Back to Details

terraform-aws

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Terraform AWS

Terraform AWS

Provision and manage AWS infrastructure with Terraform.
使用Terraform配置和管理AWS基础设施。

Provider Configuration

提供商配置

hcl
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
  
  backend "s3" {
    bucket = "terraform-state"
    key    = "prod/terraform.tfstate"
    region = "us-east-1"
  }
}

provider "aws" {
  region = var.region
  
  default_tags {
    tags = {
      Environment = var.environment
      ManagedBy   = "terraform"
    }
  }
}
hcl
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
  
  backend "s3" {
    bucket = "terraform-state"
    key    = "prod/terraform.tfstate"
    region = "us-east-1"
  }
}

provider "aws" {
  region = var.region
  
  default_tags {
    tags = {
      Environment = var.environment
      ManagedBy   = "terraform"
    }
  }
}

Example Resources

示例资源

hcl
resource "aws_vpc" "main" {
  cidr_block           = "10.0.0.0/16"
  enable_dns_hostnames = true
  
  tags = { Name = "main-vpc" }
}

resource "aws_instance" "web" {
  ami           = data.aws_ami.amazon_linux.id
  instance_type = "t3.micro"
  subnet_id     = aws_subnet.public.id
  
  tags = { Name = "web-server" }
}
hcl
resource "aws_vpc" "main" {
  cidr_block           = "10.0.0.0/16"
  enable_dns_hostnames = true
  
  tags = { Name = "main-vpc" }
}

resource "aws_instance" "web" {
  ami           = data.aws_ami.amazon_linux.id
  instance_type = "t3.micro"
  subnet_id     = aws_subnet.public.id
  
  tags = { Name = "web-server" }
}

Modules

模块

hcl
module "vpc" {
  source = "terraform-aws-modules/vpc/aws"
  
  name = "my-vpc"
  cidr = "10.0.0.0/16"
  
  azs             = ["us-east-1a", "us-east-1b"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24"]
  
  enable_nat_gateway = true
}
hcl
module "vpc" {
  source = "terraform-aws-modules/vpc/aws"
  
  name = "my-vpc"
  cidr = "10.0.0.0/16"
  
  azs             = ["us-east-1a", "us-east-1b"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24"]
  
  enable_nat_gateway = true
}

Commands

命令

bash
terraform init
terraform plan -out=plan.tfplan
terraform apply plan.tfplan
terraform destroy
bash
terraform init
terraform plan -out=plan.tfplan
terraform apply plan.tfplan
terraform destroy

Best Practices

最佳实践

  • Use remote state with locking
  • Implement module structure
  • Use workspaces or separate states per environment
  • Pin provider versions
  • Use data sources for AMIs
  • 使用带锁定功能的远程状态
  • 实现模块化结构
  • 为每个环境使用工作区或独立状态
  • 固定提供商版本
  • 为AMI使用数据源

Related Skills

相关技能

  • aws-vpc - VPC networking
  • aws-iam - IAM policies
  • aws-vpc - VPC网络
  • aws-iam - IAM策略