iT邦幫忙

2023 iThome 鐵人賽

DAY 14
0
DevOps

大家都在用 Terraform 實作 IaC 為什麼不將程式寫得更簡潔易讀呢?系列 第 14

實作 AWS 常用服務之 Terraform 模組系列 - Route Table 篇

  • 分享至 

  • xImage
  •  

AWS Route Table 模組實作

Route Table 是一個定義了 Subnet 內部和外部流量路由的網路路由規則集。每個 Subnet 都關聯到一個 Route Table,而 Route Table 則包含了一系列路由規則,指定了流量應該如何進行路由。
這些規則可用於將流量引導到 Internet Gateway、Virtual Private Gateway(用於連接到 AWS VPN 或 Direct Connect)或者 VPC 內部的其他資源。

本篇是實作常用的 AWS Route Table 服務之 Terraform 模組,完整的專案程式碼分享在我的 Github 上。

  1. 先定義整個專案檔案結構 AWS Route Table 模組放置於 ./modules/my_route_tables 目錄中:
├── configs
│   ├── subnet
│   │   └── my-subnets.yaml
│   └── vpc
│       └── my-vpcs.yaml
├── example.tfvars
├── locals.tf
├── main.tf
├── modules
│   ├── my_igw
│   ├── my_instances
│   ├── my_nacls
│   ├── my_route_tables
│   │   ├── outputs.tf
│   │   ├── provider.tf
│   │   ├── route_table.tf
│   │   ├── route_table_association.tf
│   │   └── variables.tf
│   ├── my_subnets
│   └── my_vpc
└── variables.tf
  1. 撰寫 my_route_tables 模組
  • ./modules/my_route_tables/outputs.tf:
output "my_public_rtb_id" {
  value = aws_route_table.my_public_rtb.id
}

output "my_application_rtb_id" {
  value = aws_route_table.my_application_rtb.id
}

output "my_intra_rtb_id" {
  value = aws_route_table.my_intra_rtb.id
}

output "my_persistence_rtb_id" {
  value = aws_route_table.my_persistence_rtb.id
}

output "my_nat_server_rtb_id" {
  value = aws_route_table.my_nat_server_rtb.id
}

  • ./modules/my_route_tables/provider.tf:
provider "aws" {
    region  = var.aws_region
    profile = var.aws_profile
}
  • ./modules/my_route_tables/variables.tf:
    變數 xxxxx_path 為傳入的 my-xxxxx.yaml 設定檔路徑位址,透過 yamldecode 取出 key 值 xxxxxs 的 value 為一 list 物件
variable "aws_region" {
  description = "AWS region"
  default     = "ap-northeast-1"
}

variable "aws_profile" {
  description = "AWS profile"
  default     = ""
}

variable "project_name" {
  type    = string
  description = "Project name"
  default = ""
}

variable "department_name" {
  type        = string
  description = "Department name"
  default     = "SRE"
}

variable "vpc_id" {
  type    = string
  description = "The id of VPC"
}

variable "public_subnet_ids" {
  type    = list(string)
  default = []
}

variable "application_subnet_ids" {
  type    = list(string)
  default = []
}

variable "intra_subnet_ids" {
  type    = list(string)
  default = []
}

variable "persistence_subnet_ids" {
  type    = list(string)
  default = []
}

variable "nat_server_subnet_ids" {
  type    = list(string)
  default = []
}

variable "public_routes" {
  type    = list(any)
  default = []
}

variable "application_routes" {
  type    = list(any)
  default = []
}

variable "intra_routes" {
  type    = list(any)
  default = []
}

variable "persistence_routes" {
  type    = list(any)
  default = []
}

variable "nat_server_routes" {
  type    = list(any)
  default = []
}

  • ./modules/my_route_tables/route_table.tf:
    這裡用到稍早提到的 dynamic block 再利用 for_each 來迭代 var.public_routes, var.application_routes, var.intra_routes, var.persistence_routesvar.nat_server_routes 五個物件,並建立對映的動態內容
    每個動態內容可以包含:
  • carrier_gateway_id
  • cidr_block
  • destination_prefix_list_id
  • egress_only_gateway_id
  • gateway_id
  • instance_id
  • ipv6_cidr_block
  • local_gateway_id
  • nat_gateway_id
  • network_interface_id
  • transit_gateway_id
  • vpc_endpoint_id
  • vpc_peering_connection_id
resource "aws_route_table" "my_public_rtb" {

