{"id":49235,"date":"2023-07-25T17:34:34","date_gmt":"2023-02-06T22:54:31","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/"},"modified":"2024-04-30T15:17:57","modified_gmt":"2024-04-30T07:17:57","slug":"%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/","title":{"rendered":"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898"},"content":{"rendered":"<p>\u203b \u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8eMixi Group Advent Calendar 2021\u7b2c11\u5929\u7684\u8d21\u732e.<\/p>\n<p>\u6211\u6700\u8fd1\u5c06\u6211\u4eec\u5728\u9879\u76ee\u4e2d\u521b\u5efa\u7684 Terraform \u4ee3\u7801\u5347\u7ea7\u5230\u6700\u65b0\u7684\u7248\u672c1.0.11\u3002<br \/>\n\u5728\u5c1d\u8bd5\u5347\u7ea7\u7248\u672c\u65f6\uff0c\u51fa\u73b0\u4e86\u4e00\u4e9b\u5947\u602a\u7684\u5dee\u5f02\uff0c\u4e8e\u662f\u6211\u8fdb\u884c\u4e86\u4e00\u4e9b\u8c03\u67e5\u5e76\u8bb0\u5f55\u4e0b\u6765\u3002<\/p>\n<h1>\u8bf7\u505a\u4e00\u4e2a\u4e2d\u6587\u7684\u603b\u7ed3\u3002<\/h1>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Terraform \u30b3\u30fc\u30c9\u3092 0.14.11 -&gt; 1.0.11 \u306b\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9\u3057\u3088\u3046\u3068 plan \u3092\u5b9f\u884c\u3057\u305f\u3068\u3053\u308d\u3001\u8b0e\u306e\u5dee\u5206\u304c\u767a\u751f<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u8abf\u3079\u308b\u3068\u3001 AWS Security Manager \u3092\u4f7f\u7528\u3057\u3066\u8a2d\u5b9a\u3057\u305f\u5024\u3067\u5dee\u5206\u304c\u767a\u751f\u3057\u3066\u3044\u308b<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u3069\u3046\u3082 0.15 \u4ee5\u964d\u306f provider_sensitive_attrs \u306e\u6a5f\u80fd\u304c\u3042\u308a\u3001sensitive \u306a\u5024\u3092\u5909\u6570\u306b\u5165\u308c\u3066\u4f7f\u3046\u3068\u3001\u4f7f\u3063\u3066\u3044\u308b resource \u306e\u5024\u3082 sensitive \u6271\u3044\u306b\u306a\u3063\u3066\u304f\u308c\u308b\u3089\u3057\u3044<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">sensitive \u306e\u6271\u3044\u304c\u5909\u66f4\u3055\u308c\u308b\u3068\u3001\u7269\u306b\u3088\u3063\u3066\u306f Terraform \u306f\u305d\u308c\u3092 resource \u306e\u5dee\u5206\u3068\u3057\u3066\u8a8d\u8b58\u3059\u308b\uff08\u3063\u307d\u3044\uff09<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\u3068\u3044\u3046\u308f\u3051\u3067\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9\u306b\u4f34\u3063\u3066\u5909\u66f4\u3055\u308c\u308b resource \u306f\u306a\u304b\u3063\u305f\u306e\u3067\u3001\u307f\u3093\u306a\u5e78\u305b<\/ul>\n<h1>\u8d77\u6e90<\/h1>\n<p>\u5f53\u53d1\u751f\u8fd9\u4ef6\u4e8b\u65f6\uff0c\u4ec5\u4ec5\u662f\u7531\u4e8e\u8bd5\u56fe\u5347\u7ea7Terraform\u5e76\u66f4\u6539Terraform\u7684required_version\u800c\u521b\u5efa\u4e86\u4e00\u4e2a\u7b80\u5355\u7684PR\u3002<\/p>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d89dc913a08637a6c7e9a\/6-0.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8 2021-12-09 13.57.06.png\" \/><\/div>\n<p>\u5728\u4f7f\u7528 CodeBuild \u8fd0\u884c terraform plan \u7684\u7ed3\u679c\u4e2d\u51fa\u73b0\u4e86\u83ab\u540d\u5176\u5999\u7684\u5dee\u5f02\u3002<br \/>\n\u5dee\u5f02\u53d1\u751f\u5728\u914d\u7f6e\u4e86 AWS WAF \u7684\u89c4\u5219\u4e2d\u3002<br \/>\n\u800c\u5173\u952e\u5dee\u5f02\u7684\u5185\u5bb9\u662f\uff1a<\/p>\n<pre class=\"post-pre\"><code>      <span class=\"err\">~<\/span> <span class=\"nx\">rule<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"c1\"># At least one attribute in this block is (or was) sensitive,<\/span>\r\n          <span class=\"c1\"># so its contents will not be displayed.<\/span>\r\n        <span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u56e0\u4e3a\u654f\u611f\u7684\u539f\u56e0\uff0c\u65e0\u6cd5\u5c55\u793a\u5dee\u5f02\u3002<br \/>\n\u8fd9\u4e0b\u9ebb\u70e6\u4e86\u3002<\/p>\n<h1>\u8c03\u67e5<\/h1>\n<p>\u5728\u641c\u7d22\u4e86\u4e00\u4e0b\u6709\u6ca1\u6709\u529e\u6cd5\u68c0\u67e5\u5dee\u5f02\u4e4b\u540e\uff0c\u6211\u627e\u5230\u4e86\u4ee5\u4e0b\u8bba\u575b\u7684\u5e16\u5b50\uff1a<br \/>\nhttps:\/\/discuss.hashicorp.com\/t\/how-to-show-sensitive-values\/24076<\/p>\n<p>\u6839\u636e\u5b83\u6240\u8bf4\uff0c\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u53ef\u4ee5\u5c06\u8be6\u7ec6\u7684\u8ba1\u5212\u6267\u884c\u65b9\u6848\u4ee5 JSON \u683c\u5f0f\u8f93\u51fa\uff0c\u5e76\u80fd\u591f\u68c0\u67e5\u5dee\u5f02\u3002<\/p>\n<pre class=\"post-pre\"><code>terraform plan <span class=\"nt\">-out<\/span><span class=\"o\">=<\/span>tfplan\r\nterraform show <span class=\"nt\">-json<\/span> tfplan\r\n<\/code><\/pre>\n<p>JSON\u7684\u5185\u5bb9\u5728\u4ee5\u4e0b\u5b98\u65b9\u6587\u6863\u4e2d\u6709\u8be6\u7ec6\u8bf4\u660e\u3002<br \/>\nhttps:\/\/www.terraform.io\/docs\/internals\/json-format.html<\/p>\n<p>\u6839\u636e\u8fd9\u4e2a\uff0c\u5728\u6267\u884c terraform plan \u547d\u4ee4\u65f6\u8f93\u51fa\u7684\u914d\u7f6e\u5927\u81f4\u5982\u4e0b\u3002<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u73fe\u5728 Terraform \u3067\u7ba1\u7406\u3057\u3066\u3044\u308b resources \u306e\u72b6\u614b\uff08Values Representation\uff09<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u73fe\u5728\u306e Terraform \u306e\u8a2d\u5b9a\uff08Configuration Representation\uff09<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\u4eca\u56de\u306e\u5909\u66f4\u70b9\uff08Change Representation\uff09<\/ul>\n<p>\u5728\u201c\u53d8\u66f4\u8868\u73b0\u65b9\u5f0f\u201d\u90e8\u5206\u4e2d\uff0c\u6709\u4e00\u4e2a\u201cbefore\/after\u201d\u9009\u9879\uff0c\u5176\u4e2d\u8be6\u7ec6\u63cf\u8ff0\u4e86\u6bcf\u4e2a\u53d8\u66f4\u70b9\u3002<br \/>\n\u8fd9\u6b21\u7684\u5dee\u5f02\u53ef\u4ee5\u901a\u8fc7\u6bd4\u8f83\u8fd9\u91cc\u7684\u201cbefore\u201d\u548c\u201cafter\u201d\u6765\u4e86\u89e3\u3002<br \/>\n\u56e0\u6b64\uff0c\u6211\u4eec\u53ef\u4ee5\u63d0\u53d6\u201cbefore\u201d\u548c\u201cafter\u201d\uff0c\u8fdb\u884c\u5dee\u5f02\u6bd4\u8f83\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"p\">14c14\r\n<\/span><span class=\"gd\">&lt;         \"before\": {\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;         \"after\": {\r\n<\/span><span class=\"p\">37c37\r\n<\/span><span class=\"gd\">&lt;                       \"custom_request_handling\": []\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;                       \"custom_request_handling\": null\r\n<\/span><span class=\"p\">116c116\r\n<\/span><span class=\"gd\">&lt;         \"before_sensitive\": {\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;         \"after_sensitive\": {\r\n<\/span><span class=\"p\">132,134c132\r\n<\/span><span class=\"gd\">&lt;                     {\r\n&lt;                       \"custom_request_handling\": []\r\n&lt;                     }\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;                     {}\r\n<\/span><span class=\"p\">187c185\r\n<\/span><span class=\"gd\">&lt;         },\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;         }\r\n<\/span><span class=\"p\">203c201\r\n<\/span><span class=\"gd\">&lt;         \"before\": {\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;         \"after\": {\r\n<\/span><span class=\"p\">305c303,304\r\n<\/span><span class=\"gd\">&lt;         \"before_sensitive\": {\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;         \"after_unknown\": {},\r\n&gt;         \"after_sensitive\": {\r\n<\/span><span class=\"p\">316,368c315\r\n<\/span><span class=\"gd\">&lt;           \"rule\": [\r\n&lt;             {\r\n&lt;               \"action\": [\r\n&lt;                 {\r\n&lt;                   \"allow\": [\r\n&lt;                     {}\r\n&lt;                   ],\r\n&lt;                   \"block\": [],\r\n&lt;                   \"count\": []\r\n&lt;                 }\r\n&lt;               ],\r\n&lt;               \"override_action\": [],\r\n&lt;               \"statement\": [\r\n&lt;                 {\r\n&lt;                   \"and_statement\": [],\r\n&lt;                   \"byte_match_statement\": [\r\n&lt;                     {\r\n&lt;                       \"field_to_match\": [\r\n&lt;                         {\r\n&lt;                           \"all_query_arguments\": [],\r\n&lt;                           \"body\": [],\r\n&lt;                           \"method\": [],\r\n&lt;                           \"query_string\": [],\r\n&lt;                           \"single_header\": [\r\n&lt;                             {}\r\n&lt;                           ],\r\n&lt;                           \"single_query_argument\": [],\r\n&lt;                           \"uri_path\": []\r\n&lt;                         }\r\n&lt;                       ],\r\n&lt;                       \"text_transformation\": [\r\n&lt;                         {}\r\n&lt;                       ]\r\n&lt;                     }\r\n&lt;                   ],\r\n&lt;                   \"geo_match_statement\": [],\r\n&lt;                   \"ip_set_reference_statement\": [],\r\n&lt;                   \"managed_rule_group_statement\": [],\r\n&lt;                   \"not_statement\": [],\r\n&lt;                   \"or_statement\": [],\r\n&lt;                   \"rate_based_statement\": [],\r\n&lt;                   \"regex_pattern_set_reference_statement\": [],\r\n&lt;                   \"rule_group_reference_statement\": [],\r\n&lt;                   \"size_constraint_statement\": [],\r\n&lt;                   \"sqli_match_statement\": [],\r\n&lt;                   \"xss_match_statement\": []\r\n&lt;                 }\r\n&lt;               ],\r\n&lt;               \"visibility_config\": [\r\n&lt;                 {}\r\n&lt;               ]\r\n&lt;             }\r\n&lt;           ],\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;           \"rule\": true,\r\n<\/span><span class=\"p\">374c321\r\n<\/span><span class=\"gd\">&lt;         },\r\n<\/span><span class=\"p\">---\r\n<\/span><span class=\"gi\">&gt;         }\r\n<\/span><\/code><\/pre>\n<p>\u770b\u5230\u8fd9\u4e2a\uff0c\u53ef\u4ee5\u770b\u51fa before_sensitive \u4e2d\u7684 WAF \u89c4\u5219\u5b8c\u5168\u88ab\u66ff\u6362\u4e3a after_sensitive \u4e2d\u7684 true\u3002\u5173\u4e8e before\/after_sensitive\uff0c<\/p>\n<pre class=\"post-pre\"><code>  <span class=\"c1\">\/\/ \"before_sensitive\" and \"after_sensitive\" are object values with similar<\/span>\r\n  <span class=\"c1\">\/\/ structure to \"before\" and \"after\", but with all sensitive leaf values<\/span>\r\n  <span class=\"c1\">\/\/ replaced with true, and all non-sensitive leaf values omitted. <\/span>\r\n<\/code><\/pre>\n<p>\u636e\u8bf4\uff0c\u6240\u6709\u53ef\u80fd\u88ab\u89c6\u4e3a\u654f\u611f\u7684\u53c2\u6570\u90fd\u88ab\u8bbe\u7f6e\u4e3a\u4e86 true\u3002\u6362\u53e5\u8bdd\u8bf4\uff0c\u53ef\u4ee5\u770b\u51fa AWS WAF \u7684\u89c4\u5219\u88ab\u5168\u90e8\u89c6\u4e3a\u654f\u611f\u5904\u7406\u4e86\u3002<\/p>\n<p>\u54ce\u5440\uff0c\u6211\u5728\u60f3\u662f\u5426\u6709\u4e00\u4e9b\u5bf9\u89c4\u5219\u654f\u611f\u7684\u6570\u636e&#8230;\uff1f\u4f46\u5728\u8fd9\u91cc\uff0c\u6211\u8bb0\u8d77\u4e86\u5c06AWS Secret Manager\u4e2d\u83b7\u53d6\u7684\u503c\u653e\u5165\u89c4\u5219\u4e2d\u3002<\/p>\n<p>\u8fd9\u4e2a\u7cfb\u7edf\u8bbe\u7f6e\u4e86\u4e00\u4e2aWAF\u89c4\u5219\uff0c\u53ea\u5141\u8bb8\u5e26\u6709\u56fa\u5b9a\u503c\u7684\u8bf7\u6c42\u5934\u6765\u81ea\u7cfb\u7edf\u3002\u7136\u540e\u6211\u4eec\u901a\u8fc7\u5bc6\u94a5\u7ba1\u7406\u5668Secret Manager\u6765\u7ba1\u7406\u8fd9\u4e2a\u56fa\u5b9a\u503c\u3002<\/p>\n<h1>\u65b0\u589e\u4e86 provider_sensitive_attrs \u7279\u6027\u7684\u7248\u672c\u662f 0.15\u3002<\/h1>\n<p>\u5982\u679c\u8fd9\u6837\u7684\u8bdd\uff0c\u6211\u4f1a\u60f3\u77e5\u9053\u5347\u7ea7\u540e\u662f\u5426\u6709\u5173\u4e8e\u654f\u611f\u503c\u7684\u5904\u7406\u53d8\u5316\uff1f\u67e5\u9605\u540e\u53d1\u73b0\u57280.15\u7248\u672c\u4e2d\u63d0\u4f9b\u4e86provider_sensitive_attrs\u9009\u9879\u5e76\u5df2\u6210\u4e3a\u901a\u7528\u53ef\u7528\u3002<br \/>\nhttps:\/\/dev.classmethod.jp\/articles\/terraform-015\/#toc-4<\/p>\n<p>\u63d0\u4f9b\u8005\u654f\u611f\u5c5e\u6027\uff08provider_sensitive_attrs\uff09\u662f\u6307\u7528\u4e8e\u5904\u7406\u654f\u611f\u6570\u636e\u7684\u8d44\u6e90\u65f6\u540c\u6837\u5c06\u5176\u89c6\u4e3a\u654f\u611f\u5904\u7406\u7684\u529f\u80fd\u3002\u6700\u521d\uff0c\u5f53\u5c06\u654f\u611f\u6570\u636e\u5b58\u50a8\u5728\u53d8\u91cf\u4e2d\u5e76\u5728terraform plan\u7b49\u64cd\u4f5c\u4e2d\u4ee5\u660e\u6587\u5f62\u5f0f\u663e\u793a\u65f6\uff0c\u5b58\u5728\u95ee\u9898\u3002\u4e3a\u4e86\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff0c\u5f15\u5165\u4e86\u8fd9\u4e2a\u529f\u80fd\u3002<\/p>\n<p>\u7531\u4e8eSecurity Manager\u7684\u503c\u672c\u8eab\u5c31\u662f\u654f\u611f\u7684\uff0c\u56e0\u6b64\u53ef\u4ee5\u770b\u51faWAF\u7684\u89c4\u5219\u4e5f\u88ab\u5b8c\u5168\u89c6\u4e3a\u654f\u611f\u5904\u7406\u3002<\/p>\n<h1>\u8d44\u6e90\u7684\u66f4\u6539\uff1f<\/h1>\n<p>\u5176\u5b9e\uff0c\u901a\u5e38\u60c5\u51b5\u4e0b\uff0c\u53ea\u8981\u662f\u654f\u611f\u5904\u7406\u7684\u66f4\u6539\uff0c\u4f3c\u4e4e\u4f1a\u663e\u793a\u4e3a\u201cThe