span> \"terraformadmin\"<\/span>\r\n }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n\u5728 terraform \u4e2d\u7684\u6267\u884c\u5185\u5bb9\u5982\u4e0b\u6240\u793a\u7684 main.tf \u6587\u4ef6\u6240\u793a
\n\u6839\u636e\u6ce8\u91ca\u8fdb\u884c\u9884\u5148\u64cd\u4f5c(\u6267\u884c\u547d\u4ee4\u8bf7\u53c2\u8003\u6ce8\u91ca)<\/p>\n- \n
- \n
- \u8ab2\u91d1\u30a2\u30ab\u30a6\u30f3\u30c8\u3078\u6a29\u9650\u3092\u4ed8\u4e0e\u3059\u308b<\/ul>\n<\/li>\n<\/ul>\n
\u8ab2\u91d1\u30a2\u30ab\u30a6\u30f3\u30c8(variables.tf\u3067billing_account)\u3078\u4eca\u56de gcloud \u3092\u5b9f\u65bd\u3059\u308b\u7d44\u7e54\u7ba1\u7406\u8005\u30a2\u30ab\u30a6\u30f3\u30c8\u3078\u6a29\u9650\u3092\u4ed8\u4e0e\u3059\u308b<\/p>\n
\u7d44\u7e54\u7ba1\u7406\u8005\u30a2\u30ab\u30a6\u30f3\u30c8\u3067 gcloud \u8a2d\u5b9a\u3092\u3059\u308b
\n\u7d44\u7e54\u30dd\u30ea\u30b7\u30fc\u3092\u64cd\u4f5c\u3067\u304d\u308b\u3088\u3046\u306b\u6a29\u9650\u3092\u4ed8\u4e0e\u3059\u308b
\nworkspace \u306e\u540d\u524d\u3067\u74b0\u5883\u540d\u3068\u3057\u3066\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306b\u540d\u79f0\u4ed8\u4e0e\u3059\u308b\u306e\u3067\u3001terraform workspace \u3092\u5207\u308a\u66ff\u3048\u308b<\/p>\nworkspace\u3000\u3092\u4f7f\u3063\u305f\u307b\u3046\u304c\u3044\u3044\u304b\u306f\u60a9\u307f\u3069\u3053\u308d\u3060\u304c\u8a66\u3057\u306b\u4f7f\u7528\u3057\u3066\u307f\u3066\u3044\u308b<\/p>\n
## \u5185\u5bb9<\/span>\r\n# Terraform \u7528\u306e\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u3092\u4f5c\u6210\u3059\u308b<\/span>\r\n# \u53c2\u7167 https:\/\/cloud.google.com\/community\/tutorials\/managing-gcp-projects-with-terraform<\/span>\r\n## \u524d\u63d0<\/span>\r\n# \u7d44\u7e54\u3092\u4f5c\u6210\u6e08\u307f<\/span>\r\n# \u8ab2\u91d1\u30a2\u30ab\u30a6\u30f3\u30c8\u4f5c\u6210\u6e08\u307f<\/span>\r\n# \u7ba1\u7406\u30e6\u30fc\u30b6\u30b0\u30eb\u30fc\u30d7\u3092 admin.google \u3067\u4f5c\u6210\u6e08\u307f<\/span>\r\n## \u7d44\u7e54\u7ba1\u7406\u8005\u304c\u8ab2\u91d1\u30a2\u30ab\u30a6\u30f3\u30c8\u3078\u6a29\u9650\u4ed8\u4e0e\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b<\/span>\r\n# gcloud config set account [\u8ab2\u91d1\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30a2\u30c9\u30df\u30f3\u30a2\u30ab\u30a6\u30f3\u30c8]<\/span>\r\n# gcloud beta billing accounts list<\/span>\r\n# gcloud beta billing accounts add-iam-policy-binding [var.gcp_common.billing_account] --member=user:[org admin user account] --role roles\/billing.admin<\/span>\r\n## \u7d44\u7e54\u7ba1\u7406\u8005\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u3067 gcloud \u30b3\u30de\u30f3\u30c9\u3092\u5229\u7528\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b<\/span>\r\n# gcloud auth login [org admin user account]<\/span>\r\n# gcloud config set account [org admin user