  dynamic "route" {
    for_each = var.public_routes
    content {
      carrier_gateway_id         = lookup(route.value, "carrier_gateway_id", null)
      cidr_block                 = lookup(route.value, "cidr_block", null)
      destination_prefix_list_id = lookup(route.value, "destination_prefix_list_id", null)
      egress_only_gateway_id     = lookup(route.value, "egress_only_gateway_id", null)
      gateway_id                 = lookup(route.value, "gateway_id", null)
      # instance_id                = lookup(route.value, "instance_id", null)
      ipv6_cidr_block            = lookup(route.value, "ipv6_cidr_block", null)
      local_gateway_id           = lookup(route.value, "local_gateway_id", null)
      nat_gateway_id             = lookup(route.value, "nat_gateway_id", null)
      network_interface_id       = lookup(route.value, "network_interface_id", null)
      transit_gateway_id         = lookup(route.value, "transit_gateway_id", null)
      vpc_endpoint_id            = lookup(route.value, "vpc_endpoint_id", null)
      vpc_peering_connection_id  = lookup(route.value, "vpc_peering_connection_id", null)
    }
  }

  tags = {
    Department = var.department_name
    Name       = "${var.project_name}-public-rtb"
    Project    = var.project_name
  }

  tags_all = {
    Department = var.department_name
    Name       = "${var.project_name}-public-rtb"
    Project    = var.project_name
  }

  vpc_id = var.vpc_id

  depends_on = [
    var.vpc_id
  ]
}

resource "aws_route_table" "my_application_rtb" {
  dynamic "route" {
    for_each = var.application_routes
    content {
      carrier_gateway_id         = lookup(route.value, "carrier_gateway_id", null)
      cidr_block                 = lookup(route.value, "cidr_block", null)
      destination_prefix_list_id = lookup(route.value, "destination_prefix_list_id", null)
      egress_only_gateway_id     = lookup(route.value, "egress_only_gateway_id", null)
      gateway_id                 = lookup(route.value, "gateway_id", null)
      # instance_id                = lookup(route.value, "instance_id", null)
      ipv6_cidr_block            = lookup(route.value, "ipv6_cidr_block", null)
      local_gateway_id           = lookup(route.value, "local_gateway_id", null)
      nat_gateway_id             = lookup(route.value, "nat_gateway_id", null)
      network_interface_id       = lookup(route.value, "network_interface_id", null)
      transit_gateway_id         = lookup(route.value, "transit_gateway_id", null)
      vpc_endpoint_id            = lookup(route.value, "vpc_endpoint_id", null)
      vpc_peering_connection_id  = lookup(route.value, "vpc_peering_connection_id", null)
    }
  }

  tags = {
    Department = var.department_name
    Name       = "${var.project_name}-application-rtb"
    Project    = var.project_name
  }

  tags_all = {
    Department = var.department_name
    Name       = "${var.project_name}-application-rtb"
    Project    = var.project_name
  }

  vpc_id = var.vpc_id

  depends_on = [
    var.vpc_id
  ]
}

resource "aws_route_table" "my_intra_rtb" {
  dynamic "route" {
    for_each = var.intra_routes
    content {
      carrier_gateway_id         = lookup(route.value, "carrier_gateway_id", null)
      cidr_block                 = lookup(route.value, "cidr_block", null)
      destination_prefix_list_id = lookup(route.value, "destination_prefix_list_id", null)
      egress_only_gateway_id     = lookup(route.value, "egress_only_gateway_id", null)
      gateway_id                 = lookup(route.value, "gateway_id", null)
      # instance_id                = lookup(route.value, "instance_id", null)
      ipv6_cidr_block            = lookup(route.value, "ipv6_cidr_block", null)
      local_gateway_id           = lookup(route.value, "local_gateway_id", null)
      nat_gateway_id             = lookup(route.value, "nat_gateway_id", null)
      network_interface_id       = lookup(route.value, "network_interface_id", null)
      transit_gateway_id         = lookup(route.value, "transit_gateway_id", null)
      vpc_endpoint_id            = lookup(route.value, "vpc_endpoint_id", null)
      vpc_peering_connection_id  = lookup(route.value, "vpc_peering_connection_id", null)
    }
  }

