{"id":2350,"date":"2025-03-24T08:47:37","date_gmt":"2025-03-23T23:47:37","guid":{"rendered":"https:\/\/dexall.co.jp\/articles\/?p=2350"},"modified":"2025-03-24T08:48:00","modified_gmt":"2025-03-23T23:48:00","slug":"%e3%80%90%e4%bf%9d%e5%ad%98%e7%89%88%e3%80%91terraform-for-aws%e5%85%a5%e9%96%80-2024%e5%b9%b4%e7%89%88%ef%bc%9a13%e3%81%ae%e5%ae%9f%e8%b7%b5%e7%9a%84%e3%83%a6%e3%83%bc%e3%82%b9%e3%82%b1%e3%83%bc","status":"publish","type":"post","link":"https:\/\/dexall.co.jp\/articles\/?p=2350","title":{"rendered":"\u3010\u4fdd\u5b58\u7248\u3011Terraform for AWS\u5165\u9580 2024\u5e74\u7248\uff1a13\u306e\u5b9f\u8df5\u7684\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u3068\u8a2d\u5b9a\u4f8b"},"content":{"rendered":"\n<div class=\"toc\"><br \/>\n<b>Warning<\/b>:  Undefined array key \"is_admin\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>116<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_category_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>121<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>128<\/b><br \/>\n    <div id=\"toc_container\" class=\"sgb-toc--bullets js-smooth-scroll\" data-dialog-title=\"\u76ee\u6b21\">\n      <p class=\"toc_title\">\u76ee\u6b21 <\/p>\n      <ul class=\"toc_list\">  <li class=\"first\">    <a href=\"#i-0\">Terraform for AWS\u3068\u306f\uff1f\u57fa\u790e\u304b\u3089\u7406\u89e3\u3059\u308b\u81ea\u52d5\u5316\u306e\u5a01\u529b<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-1\">AWS\u74b0\u5883\u306e\u69cb\u7bc9\u304c\u5287\u7684\u306b\u52b9\u7387\u5316\u3055\u308c\u308b\u4ed5\u7d44\u307f<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-2\">\u5f93\u6765\u306e\u624b\u52d5\u69cb\u7bc9vs Terraform\u306b\u3088\u308b\u81ea\u52d5\u5316\u306e\u6bd4\u8f03<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-6\">Terraform for AWS\u3092\u306f\u3058\u3081\u308b\u305f\u3081\u306e\u74b0\u5883\u69cb\u7bc9\u624b\u9806<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-7\">\u305f\u3063\u305f10\u5206\u3067\u5b8c\u4e86\u3059\u308b\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u65b9\u6cd5<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-11\">AWS\u30a2\u30ab\u30a6\u30f3\u30c8\u3068\u306e\u63a5\u7d9a\u8a2d\u5b9a\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-16\">13\u306e\u5b9f\u8df5\u7684\u306aTerraform for AWS\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-17\">VPC\u3068\u30b5\u30d6\u30cd\u30c3\u30c8\u306e\u81ea\u52d5\u69cb\u7bc9\u4f8b<\/a>      <\/li>      <li>        <a href=\"#i-18\">EC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306e\u52b9\u7387\u7684\u306a\u30c7\u30d7\u30ed\u30a4\u30e1\u30f3\u30c8<\/a>      <\/li>      <li>        <a href=\"#i-19\">S3\u30d0\u30b1\u30c3\u30c8\u306e\u30bb\u30ad\u30e5\u30a2\u306a\u4f5c\u6210\u3068\u7ba1\u7406<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-20\">RDS\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u69cb\u7bc9\u81ea\u52d5\u5316<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-21\">Terraform