account]<\/span>\r\n# gcloud auth application-default login<\/span>\r\n## \u7d44\u7e54\u7ba1\u7406\u8005\u304c\u7d44\u7e54\u30dd\u30ea\u30b7\u30fc\u3092\u7de8\u96c6\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b<\/span>\r\n# gcloud organizations list<\/span>\r\n# gcloud organizations add-iam-policy-binding [var.gcp_common.org_id] --member=user:[org admin user account] --role=roles\/orgpolicy.policyAdmin<\/span>\r\n## workspace \u3092 \"dev\", \"prd\" \u306a\u3069\u306b\u3059\u308b<\/span>\r\n# terraform workspace new dev<\/span>\r\n\r\nprovider<\/span> \"google\"<\/span> {}<\/span>\r\n\r\n# Terraform Project \u4f5c\u6210<\/span>\r\nresource<\/span> \"google_project\"<\/span> \"terraform\"<\/span> {<\/span>\r\n name<\/span> =<\/span> join<\/span>(<\/span>\"-\"<\/span>,<\/span> [<\/span>var<\/span>.<\/span>gcp_common<\/span>.<\/span>org_name<\/span>,<\/span> var<\/span>.<\/span>terraform_pj<\/span>.<\/span>identity_name<\/span>,<\/span> terraform<\/span>.<\/span>workspace<\/span>]<\/span>)<\/span>\r\n project_id<\/span> =<\/span> join<\/span>(<\/span>\"-\"<\/span>,<\/span> [<\/span>var<\/span>.<\/span>gcp_common<\/span>.<\/span>org_name<\/span>,<\/span> var<\/span>.<\/span>terraform_pj<\/span>.<\/span>identity_name<\/span>,<\/span> terraform<\/span>.<\/span>workspace<\/span>]<\/span>)<\/span>\r\n org_id<\/span> =<\/span> var<\/span>.<\/span>gcp_common<\/span>.<\/span>org_id<\/span>\r\n billing_account<\/span> =<\/span> var<\/span>.<\/span>gcp_common<\/span>.<\/span>billing_account<\/span>\r\n auto_create_network<\/span> =<\/span> false<\/span>\r\n}<\/span>\r\n\r\n# Sevice API \u6709\u52b9\u5316 (google_project \u3068\u540c\u3058 terraform \u3067\u5b9f\u65bd\u304c\u5fc5\u9808)<\/span>\r\nresource<\/span> \"google_project_service\"<\/span> \"terraform\"<\/span> {<\/span>\r\n project<\/span> =<\/span> google_project<\/span>.<\/span>terraform<\/span>.<\/span>id<\/span>\r\n disable_dependent_services<\/span> =<\/span> true<\/span>\r\n\r\n for_each<\/span> =<\/span> toset<\/span>(<\/span>[<\/span>\r\n \"cloudresourcemanager.googleapis.com\"<\/span>
- \n
https:\/\/qiita.com\/suzuyui\/items\/947867f52897417ee31b#1-%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E5%8F%96%E5%BE%97<\/p>\n
\u7d44\u7e54\u306e\u4f5c\u6210 (Cloud Identity, \u7d44\u7e54\u306e\u4f5c\u6210\u307e\u3067\u3092\u5b8c\u4e86\u3055\u305b\u308b)<\/p>\n
https:\/\/qiita.com\/suzuyui\/items\/947867f52897417ee31b#2-%E7%B5%84%E7%B9%94%E3%81%AE%E4%BD%9C%E6%88%90<\/p>\n
![\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8742913a08637a6bf572\/25-0.png\" "\\"\\"")
<\/div>\n\u5728\u5de5\u4f5c\u73af\u5883\u4e2d\uff0c\u4e8b\u5148\u5b89\u88c5 Terraform \u548c gcloud\u3002<\/p>\n
\u5b89\u88c5\u65b9\u6cd5\uff1ahttps:\/\/qiita.com\/suzuyui\/items\/231b39a60ff545032bc6#terraform-\u5b89\u88c5<\/p>\n