value is unchanged\uff08\u6570\u503c\u672a\u53d8\uff09\u201d\u7c7b\u4f3c\u7684\u5185\u5bb9\u3002<\/p>\n<pre class=\"post-pre\"><code>      <span class=\"c1\"># Warning: this block will be marked as sensitive and will not<\/span>\r\n      <span class=\"c1\"># display in UI output after applying this change. The value is unchanged. &lt;= \u30b3\u30b3\uff01<\/span>\r\n      <span class=\"err\">~<\/span> <span class=\"nx\">rule<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"c1\"># At least one attribute in this block is (or was) sensitive,<\/span>\r\n          <span class=\"c1\"># so its contents will not be displayed.<\/span>\r\n        <span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u5982\u679c\u8fd9\u4e2a\u5b57\u51fa\u73b0\u4e86\uff0c\u5c31\u53ef\u4ee5\u77e5\u9053\u503c\u6ca1\u6709\u88ab\u6539\u53d8\uff0c\u4f46\u662f\u8fd9\u6b21\u5b83\u6ca1\u6709\u88ab\u663e\u793a\u51fa\u6765\u3002<br \/>\n\u770b\u8d77\u6765\u4f3c\u4e4e\u662f\u7531\u4e8e\u8d44\u6e90\u7684\u539f\u56e0\uff0c\u53ef\u80fd\u6709\u65f6\u5019\u4e0d\u4f1a\u663e\u793a\u51fa&#8221;The value is unchanged.&#8221;\u8fd9\u4e2a\u5b57\u6765\uff1f<\/p>\n<h1>\u6700\u540e\u600e\u4e48\u6837\u4e86\uff1f<\/h1>\n<p>\u4ef7\u503c\u6ca1\u6709\u6539\u53d8\u3002\u7531\u4e8e\u6ca1\u6709\u4efb\u4f55\u6807\u8bc6\uff0c\u5e76\u4e14\u8fd9\u6b21\u7684\u73af\u5883\u662f\u751f\u4ea7\u73af\u5883\uff0c\u6240\u4ee5\u5bf9\u5176\u8fdb\u884c\u7acb\u5373\u5e94\u7528\u6709\u70b9\u6050\u6016\u3002\u56e0\u6b64\uff0c\u6211\u521b\u5efa\u4e86\u4ec5\u5305\u62ec\u95ee\u9898WAF\u548cSecret Manager\u7684\u7b80\u5355Terraform\uff0c\u4ee5\u9a8c\u8bc1\u5b9e\u9645\u60c5\u51b5\u5982\u4f55\u3002<\/p>\n<h2>\u9a8c\u8bc1<\/h2>\n<p>\u9996\u5148\uff0c\u57280.14.11\u7248\u672c\u4e2d\u521b\u5efa\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">required_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"~&gt; 0.14.11\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">provider<\/span> <span class=\"s2\">\"aws\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">profile<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"test\"<\/span>\r\n  <span class=\"nx\">region<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"ap-northeast-1\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">provider<\/span> <span class=\"s2\">\"aws\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">profile<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"test\"<\/span>\r\n  <span class=\"nx\">region<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"us-east-1\"<\/span>\r\n  <span class=\"nx\">alias<\/span>   <span class=\"p\">=<\/span> <span class=\"s2\">\"virginia\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">data<\/span> <span class=\"s2\">\"aws_secretsmanager_secret\"<\/span> <span class=\"s2\">\"secret\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"test\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">data<\/span> <span class=\"s2\">\"aws_secretsmanager_secret_version\"<\/span> <span class=\"s2\">\"secret\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">secret_id<\/span> <span class=\"p\">=<\/span> <span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">aws_secretsmanager_secret<\/span><span class=\"err\">.<\/span><span class=\"nx\">secret<\/span><span class=\"err\">.<\/span><span class=\"nx\">id<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"aws_wafv2_web_acl\"<\/span> <span class=\"s2\">\"waf\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">provider<\/span>    <span class=\"p\">=<\/span> <span class=\"nx\">aws<\/span><span class=\"err\">.