  tags = {
    Department = var.department_name
    Name       = "${var.project_name}-intra-rtb"
    Project    = var.project_name
  }

  tags_all = {
    Department = var.department_name
    Name       = "${var.project_name}-intra-rtb"
    Project    = var.project_name
  }

  vpc_id = var.vpc_id

  depends_on = [
    var.vpc_id
  ]
}

resource "aws_route_table" "my_persistence_rtb" {
  dynamic "route" {
    for_each = var.persistence_routes
    content {
      carrier_gateway_id         = lookup(route.value, "carrier_gateway_id", null)
      cidr_block                 = lookup(route.value, "cidr_block", null)
      destination_prefix_list_id = lookup(route.value, "destination_prefix_list_id", null)
      egress_only_gateway_id     = lookup(route.value, "egress_only_gateway_id", null)
      gateway_id                 = lookup(route.value, "gateway_id", null)
      # instance_id                = lookup(route.value, "instance_id", null)
      ipv6_cidr_block            = lookup(route.value, "ipv6_cidr_block", null)
      local_gateway_id           = lookup(route.value, "local_gateway_id", null)
      nat_gateway_id             = lookup(route.value, "nat_gateway_id", null)
      network_interface_id       = lookup(route.value, "network_interface_id", null)
      transit_gateway_id         = lookup(route.value, "transit_gateway_id", null)
      vpc_endpoint_id            = lookup(route.value, "vpc_endpoint_id", null)
      vpc_peering_connection_id  = lookup(route.value, "vpc_peering_connection_id", null)
    }
  }

  tags = {
    Department = var.department_name
    Name       = "${var.project_name}-persistence-rtb"
    Project    = var.project_name
  }

  tags_all = {
    Department = var.department_name
    Name       = "${var.project_name}-persistence-rtb"
    Project    = var.project_name
  }

  vpc_id = var.vpc_id

  depends_on = [
    var.vpc_id
  ]
}

resource "aws_route_table" "my_nat_server_rtb" {
  dynamic "route" {
    for_each = var.nat_server_routes
    content {
      carrier_gateway_id         = lookup(route.value, "carrier_gateway_id", null)
      cidr_block                 = lookup(route.value, "cidr_block", null)
      destination_prefix_list_id = lookup(route.value, "destination_prefix_list_id", null)
      egress_only_gateway_id     = lookup(route.value, "egress_only_gateway_id", null)
      gateway_id                 = lookup(route.value, "gateway_id", null)
      # instance_id                = lookup(route.value, "instance_id", null)
      ipv6_cidr_block            = lookup(route.value, "ipv6_cidr_block", null)
      local_gateway_id           = lookup(route.value, "local_gateway_id", null)
      nat_gateway_id             = lookup(route.value, "nat_gateway_id", null)
      network_interface_id       = lookup(route.value, "network_interface_id", null)
      transit_gateway_id         = lookup(route.value, "transit_gateway_id", null)
      vpc_endpoint_id            = lookup(route.value, "vpc_endpoint_id", null)
      vpc_peering_connection_id  = lookup(route.value, "vpc_peering_connection_id", null)
    }
  }

  tags = {
    Department = var.department_name
    Name       = "${var.project_name}-nat-rtb"
    Project    = var.project_name
  }

  tags_all = {
    Department = var.department_name
    Name       = "${var.project_name}-nat-rtb"
    Project    = var.project_name
  }