% terraform version\r\nTerraform v0.14.6\r\n<\/code><\/pre>\n% gcloud --version\r\nGoogle Cloud SDK 327.0.0\r\nalpha 2021.02.05\r\nbeta 2021.02.05\r\nbq 2.0.64\r\ncore 2021.02.05\r\ngsutil 4.58\r\n<\/code><\/pre>\n\u7ee7\u7eed\u4f7f\u7528terraform\u8fdb\u884c\u6784\u5efa<\/p>\n
2. \u521b\u5efaterraform\u7ba1\u7406\u9879\u76ee\uff08\u9884\u9636\u6bb5\/\uff09<\/h3>\n
\u53c2\u8003\u4e86Google Cloud\u793e\u533a\u4e2dGoogle\u5458\u5de5\u7f16\u5199\u7684\u6559\u7a0b\uff0c\u5728Terraform\u4e2d\u521b\u5efa\u7ba1\u7406\u9879\u76ee\u3002
\n\u5c06\u6559\u7a0b\u4e2d\u624b\u52a8\u6267\u884c\u7684\u90e8\u5206\u8f6c\u5316\u4e3aprestage\u4e2d\u7684Terraform\u4ee3\u7801\u5e76\u6267\u884c\uff08\u4e5f\u53ef\u4ee5\u624b\u52a8\u6267\u884c\uff09\u3002
\n\u7531\u4e8e\u8fd8\u672a\u521b\u5efa\u9002\u7528\u4e8eTerraform\u7684\u670d\u52a1\u5e10\u53f7\uff0c\u56e0\u6b64\u5c06\u4f7f\u7528gcloud\u7684\u8ba4\u8bc1\u4fe1\u606f\u6765\u8bbf\u95eeGCP\u3002<\/p>\n\u521b\u5efa Terraform \u7ba1\u7406\u9879\u76ee\uff1ahttps:\/\/cloud.google.com\/community\/tutorials\/managing-gcp-projects-with-terraform<\/p>\n
\u4ee5\u4e0b\u5185\u5bb9\u5df2\u7ecf\u5728\u4e0a\u8ff0URL\u4e2d\u53c2\u8003\u5e76\u8fdb\u884c\u4e86\u7f16\u7801\u3002<\/p>\n
- \n
- \n
<\/p>\n
- \u521b\u5efaVPC\u670d\u52a1\u63a7\u5236\uff08vpc_service_controls.tf\uff09<\/ol>\n
1. \u51c6\u5907\u5de5\u4f5c\/\u8d2d\u4e70\u57df\u540d\u548c\u542f\u7528\u4e91\u8eab\u4efd\uff08\u624b\u52a8\u65b9\u5f0f\uff09<\/h3>\n
\u76f4\u5230\u57df\u540d\u6ce8\u518c\u548c\u7ec4\u7ec7\u751f\u6548\u90fd\u9700\u8981\u624b\u52a8\u64cd\u4f5c\u3002<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
<\/p>\n
- \n
- \n
\u30db\u30b9\u30c8\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u4f5c\u6210
\n\u30b5\u30fc\u30d3\u30b9\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u4f5c\u6210
\n\u5171\u6709 VPC
\nSubnet \u306e\u8a2d\u5b9a
\n[\u8ffd\u52a0] \u7d44\u7e54\u306e\u30dd\u30ea\u30b7\u30fc\u8ffd\u52a0
\n[\u8ffd\u52a0] \u6a29\u9650\u306e\u8ffd\u52a0<\/p>\n
HA VPN<\/p>\n
\u81ea\u5b85\u30e9\u30dc\u5411\u3051\u306b HA VPN \u3092\u69cb\u7bc9\u3059\u308b
\n\u81ea\u5b85\u30e9\u30dc\u5411\u3051\u306b\u8a2d\u5b9aConfig\u4f8b\u3092\u51fa\u529b\u3059\u308b (EdgeRouer\u5411\u3051)<\/p>\n
VPC Service Controls<\/p>\n
\u30b5\u30fc\u30d3\u30b9\u5883\u754c\u306e\u4f5c\u6210<\/p>\n
\u9650\u5b9a\u516c\u958b Google \u30a2\u30af\u30bb\u30b9<\/p>\n
googleapis.com \u5411\u3051\u306e Private \u5411\u3051 DNS \u8a2d\u5b9a<\/p>\n
GCP\u8d44\u6e90\u914d\u7f6e<\/h3>\n
\u5728\u7ec4\u7ec7\u4e2d\u521b\u5efa\u6587\u4ef6\u5939\uff08\u7c7b\u4f3c\u4e8e\u90e8\u95e8\uff09\uff0c\u5e76\u5c06\u9879\u76ee\u7ec4\u7ec7\u6210\u5c5e\u4e8e\u6587\u4ef6\u5939\u7684\u7ed3\u6784\uff08\u53c2\u8003\u5199\u6cd5\uff09\u3002