for AWS\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b92024<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-22\">\u5909\u6570\u7ba1\u7406\u3068\u30e2\u30b8\u30e5\u30fc\u30eb\u5316\u3067\u5b9f\u73fe\u3059\u308b\u4fdd\u5b88\u6027\u306e\u9ad8\u3044\u30b3\u30fc\u30c9<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-26\">\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u306e\u30bb\u30ad\u30e5\u30a2\u306a\u65b9\u6cd5\u3068\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u6226\u7565<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-30\">\u3088\u304f\u3042\u308bTerraform for AWS\u306e\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-31\">\u4f9d\u5b58\u95a2\u4fc2\u30a8\u30e9\u30fc\u306e\u89e3\u6c7a\u65b9\u6cd5<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-34\">\u30b9\u30c6\u30fc\u30c8\u7af6\u5408\u306e\u9632\u6b62\u3068\u89e3\u6c7a\u7b56<\/a>      <\/li>    <\/ul>  <\/li>  <li class=\"last\">    <a href=\"#i-38\">Terraform for AWS\u5c0e\u5165\u5f8c\u306e\u904b\u7528\u7ba1\u7406\u306e\u30b3\u30c4<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-39\">\u30c1\u30fc\u30e0\u958b\u767a\u306b\u304a\u3051\u308b\u52b9\u7387\u7684\u306a\u30ef\u30fc\u30af\u30d5\u30ed\u30fc<\/a>      <\/li>      <li>        <a href=\"#i-43\">\u30b3\u30b9\u30c8\u7ba1\u7406\u3068\u30ea\u30bd\u30fc\u30b9\u306e\u6700\u9069\u5316\u65b9\u6cd5<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-47\">\u904b\u7528\u7ba1\u7406\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>      <\/li>    <\/ul>  <\/li><\/ul>\n      <a href=\"#\" class=\"sgb-toc-button js-toc-button\" rel=\"nofollow\" data-open-dialog=\"true\"><i class=\"fa fa-list\"><\/i><span class=\"sgb-toc-button__text\">\u76ee\u6b21\u3078<\/span><\/a>\n    <\/div><\/div><h2 class=\"wp-block-heading\" id=\"i-0\">Terraform for AWS\u3068\u306f\uff1f\u57fa\u790e\u304b\u3089\u7406\u89e3\u3059\u308b\u81ea\u52d5\u5316\u306e\u5a01\u529b<\/h2>\n\n\n\n<p>AWS\u306e\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u3092\u52b9\u7387\u7684\u306b\u69cb\u7bc9\u30fb\u7ba1\u7406\u3059\u308b\u305f\u3081\u306b\u3001Infrastructure as Code\uff08IaC\uff09\u306e\u30a2\u30d7\u30ed\u30fc\u30c1\u304c\u4e0d\u53ef\u6b20\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u305d\u306e\u4e2d\u3067\u3082\u3001HashiCorp\u304c\u958b\u767a\u3059\u308bTerraform\u306f\u3001AWS\u30ea\u30bd\u30fc\u30b9\u3092\u5ba3\u8a00\u7684\u306b\u5b9a\u7fa9\u3057\u3001\u30d0\u30fc\u30b8\u30e7\u30f3\u7ba1\u7406\u53ef\u80fd\u306a\u30b3\u30fc\u30c9\u3068\u3057\u3066\u7ba1\u7406\u3067\u304d\u308b\u5f37\u529b\u306a\u30c4\u30fc\u30eb\u3067\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-1\">AWS\u74b0\u5883\u306e\u69cb\u7bc9\u304c\u5287\u7684\u306b\u52b9\u7387\u5316\u3055\u308c\u308b\u4ed5\u7d44\u307f<\/h3>\n\n\n\n<p>Terraform for