  vpc_id = var.vpc_id

  depends_on = [
    var.vpc_id
  ]
}

  • ./modules/my_route_tables/route_table_association.tf:
    利用 for_each 來迭代 var.public_subnet_ids, var.application_subnet_ids, var.intra_subnet_ids, var.persistence_subnet_idsvar.nat_server_subnet_ids 五個物件,以 idx 為 key 值建立 map 物件

resource "aws_route_table_association" "my_public_rtb_accociation" {
  for_each = { for idx, r in var.public_subnet_ids : idx => r }

  route_table_id = aws_route_table.my_public_rtb.id
  subnet_id      = each.value

  depends_on = [
    var.public_subnet_ids,
    aws_route_table.my_public_rtb
  ]
}

resource "aws_route_table_association" "my_application_rtb_accociation" {
  for_each = { for idx, r in var.application_subnet_ids : idx => r }

  route_table_id = aws_route_table.my_application_rtb.id
  subnet_id      = each.value

  depends_on = [
    var.application_subnet_ids,
    aws_route_table.my_application_rtb
  ]
}

resource "aws_route_table_association" "my_intra_rtb_accociation" {
  for_each = { for idx, r in var.intra_subnet_ids : idx => r }

  route_table_id = aws_route_table.my_intra_rtb.id
  subnet_id      = each.value

  depends_on = [
    var.intra_subnet_ids,
    aws_route_table.my_intra_rtb
  ]
}

resource "aws_route_table_association" "my_persistence_rtb_accociation" {
  for_each = { for idx, r in var.persistence_subnet_ids : idx => r }

  route_table_id = aws_route_table.my_persistence_rtb.id
  subnet_id      = each.value

  depends_on = [
    var.persistence_subnet_ids,
    aws_route_table.my_persistence_rtb
  ]
}

resource "aws_route_table_association" "my_nat_server_rtb_accociation" {
  for_each = { for idx, r in var.nat_server_subnet_ids : idx => r }

  route_table_id = aws_route_table.my_nat_server_rtb.id
  subnet_id      = each.value

  depends_on = [
    var.nat_server_subnet_ids,
    aws_route_table.my_nat_server_rtb
  ]
}

  1. 撰寫專案相關程式
  • example.tfvars:
aws_region="ap-northeast-1"
aws_profile="<YOUR_PROFILE>"
project_name="example"
department_name="SRE"
ssh_key_name="<YOUR_SSH_KEY>"
  • main.tf:
terraform {
  required_providers {
    aws = {
      version = "5.15.0"
    }
  }

  backend "s3" {
    bucket                  = "<YOUR_S3_BUCKET_NAME>"
    dynamodb_table          = "<YOUR_DYNAMODB_TABLE_NAME>"
    key                     = "terraform.tfstate"
    region                  = "ap-northeast-1"
    shared_credentials_file = "~/.aws/config"
    profile                 = "<YOUR_PROFILE>"
  }
}

# vpc
module "vpc" {
  aws_profile     = var.aws_profile
  aws_region      = var.aws_region
  department_name = var.department_name
  project_name    = var.project_name
  vpc_path        = "./configs/vpc/my-vpcs.yaml"

  source = "./modules/my_vpc"
}

# subnet
module "subnet" {
  aws_profile     = var.aws_profile
  aws_region      = var.aws_region
  department_name = var.department_name
  project_name    = var.project_name
  vpc_id          = module.vpc.my_vpcs["my-vpc"].id
  subnet_path     = "./configs/subnet/my-subnets.yaml"

  source = "./modules/my_subnets"
}

module "igw" {
  aws_profile     = var.aws_profile
  aws_region      = var.aws_region
  department_name = var.department_name
  project_name    = var.project_name
  vpc_id          = module.vpc.my_vpcs["my-vpc"].id