\n\u6309\u7167 Terraform \u7684\u6307\u5bfc\uff08\u53c2\u8003\u94fe\u63a5\uff1ahttps:\/\/cloud.google.com\/community\/tutorials\/managing-gcp-projects-with-terraform\uff09\uff0c\u76f4\u63a5\u5728\u7ec4\u7ec7\u4e2d\u6784\u5efa\u7ba1\u7406\u9879\u76ee\u3002<\/p>\n
![\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8742913a08637a6bf572\/12-0.png\" "\\"\\"")
<\/div>\n\u5173\u4e8e\u9879\u76ee\u540d\u79f0\uff0c\u8bf7\u53c2\u8003\u4f01\u4e1a\u7ea7\u6307\u5357\u4e2d\u7684\u9879\u76ee\u540d\u79f0\uff0c\u5e76\u6dfb\u52a0\u60a8\u81ea\u5df1\u7684ID\u4ee5\u786e\u4fdd\u4e0e\u5176\u4ed6\u9879\u76ee\u4e0d\u91cd\u590d\uff08ID\u5fc5\u987b\u552f\u4e00\uff09\u3002
\n– \u9879\u76ee\u540d\u79f0\uff08ID\uff09\uff1a[\u7ec4\u7ec7\u540d\u79f0]-[\u670d\u52a1\u540d\u79f0]-[\u73af\u5883\u540d\u79f0]<\/p>\n
Terraform \u76ee\u5f55\u7ed3\u6784<\/h3>\n
\u7531\u4e8e\u4e0d\u77e5\u9053\u6b63\u786e\u7684\u89e3\u51b3\u65b9\u6cd5\uff0c\u56e0\u6b64\u7b80\u5355\u5730\u8fdb\u884c\u4e86\u6587\u4ef6\u5206\u5272\u3002(\u6a21\u5757\u5316\u7b49\u4ee5\u540e\u518d\u8003\u8651\u3002\u4f3c\u4e4e\u6ca1\u6709\u4e8b\u5148\u5b9a\u4e49\u7684\u6807\u51c6\u3002)
\n\u6709\u5173\u9884\u5148\u64cd\u4f5c\u548cTerraform\u9879\u76ee\u7684\u521b\u5efa\uff0c\u5c06\u5176\u653e\u5728\u5355\u72ec\u7684\u6587\u4ef6\u5939\uff08prestage\uff09\u4e2d\u3002
\n\u7531\u4e8e\u5168\u90e8\u90fd\u5199\u5728\u4e86Qiita\u4e2d\u4f1a\u5f88\u957f\uff0c\u6240\u4ee5\u8fdb\u884c\u4e86\u7701\u7565\u63cf\u8ff0\uff0c\u6574\u4f53\u5728GitHub\u4e0a\u516c\u5f00\u4e86\uff08URL\uff1ahttps:\/\/github.com\/suzuyu\/terraform-public\uff09\u3002
\n\u203bbackend.tf\u5c06\u6839\u636eprestage\/\u6267\u884c\u7684\u8f93\u51fa\u8fdb\u884c\u521b\u5efa\uff08GitHub\u4e0a\u6ca1\u6709\uff09\u3002<\/p>\n
.\r\n\u251c\u2500\u2500 README.md\r\n\u251c\u2500\u2500 backend.tf\r\n\u251c\u2500\u2500 cloudnat.tf\r\n\u251c\u2500\u2500 dns.tf\r\n\u251c\u2500\u2500 firewall.tf\r\n\u251c\u2500\u2500 host.tf\r\n\u251c\u2500\u2500 main.tf\r\n\u251c\u2500\u2500 organization.tf\r\n\u251c\u2500\u2500 prestage\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 main.tf\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 output.tf\r\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 variables.tf\r\n\u251c\u2500\u2500 service1.tf\r\n\u251c\u2500\u2500 subnet.tf\r\n\u251c\u2500\u2500 terraform_pj\r\n\u251c\u2500\u2500 variables.tf\r\n\u251c\u2500\u2500 vpc_service_controls.tf\r\n\u2514\u2500\u2500 vpn.tf\r\n\r\n<\/code><\/pre>\n![\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8](\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d8742913a08637a6bf572\/17-0.png\" "\\"\\"")
<\/div>\n\u6839\u636e\u6587\u4ef6\u5206\u7c7b\u3001\u89e3\u91ca\u548c\u8bb0\u5f55\u6bcf\u4e2a\u6587\u4ef6\u7684\u7ed3\u6784\u548c\u5185\u5bb9<\/p>\n
\u5efa\u7acb<\/h2>\n
\u6211\u4eec\u6309\u7167\u4e0b\u9762\u7684\u987a\u5e8f\u8fdb\u884c\u5b9e\u65bd\u3002<\/p>\n
\n