AWS\u306e\u57fa\u672c\u7684\u306a\u4ed5\u7d44\u307f\u306f\u3001\u4ee5\u4e0b\u306e3\u3064\u306e\u30b9\u30c6\u30c3\u30d7\u3067\u52d5\u4f5c\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30ea\u30bd\u30fc\u30b9\u306e\u5ba3\u8a00<\/strong>\uff1aHCL\uff08HashiCorp Configuration Language\uff09\u3092\u4f7f\u7528\u3057\u3066\u3001\u5fc5\u8981\u306aAWS\u30ea\u30bd\u30fc\u30b9\u3092\u5b9a\u7fa9\u3057\u307e\u3059\u3002<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># VPC\u306e\u4f5c\u6210\u4f8b\nresource \"aws_vpc\" \"main\" {\n  cidr_block = \"10.0.0.0\/16\"\n\n  tags = {\n    Name = \"main-vpc\"\n    Environment = \"production\"\n  }\n}\n\n# \u30b5\u30d6\u30cd\u30c3\u30c8\u306e\u4f5c\u6210\u4f8b\nresource \"aws_subnet\" \"public\" {\n  vpc_id     = aws_vpc.main.id\n  cidr_block = \"10.0.1.0\/24\"\n\n  tags = {\n    Name = \"public-subnet\"\n  }\n}<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u30d7\u30e9\u30f3\u306e\u4f5c\u6210<\/strong>\uff1a<code>terraform plan<\/code> \u30b3\u30de\u30f3\u30c9\u306b\u3088\u308a\u3001\u73fe\u5728\u306e\u72b6\u614b\u3068\u76ee\u7684\u306e\u72b6\u614b\u306e\u5dee\u5206\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/li>\n\n\n\n<li><strong>\u30ea\u30bd\u30fc\u30b9\u306e\u9069\u7528<\/strong>\uff1a<code>terraform apply<\/code> \u30b3\u30de\u30f3\u30c9\u306b\u3088\u308a\u3001\u5b9a\u7fa9\u3057\u305f\u30ea\u30bd\u30fc\u30b9\u3092\u81ea\u52d5\u7684\u306b\u4f5c\u6210\u30fb\u66f4\u65b0\u3057\u307e\u3059\u3002<\/li>\n<\/ol>\n\n\n\n<p>\u3053\u306e\u4ed5\u7d44\u307f\u306b\u3088\u308a\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u52b9\u679c\u304c\u5f97\u3089\u308c\u307e\u3059\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u518d\u73fe\u6027\u306e\u5411\u4e0a<\/strong>\uff1a\u74b0\u5883\u69cb\u7bc9\u624b\u9806\u304c\u30b3\u30fc\u30c9\u5316\u3055\u308c\u3001\u8ab0\u304c\u5b9f\u884c\u3057\u3066\u3082\u540c\u3058\u7d50\u679c\u304c\u5f97\u3089\u308c\u307e\u3059<\/li>\n\n\n\n<li><strong>\u30d0\u30fc\u30b8\u30e7\u30f3\u7ba1\u7406<\/strong>\uff1aGit\u306a\u3069\u306eVCS\u3067\u69cb\u6210\u7ba1\u7406\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059<\/li>\n\n\n\n<li><strong>\u81ea\u52d5\u5316<\/strong>\uff1aCI\u30d1\u30a4\u30d7\u30e9\u30a4\u30f3\u306b\u7d44\u307f\u8fbc\u3080\u3053\u3068\u3067\u3001\u74b0\u5883\u69cb\u7bc9\u3092\u81ea\u52d5\u5316\u3067\u304d\u307e\u3059<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-2\">\u5f93\u6765\u306e\u624b\u52d5\u69cb\u7bc9vs Terraform\u306b\u3088\u308b\u81ea\u52d5\u5316\u306e\u6bd4\u8f03<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-3\">1. \u74b0\u5883\u69cb\u7bc9\u306b\u304b\u304b\u308b\u6642\u9593\u306e\u6bd4\u8f03<\/h4>\n\n\n<div