  source = "./modules/my_igw"
}

# nacl
module "nacl" {
  # checkov:skip=CKV_AWS_230: check it later
  # checkov:skip=CKV_AWS_229: check it later
  # checkov:skip=CKV_AWS_232: check it later
  # checkov:skip=CKV_AWS_231: check it later
  aws_profile             = var.aws_profile
  aws_region              = var.aws_region
  department_name         = var.department_name
  project_name            = var.project_name
  vpc_cidr                = module.vpc.my_vpcs["my-vpc"].cidr_block
  vpc_id                  = module.vpc.my_vpcs["my-vpc"].id
  subnet_public_a_id      = module.subnet.subnets["my-public-ap-northeast-1a"].id
  subnet_public_c_id      = module.subnet.subnets["my-public-ap-northeast-1c"].id
  subnet_public_d_id      = module.subnet.subnets["my-public-ap-northeast-1d"].id
  subnet_application_a_id = module.subnet.subnets["my-application-ap-northeast-1a"].id
  subnet_application_c_id = module.subnet.subnets["my-application-ap-northeast-1c"].id
  subnet_application_d_id = module.subnet.subnets["my-application-ap-northeast-1d"].id
  subnet_intra_a_id       = module.subnet.subnets["my-intra-ap-northeast-1a"].id
  subnet_intra_c_id       = module.subnet.subnets["my-intra-ap-northeast-1c"].id
  subnet_intra_d_id       = module.subnet.subnets["my-intra-ap-northeast-1d"].id
  subnet_persistence_a_id = module.subnet.subnets["my-persistence-ap-northeast-1a"].id
  subnet_persistence_c_id = module.subnet.subnets["my-persistence-ap-northeast-1c"].id
  subnet_persistence_d_id = module.subnet.subnets["my-persistence-ap-northeast-1d"].id
  subnet_nat_server_id    = module.subnet.subnets["my-nat-server"].id

  source = "./modules/my_nacls"
}

resource "aws_security_group" "my_bastion_sg" {
  description = "Used for bastion instance public"

  ingress {
    cidr_blocks = local.bastion_allowed_ips
    description = "ssh from allowed ips"
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
  }

  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }

  name = "bastion-sg"

  tags = {
    Department = var.department_name
    Name       = "Bastion-SG"
    Project    = var.project_name
  }

  tags_all = {
    Department = var.department_name
    Name       = "Bastion-SG"
    Project    = var.project_name
  }

  vpc_id = module.vpc.my_vpcs["my-vpc"].id
}

resource "aws_security_group" "my_nat_server_sg" {
  description = "Used for NAT instance public"

  egress {
    cidr_blocks      = ["0.0.0.0/0"]
    from_port        = "0"
    ipv6_cidr_blocks = ["::/0"]
    protocol         = "-1"
    self             = "false"
    to_port          = "0"
  }

  ingress {
    cidr_blocks = [module.vpc.my_vpcs["my-vpc"].cidr_block]
    from_port   = "0"
    protocol    = "-1"
    self        = "false"
    to_port     = "0"
  }

  name = "nat-server-sg"

  tags = {
    Department = var.department_name
    Name       = "NAT-Server-SG"
    Project    = var.project_name
  }

  tags_all = {
    Department = var.department_name
    Name       = "NAT-Server-SG"
    Project    = var.project_name
  }

  vpc_id = module.vpc.my_vpcs["my-vpc"].id
}

# instances
module "instances" {
  # checkov:skip=CKV_AWS_8: check it later
  # checkov:skip=CKV_AWS_135:do it later
  # checkov:skip=CKV_AWS_79:do it later
  # checkov:skip=CKV_AWS_126:don't enable detail monitor in sandbox env

  aws_profile                   = var.aws_profile
  aws_region                    = var.aws_region
  department_name               = var.department_name
  project_name                  = var.project_name
  instance_type                 = "t3a.small"
  subnet_bastion_id             = module.subnet.subnets["my-public-ap-northeast-1d"].id
  subnet_nat_server_id          = module.subnet.subnets["my-nat-server"].id
  bastion_security_group_ids    = [aws_security_group.my_bastion_sg.id]
  nat_server_security_group_ids = [aws_security_group.my_nat_server_sg.id]
  ssh_key_name                  = var.ssh_key_name
  bastion_ami                   = local.bastion_ami
  bastion_ami_id                = null
  nat_server_ami_id             = null
  create_nat_server_instance    = true
  bastion_launch_template       = null
  bastion_user_data             = <<HERE
#!/bin/bash

echo "Do something you want here."