<\/span><span class=\"nx\">virginia<\/span>\r\n  <span class=\"nx\">name<\/span>        <span class=\"p\">=<\/span> <span class=\"s2\">\"test-waf-allow-header\"<\/span>\r\n  <span class=\"nx\">scope<\/span>       <span class=\"p\">=<\/span> <span class=\"s2\">\"CLOUDFRONT\"<\/span>\r\n  <span class=\"nx\">description<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"test\"<\/span>\r\n  <span class=\"nx\">tags<\/span>        <span class=\"p\">=<\/span> <span class=\"p\">{}<\/span>\r\n\r\n  <span class=\"nx\">visibility_config<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">cloudwatch_metrics_enabled<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n    <span class=\"nx\">metric_name<\/span>                <span class=\"p\">=<\/span> <span class=\"s2\">\"test-waf-allow-header\"<\/span>\r\n    <span class=\"nx\">sampled_requests_enabled<\/span>   <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">default_action<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">block<\/span> <span class=\"p\">{}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nx\">rule<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span>     <span class=\"p\">=<\/span> <span class=\"s2\">\"test-waf-rule-allow-header\"<\/span>\r\n    <span class=\"nx\">priority<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">1<\/span>\r\n\r\n    <span class=\"nx\">visibility_config<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">cloudwatch_metrics_enabled<\/span> <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n      <span class=\"nx\">metric_name<\/span>                <span class=\"p\">=<\/span> <span class=\"s2\">\"test-waf-rule-allow-header\"<\/span>\r\n      <span class=\"nx\">sampled_requests_enabled<\/span>   <span class=\"p\">=<\/span> <span class=\"kc\">false<\/span>\r\n    <span class=\"p\">}<\/span>\r\n\r\n    <span class=\"nx\">action<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">allow<\/span> <span class=\"p\">{}<\/span>\r\n    <span class=\"p\">}<\/span>\r\n\r\n    <span class=\"nx\">statement<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">byte_match_statement<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"nx\">field_to_match<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"nx\">single_header<\/span> <span class=\"p\">{<\/span>\r\n            <span class=\"nx\">name<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"x-cdn-key\"<\/span>\r\n          <span class=\"p\">}<\/span>\r\n        <span class=\"p\">}<\/span>\r\n        <span class=\"nx\">positional_constraint<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"EXACTLY\"<\/span>\r\n        <span class=\"nx\">search_string<\/span>         <span class=\"p\">=<\/span> <span class=\"nx\">jsondecode<\/span><span class=\"err\">(<\/span><span class=\"nx\">data<\/span><span class=\"err\">.<\/span><span class=\"nx\">aws_secretsmanager_secret_version<\/span><span class=\"err\">.<\/span><span class=\"nx\">secret<\/span><span class=\"err\">.<\/span><span class=\"nx\">secret_string<\/span><span class=\"err\">)<\/span><span class=\"p\">[<\/span><span class=\"s2\">\"x-cdn-key\"<\/span><span class=\"p\">]<\/span>\r\n        <span class=\"nx\">text_transformation<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"nx\">priority<\/span> <span class=\"p\">=<\/span> <span class=\"mi\">0<\/span>\r\n          <span class=\"nx\">type<\/span>     <span class=\"p\">=<\/span> <span class=\"s2\">\"NONE\"<\/span>\r\n        <span class=\"p\">}<\/span>\r\n      <span class=\"p\">}<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<p>\u6267\u884c\u5df2\u521b\u5efa\u7684 main.tf \u6587\u4ef6\u3002<\/p>\n<pre class=\"post-pre\"><code> % terraform apply\r\nAn execution plan has been generated and is shown below.\r\nResource actions are indicated with the following symbols:\r\n  + create\r\n\r\nTerraform will perform the following actions:\r\n\r\n  <span class=\"c\"># aws_wafv2_web_acl.waf will be created<\/span>\r\n  + resource <span class=\"s2\">\"aws_wafv2_web_acl\"<\/span> <span class=\"s2\">\"waf\"<\/span> <span class=\"o\">{<\/span>\r\n      + arn         <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + capacity    <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + description <span class=\"o\">=<\/span> <span class=\"s2\">\"test\"<\/span>\r\n      + <span class=\"nb\">id<\/span>          <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + lock_token  <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n      + name        <span class=\"o\">=<\/span> <span class=\"s2\">\"test-waf-allow-header\"<\/span>\r\n      + scope       <span class=\"o\">=<\/span> <span class=\"s2\">\"CLOUDFRONT\"<\/span>\r\n      + tags_all    <span class=\"o\">=<\/span> <span class=\"o\">(<\/span>known after apply<span class=\"o\">)<\/span>\r\n\r\n      + default_action <span