HERE

  source = "./modules/my_instances"
}

# elastic ip
module "eip" {
  aws_profile            = var.aws_profile
  aws_region             = var.aws_region
  department_name        = var.department_name
  project_name           = var.project_name
  bastion_instance_id    = module.instances.bastion_instance_id
  nat_server_instance_id = module.instances.nat_server_instance_id

  source = "./modules/my_eips"
}

# route table
module "rtb" {
  aws_profile     = var.aws_profile
  aws_region      = var.aws_region
  department_name = var.department_name
  project_name    = var.project_name
  vpc_id          = module.vpc.my_vpcs["my-vpc"].id

  public_subnet_ids = [
    module.subnet.subnets["my-public-ap-northeast-1a"].id,
    module.subnet.subnets["my-public-ap-northeast-1c"].id,
    module.subnet.subnets["my-public-ap-northeast-1d"].id
  ]

  application_subnet_ids = [
    module.subnet.subnets["my-application-ap-northeast-1a"].id,
    module.subnet.subnets["my-application-ap-northeast-1c"].id,
    module.subnet.subnets["my-application-ap-northeast-1d"].id
  ]

  intra_subnet_ids = [
    module.subnet.subnets["my-intra-ap-northeast-1a"].id,
    module.subnet.subnets["my-intra-ap-northeast-1c"].id,
    module.subnet.subnets["my-intra-ap-northeast-1d"].id
  ]

  persistence_subnet_ids = [
    module.subnet.subnets["my-persistence-ap-northeast-1a"].id,
    module.subnet.subnets["my-persistence-ap-northeast-1c"].id,
    module.subnet.subnets["my-persistence-ap-northeast-1d"].id
  ]

  nat_server_subnet_ids = [
    module.subnet.subnets["my-nat-server"].id
  ]

  public_routes = [
    {
      cidr_block = "0.0.0.0/0",
      gateway_id = module.igw.igw_id
    },
    {
      gateway_id      = module.igw.igw_id,
      ipv6_cidr_block = "::/0"
    }
  ]

  application_routes = [
    {
      cidr_block           = "0.0.0.0/0",
      network_interface_id = module.eip.nat_server_eip_assoc_eni_id
    }
  ]

  intra_routes = [
    {
      cidr_block           = "0.0.0.0/0",
      network_interface_id = module.eip.nat_server_eip_assoc_eni_id
    }
  ]

  persistence_routes = [
    {
      cidr_block           = "0.0.0.0/0",
      network_interface_id = module.eip.nat_server_eip_assoc_eni_id
    }
  ]

  nat_server_routes = [
    {
      cidr_block = "0.0.0.0/0"
      gateway_id = module.igw.igw_id
    }
  ]

  source = "./modules/my_route_tables"
}


Terraform 執行計畫

  1. 於專案目錄下執行 terraform init && terraform plan --out .plan -var-file=example.tfvars 來確認一下結果:

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  ... 中間省略 僅留下 module.rtb  ...

  # module.rtb.aws_route_table.my_application_rtb will be created
  + resource "aws_route_table" "my_application_rtb" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = ""
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = (known after apply)
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags             = {
          + "Department" = "SRE"
          + "Name"       = "example-application-rtb"
          + "Project"    = "example"
        }
      + tags_all         = {
          + "Department" = "SRE"
          + "Name"       = "example-application-rtb"
          + "Project"    = "example"
        }
      + vpc_id           = (known after apply)
    }

  # module.rtb.aws_route_table.my_intra_rtb will be created
  + resource "aws_route_table" "my_intra_rtb" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = ""
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = (known after apply)
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags             = {
          + "Department" = "SRE"
          + "Name"       = "example-intra-rtb"
          + "Project"    = "example"
        }
      + tags_all         = {
          + "Department" = "SRE"
          + "Name"       = "example-intra-rtb"
          + "Project"    = "example"
        }
      + vpc_id           = (known after apply)
    }

  # module.rtb.aws_route_table.my_nat_server_rtb will be created
  + resource "aws_route_table" "my_nat_server_rtb" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = (known after apply)
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = ""
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags             = {
          + "Department" = "SRE"
          + "Name"       = "example-nat-rtb"
          + "Project"    = "example"
        }
      + tags_all         = {
          + "Department" = "SRE"
          + "Name"       = "example-nat-rtb"
          + "Project"    = "example"
        }
      + vpc_id           = (known after apply)
    }

  # module.rtb.aws_route_table.my_persistence_rtb will be created
  + resource "aws_route_table" "my_persistence_rtb" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = ""
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = (known after apply)
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags             = {
          + "Department" = "SRE"
          + "Name"       = "example-persistence-rtb"
          + "Project"    = "example"
        }
      + tags_all         = {
          + "Department" = "SRE"
          + "Name"       = "example-persistence-rtb"
          + "Project"    = "example"
        }
      + vpc_id           = (known after apply)
    }

  # module.rtb.aws_route_table.my_public_rtb will be created
  + resource "aws_route_table" "my_public_rtb" {
      + arn              = (known after apply)
      + id               = (known after apply)
      + owner_id         = (known after apply)
      + propagating_vgws = (known after apply)
      + route            = [
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = ""
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = (known after apply)
              + ipv6_cidr_block            = "::/0"
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = ""
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
          + {
              + carrier_gateway_id         = ""
              + cidr_block                 = "0.0.0.0/0"
              + core_network_arn           = ""
              + destination_prefix_list_id = ""
              + egress_only_gateway_id     = ""
              + gateway_id                 = (known after apply)
              + ipv6_cidr_block            = ""
              + local_gateway_id           = ""
              + nat_gateway_id             = ""
              + network_interface_id       = ""
              + transit_gateway_id         = ""
              + vpc_endpoint_id            = ""
              + vpc_peering_connection_id  = ""
            },
        ]
      + tags             = {
          + "Department" = "SRE"
          + "Name"       = "example-public-rtb"
          + "Project"    = "example"
        }
      + tags_all         = {
          + "Department" = "SRE"
          + "Name"       = "example-public-rtb"
          + "Project"    = "example"
        }
      + vpc_id           = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_application_rtb_accociation["0"] will be created
  + resource "aws_route_table_association" "my_application_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_application_rtb_accociation["1"] will be created
  + resource "aws_route_table_association" "my_application_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_application_rtb_accociation["2"] will be created
  + resource "aws_route_table_association" "my_application_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_intra_rtb_accociation["0"] will be created
  + resource "aws_route_table_association" "my_intra_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_intra_rtb_accociation["1"] will be created
  + resource "aws_route_table_association" "my_intra_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_intra_rtb_accociation["2"] will be created
  + resource "aws_route_table_association" "my_intra_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_nat_server_rtb_accociation["0"] will be created
  + resource "aws_route_table_association" "my_nat_server_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_persistence_rtb_accociation["0"] will be created
  + resource "aws_route_table_association" "my_persistence_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_persistence_rtb_accociation["1"] will be created
  + resource "aws_route_table_association" "my_persistence_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_persistence_rtb_accociation["2"] will be created
  + resource "aws_route_table_association" "my_persistence_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_public_rtb_accociation["0"] will be created
  + resource "aws_route_table_association" "my_public_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_public_rtb_accociation["1"] will be created
  + resource "aws_route_table_association" "my_public_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.rtb.aws_route_table_association.my_public_rtb_accociation["2"] will be created
  + resource "aws_route_table_association" "my_public_rtb_accociation" {
      + id             = (known after apply)
      + route_table_id = (known after apply)
      + subnet_id      = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-application-ap-northeast-1a"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.4.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-application-ap-northeast-1a"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-application-ap-northeast-1a"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-application-ap-northeast-1c"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1c"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.5.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-application-ap-northeast-1c"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-application-ap-northeast-1c"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-application-ap-northeast-1d"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1d"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.6.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-application-ap-northeast-1d"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-application-ap-northeast-1d"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-intra-ap-northeast-1a"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.8.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-intra-ap-northeast-1a"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-intra-ap-northeast-1a"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-intra-ap-northeast-1c"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1c"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.9.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-intra-ap-northeast-1c"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-intra-ap-northeast-1c"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-intra-ap-northeast-1d"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1d"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.10.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-intra-ap-northeast-1d"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-intra-ap-northeast-1d"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-nat-server"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1d"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.3.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-nat-server"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-nat-server"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-persistence-ap-northeast-1a"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.16.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-persistence-ap-northeast-1a"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-persistence-ap-northeast-1a"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-persistence-ap-northeast-1c"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1c"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.17.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-persistence-ap-northeast-1c"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-persistence-ap-northeast-1c"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-persistence-ap-northeast-1d"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1d"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.18.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-persistence-ap-northeast-1d"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-persistence-ap-northeast-1d"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-public-ap-northeast-1a"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1a"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.0.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-public-ap-northeast-1a"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-public-ap-northeast-1a"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-public-ap-northeast-1c"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1c"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.1.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-public-ap-northeast-1c"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-public-ap-northeast-1c"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.subnet.aws_subnet.subnets["my-public-ap-northeast-1d"] will be created
  + resource "aws_subnet" "subnets" {
      + arn                                            = (known after apply)
      + assign_ipv6_address_on_creation                = false
      + availability_zone                              = "ap-northeast-1d"
      + availability_zone_id                           = (known after apply)
      + cidr_block                                     = "10.2.2.0/24"
      + enable_dns64                                   = false
      + enable_resource_name_dns_a_record_on_launch    = false
      + enable_resource_name_dns_aaaa_record_on_launch = false
      + id                                             = (known after apply)
      + ipv6_cidr_block_association_id                 = (known after apply)
      + ipv6_native                                    = false
      + map_customer_owned_ip_on_launch                = false
      + map_public_ip_on_launch                        = false
      + owner_id                                       = (known after apply)
      + private_dns_hostname_type_on_launch            = (known after apply)
      + tags                                           = {
          + "Department" = "SRE"
          + "Name"       = "my-public-ap-northeast-1d"
          + "Project"    = "example"
        }
      + tags_all                                       = {
          + "Department" = "SRE"
          + "Name"       = "my-public-ap-northeast-1d"
          + "Project"    = "example"
        }
      + vpc_id                                         = (known after apply)
    }