class=\"o\">{<\/span>\r\n\r\n          + block <span class=\"o\">{<\/span>\r\n            <span class=\"o\">}<\/span>\r\n        <span class=\"o\">}<\/span>\r\n\r\n      + rule <span class=\"o\">{<\/span>\r\n          + name     <span class=\"o\">=<\/span> <span class=\"s2\">\"test-waf-rule-allow-header\"<\/span>\r\n          + priority <span class=\"o\">=<\/span> 1\r\n\r\n          + action <span class=\"o\">{<\/span>\r\n              + allow <span class=\"o\">{<\/span>\r\n                <span class=\"o\">}<\/span>\r\n            <span class=\"o\">}<\/span>\r\n\r\n          + statement <span class=\"o\">{<\/span>\r\n\r\n              + byte_match_statement <span class=\"o\">{<\/span>\r\n                  + positional_constraint <span class=\"o\">=<\/span> <span class=\"s2\">\"EXACTLY\"<\/span>\r\n                  + search_string         <span class=\"o\">=<\/span> <span class=\"s2\">\"hogehoge\"<\/span>\r\n\r\n                  + field_to_match <span class=\"o\">{<\/span>\r\n\r\n                      + single_header <span class=\"o\">{<\/span>\r\n                          + name <span class=\"o\">=<\/span> <span class=\"s2\">\"x-cdn-key\"<\/span>\r\n                        <span class=\"o\">}<\/span>\r\n                    <span class=\"o\">}<\/span>\r\n\r\n                  + text_transformation <span class=\"o\">{<\/span>\r\n                      + priority <span class=\"o\">=<\/span> 0\r\n                      + <span class=\"nb\">type<\/span>     <span class=\"o\">=<\/span> <span class=\"s2\">\"NONE\"<\/span>\r\n                    <span class=\"o\">}<\/span>\r\n                <span class=\"o\">}<\/span>\r\n            <span class=\"o\">}<\/span>\r\n\r\n          + visibility_config <span class=\"o\">{<\/span>\r\n              + cloudwatch_metrics_enabled <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n              + metric_name                <span class=\"o\">=<\/span> <span class=\"s2\">\"test-waf-rule-allow-header\"<\/span>\r\n              + sampled_requests_enabled   <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n            <span class=\"o\">}<\/span>\r\n        <span class=\"o\">}<\/span>\r\n\r\n      + visibility_config <span class=\"o\">{<\/span>\r\n          + cloudwatch_metrics_enabled <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n          + metric_name                <span class=\"o\">=<\/span> <span class=\"s2\">\"test-waf-allow-header\"<\/span>\r\n          + sampled_requests_enabled   <span class=\"o\">=<\/span> <span class=\"nb\">false<\/span>\r\n        <span class=\"o\">}<\/span>\r\n    <span class=\"o\">}<\/span>\r\n\r\nPlan: 1 to add, 0 to change, 0 to destroy.\r\n\r\nDo you want to perform these actions?\r\n  Terraform will perform the actions described above.\r\n  Only <span class=\"s1\">'yes'<\/span> will be accepted to approve.\r\n\r\n  Enter a value: <span class=\"nb\">yes\r\n\r\n<\/span>aws_wafv2_web_acl.waf: Creating...\r\naws_wafv2_web_acl.waf: Creation <span class=\"nb\">complete <\/span>after 2s <span class=\"o\">[<\/span><span class=\"nb\">id<\/span><span class=\"o\">=<\/span>ebd18307-4665-4bfa-8807-a53ae9df4779]\r\n\r\nApply <span class=\"nb\">complete<\/span><span class=\"o\">!<\/span> Resources: 1 added, 0 changed, 0 destroyed.\r\n<\/code><\/pre>\n<p>\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\uff0c\u8bbe\u5b9a\u5728 WAF \u4e2d\u7684\u654f\u611f\u503c\u5982\u4e0b\u3002<\/p>\n<pre class=\"post-pre\"><code>                  + search_string         = \"hogehoge\"\r\n<\/code><\/pre>\n<p>\u66f4\u6539\u6240\u9700\u7248\u672c\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"gh\">diff --git a\/main.tf b\/main.tf\r\nindex 699ddc8..e8af984 100644\r\n<\/span><span class=\"gd\">--- a\/main.tf\r\n<\/span><span class=\"gi\">+++ b\/main.tf\r\n<\/span><span class=\"p\">@@ -1,5 +1,5 @@<\/span>\r\n terraform {\r\n<span class=\"gd\">-  required_version = \"~&gt; 0.14.11\"\r\n<\/span><span class=\"gi\">+  required_version = \"~&gt; 1.0.11\"\r\n<\/span> }\r\n\r\n provider \"aws\" {\r\n<\/code><\/pre>\n<p>\u7136\u540e\u8fdb\u884cterraform\u89c4\u5212\u3002<\/p>\n<pre class=\"post-pre\"><code> % terraform plan\r\naws_wafv2_web_acl.waf: Refreshing state... [id=ebd18307-4665-4bfa-8807-a53ae9df4779]\r\n\r\nNote: Objects have