  # module.vpc.aws_vpc.my_vpcs["my-vpc"] will be created
  + resource "aws_vpc" "my_vpcs" {
      + arn                                  = (known after apply)
      + assign_generated_ipv6_cidr_block     = false
      + cidr_block                           = "10.2.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_dns_hostnames                 = true
      + enable_dns_support                   = true
      + enable_network_address_usage_metrics = (known after apply)
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags                                 = {
          + "Department" = "SRE"
          + "Name"       = "my-vpc"
          + "Project"    = "example"
        }
      + tags_all                             = {
          + "Department" = "SRE"
          + "Name"       = "my-vpc"
          + "Project"    = "example"
        }
    }

Plan: 45 to add, 0 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────

Saved the plan to: .plan

To perform exactly these actions, run the following command to apply:
    terraform apply ".plan"
Releasing state lock. This may take a few moments...

2. 於專案目錄下執行 `terraform apply '.plan'` 一次把這幾篇與 AWS Infra 相關的 modules 一次性建立起來。

下一篇文章將會展示實作 AWS IAM 篇 之 Terraform 模組。

上一篇
實作 AWS 常用服務之 Terraform 模組系列 - Elastic IP 篇
下一篇
實作 AWS 常用服務之 Terraform 模組系列 - IAM 篇
系列文
大家都在用 Terraform 實作 IaC 為什麼不將程式寫得更簡潔易讀呢?30
圖片
  直播研討會
圖片
{{ item.channelVendor }} {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

尚未有邦友留言

立即登入留言