changed outside of Terraform\r\n\r\nTerraform detected the following changes made outside of Terraform since the last \"terraform apply\":\r\n\r\n  # aws_wafv2_web_acl.waf has been changed\r\n  ~ resource \"aws_wafv2_web_acl\" \"waf\" {\r\n        id          = \"ebd18307-4665-4bfa-8807-a53ae9df4779\"\r\n        name        = \"test-waf-allow-header\"\r\n      + tags        = {}\r\n        # (6 unchanged attributes hidden)\r\n\r\n\r\n\r\n        # (3 unchanged blocks hidden)\r\n    }\r\n\r\nUnless you have made equivalent changes to your configuration, or ignored the relevant attributes\r\nusing ignore_changes, the following plan may include actions to undo or respond to these changes.\r\n\r\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\r\n\r\nTerraform used the selected providers to generate the following execution plan. Resource actions are\r\nindicated with the following symbols:\r\n  ~ update in-place\r\n\r\nTerraform will perform the following actions:\r\n\r\n  # aws_wafv2_web_acl.waf will be updated in-place\r\n  ~ resource \"aws_wafv2_web_acl\" \"waf\" {\r\n        id          = \"ebd18307-4665-4bfa-8807-a53ae9df4779\"\r\n        name        = \"test-waf-allow-header\"\r\n        tags        = {}\r\n        # (6 unchanged attributes hidden)\r\n\r\n\r\n      # Warning: this block will be marked as sensitive and will not\r\n      # display in UI output after applying this change.\r\n      ~ rule {\r\n          # At least one attribute in this block is (or was) sensitive,\r\n          # so its contents will not be displayed.\r\n        }\r\n\r\n        # (2 unchanged blocks hidden)\r\n    }\r\n\r\nPlan: 0 to add, 1 to change, 0 to destroy.\r\n\r\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\r\n\r\nNote: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly\r\nthese actions if you run \"terraform apply\" now.\r\n<\/code><\/pre>\n<p>\u679c\u7136\uff0c\u6570\u503c\u672a\u53d8\u3002\u6ca1\u6709&#8221;\u3084\u306f\u308a&#8221;\u7684\u8868\u793a\u3002<br \/>\n\u76f4\u63a5\u5e94\u7528\u8fd9\u6837\uff0c\u786e\u8ba4\u6570\u503c\u4f1a\u5982\u4f55\u53d8\u5316\u3002<\/p>\n<pre class=\"post-pre\"><code> % terraform apply                                                                          [ main ]\r\naws_wafv2_web_acl.waf: Refreshing state... [id=ebd18307-4665-4bfa-8807-a53ae9df4779]\r\n\r\nNote: Objects have changed outside of Terraform\r\n\r\nTerraform detected the following changes made outside of Terraform since the last \"terraform apply\":\r\n\r\n  # aws_wafv2_web_acl.waf has been changed\r\n  ~ resource \"aws_wafv2_web_acl\" \"waf\" {\r\n        id          = \"ebd18307-4665-4bfa-8807-a53ae9df4779\"\r\n        name        = \"test-waf-allow-header\"\r\n      + tags        = {}\r\n        # (6 unchanged attributes hidden)\r\n\r\n\r\n\r\n        # (3 unchanged blocks hidden)\r\n    }\r\n\r\nUnless you have made equivalent changes to your configuration, or ignored the relevant attributes\r\nusing ignore_changes, the following plan may include actions to undo or respond to these changes.\r\n\r\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\r\n\r\nTerraform used the selected providers to generate the following execution plan. Resource actions are\r\nindicated with the following symbols:\r\n  ~ update in-place\r\n\r\nTerraform will perform the following actions:\r\n\r\n  # aws_wafv2_web_acl.waf will be updated in-place\r\n  ~ resource \"aws_wafv2_web_acl\" \"waf\" {\r\n        id          = \"ebd18307-4665-4bfa-8807-a53ae9df4779\"\r\n        name        = \"test-waf-allow-header\"\r\n        tags        = {}\r\n        # (6 unchanged attributes hidden)\r\n\r\n\r\n      # Warning: this block will be marked as sensitive and will not\r\n      # display in UI output after applying this change.\r\n      ~ rule {\r\n          # At least one attribute in this block is (or was) sensitive,\r\n          # so its contents will not be displayed.\r\n        }\r\n\r\n        # (2 unchanged blocks hidden)\r\n    }\r\n\r\nPlan: 0 to add, 1 to change, 0 to destroy.\r\n\r\nDo you want to perform these actions?\r\n  Terraform will perform the actions described above.\r\n  Only 'yes' will be accepted to approve.\r\n\r\n  Enter a value: yes\r\n\r\naws_wafv2_web_acl.waf: Modifying... [id=ebd18307-4665-4bfa-8807-a53ae9df4779]\r\naws_wafv2_web_acl.waf: Modifications complete after 0s [id=ebd18307-4665-4bfa-8807-a53ae9df4779]\r\n\r\nApply complete! Resources: 0 added, 1 changed, 0 destroyed.\r\n<\/code><\/pre>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d89dc913a08637a6c7e9a\/47-0.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8 2021-12-09 13.53.13.png\" \/><\/div>\n<p>\u5728CloudTrail\u4e0a\u6ca1\u6709\u4efb\u4f55\u8bb0\u5f55\uff0c\u4e5f\u6ca1\u6709\u770b\u5230\u4efb\u4f55\u5728AWS\u4e0a\u7684\u66f4\u6539\u3002<\/p>\n<p>\u56e0\u6b64\uff0c\u6211\u5224\u65ad\u6ca1\u6709\u95ee\u9898\uff0c\u8fdb\u884c\u4e86\u7533\u8bf7\u3002\u7531\u4e8e\u6ca1\u6709\u51fa\u73b0\u4efb\u4f55\u95ee\u9898\uff0c\u6240\u4ee5\u5f88\u597d\u3002<\/p>\n<h1>\u6700\u540e<\/h1>\n<p>\u8fd9\u7bc7\u6587\u7ae0\u5199\u7684\u65f6\u5019\uff0cTerraform 1.1.0 \u5df2\u7ecf\u53d1\u5e03\u4e86\uff0c\u6240\u4ee5\u8fd8\u9700\u8981\u5347\u7ea7\u4e00\u4e0b\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u203b \u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8eMixi Group Advent Calendar 2021\u7b2c11\u5929\u7684\u8d21\u732e. \u6211\u6700\u8fd1\u5c06\u6211\u4eec [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-49235","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898\" \/>\n<meta property=\"og:description\" content=\"\u203b \u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8eMixi Group Advent Calendar 2021\u7b2c11\u5929\u7684\u8d21\u732e. \u6211\u6700\u8fd1\u5c06\u6211\u4eec [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-06T22:54:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-30T07:17:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d89dc913a08637a6c7e9a\/6-0.png\" \/>\n<meta name=\"author\" content=\"\u6587, \u7fd4\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6587, \u7fd4\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/\",\"name\":\"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-02-06T22:54:31+00:00\",\"dateModified\":\"2024-04-30T07:17:57+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\",\"name\":\"\u6587, \u7fd4\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"caption\":\"\u6587, \u7fd4\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\/","og_locale":"zh_CN","og_type":"article","og_title":"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898","og_description":"\u203b \u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8eMixi Group Advent Calendar 2021\u7b2c11\u5929\u7684\u8d21\u732e. \u6211\u6700\u8fd1\u5c06\u6211\u4eec [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-02-06T22:54:31+00:00","article_modified_time":"2024-04-30T07:17:57+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d89dc913a08637a6c7e9a\/6-0.png"}],"author":"\u6587, \u7fd4","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6587, \u7fd4","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"6 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/","name":"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-02-06T22:54:31+00:00","dateModified":"2024-04-30T07:17:57+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u5f53\u6211\u8bd5\u56fe\u5347\u7ea7Terraform\u7248\u672c\u65f6\uff0c\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u4ee4\u4eba\u56f0\u60d1\u7684\u5dee\u5f02\u95ee\u9898"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c","name":"\u6587, \u7fd4","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","caption":"\u6587, \u7fd4"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%bd%93%e6%88%91%e8%af%95%e5%9b%be%e5%8d%87%e7%ba%a7terraform%e7%89%88%e6%9c%ac%e6%97%b6%ef%bc%8c%e6%88%91%e9%81%87%e5%88%b0%e4%ba%86%e4%b8%80%e4%b8%aa%e4%bb%a4%e4%ba%ba%e5%9b%b0%e6%83%91%e7%9a%84\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/49235","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=49235"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/49235\/revisions"}],"predecessor-version":[{"id":92686,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/49235\/revisions\/92686"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=49235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=49235"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=49235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}