id=\"id-f07deab5-2027-489d-93b1-d620ea42f71e\">\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u4f5c\u696d\u5185\u5bb9<\/th><th>\u624b\u52d5\u69cb\u7bc9<\/th><th>Terraform\u5229\u7528<\/th><th>\u524a\u6e1b\u7387<\/th><\/tr><\/thead><tbody><tr><td>VPC\u69cb\u7bc9<\/td><td>30\u5206<\/td><td>5\u5206<\/td><td>83%<\/td><\/tr><tr><td>\u30b5\u30d6\u30cd\u30c3\u30c8\u8a2d\u5b9a<\/td><td>20\u5206<\/td><td>3\u5206<\/td><td>85%<\/td><\/tr><tr><td>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u8a2d\u5b9a<\/td><td>25\u5206<\/td><td>4\u5206<\/td><td>84%<\/td><\/tr><tr><td>EC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u4f5c\u6210<\/td><td>15\u5206<\/td><td>2\u5206<\/td><td>87%<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n<h4 class=\"wp-block-heading\" id=\"i-4\">2. \u4e3b\u8981\u306a\u9055\u3044\u3068\u5229\u70b9<\/h4>\n\n\n\n<p><strong>\u624b\u52d5\u69cb\u7bc9\u306e\u8ab2\u984c\uff1a<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4eba\u7684\u30df\u30b9\u304c\u767a\u751f\u3057\u3084\u3059\u3044<\/li>\n\n\n\n<li>\u4f5c\u696d\u624b\u9806\u306e\u6587\u66f8\u5316\u304c\u5fc5\u8981<\/li>\n\n\n\n<li>\u74b0\u5883\u306e\u8907\u88fd\u304c\u56f0\u96e3<\/li>\n\n\n\n<li>\u5909\u66f4\u5c65\u6b74\u306e\u7ba1\u7406\u304c\u8907\u96d1<\/li>\n<\/ul>\n\n\n\n<p><strong>Terraform\u306b\u3088\u308b\u81ea\u52d5\u5316\u306e\u5229\u70b9\uff1a<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30b3\u30fc\u30c9\u306b\u3088\u308b\u4e00\u8cab\u6027\u306e\u3042\u308b\u74b0\u5883\u69cb\u7bc9<\/li>\n\n\n\n<li>\u30d0\u30fc\u30b8\u30e7\u30f3\u7ba1\u7406\u30b7\u30b9\u30c6\u30e0\u3068\u306e\u9023\u643a<\/li>\n\n\n\n<li>\u30e2\u30b8\u30e5\u30fc\u30eb\u5316\u306b\u3088\u308b\u518d\u5229\u7528\u6027\u306e\u5411\u4e0a<\/li>\n\n\n\n<li>\u5909\u66f4\u5c65\u6b74\u306e\u81ea\u52d5\u8a18\u9332<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-5\">3. \u5b9f\u969b\u306e\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u4f8b<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u672c\u756a\u74b0\u5883\u3068\u958b\u767a\u74b0\u5883\u306e\u69cb\u7bc9\u3092\u540c\u3058\u30b3\u30fc\u30c9\u3067\u5b9f\u73fe\nmodule \"vpc\" {\n  source = \".\/modules\/vpc\"\n\n  environment = var.environment  # \"prod\" \u307e\u305f\u306f \"dev\"\n  cidr_block  = var.vpc_cidr    # \u74b0\u5883\u3054\u3068\u306b\u7570\u306a\u308bCIDR\u3092\u6307\u5b9a\u53ef\u80fd\n\n  tags = {\n    Environment = var.environment\n    ManagedBy   = \"terraform\"\n  }\n}<\/pre>\n\n\n\n<p>\u3053\u306e\u3088\u3046\u306a\u30e2\u30b8\u30e5\u30fc\u30eb\u5316\u3055\u308c\u305f\u30b3\u30fc\u30c9\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u672c\u756a\u74b0\u5883\u3068\u958b\u767a\u74b0\u5883\u3092\u540c\u3058\u30b3\u30fc\u30c9\u30d9\u30fc\u30b9\u3067\u7ba1\u7406\u3067\u304d\u3001\u74b0\u5883\u9593\u306e\u4e00\u8cab\u6027\u3092\u4fdd\u3061\u306a\u304c\u3089\u3001\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u74b0\u5883\u56fa\u6709\u306e\u8a2d\u5b9a\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u304c\u53ef\u80fd\u3067\u3059\u3002<\/p>\n\n\n\n<p>Terraform\u3092\u5c0e\u5165\u3059\u308b\u3053\u3068\u3067\u3001\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u306e\u7ba1\u7406\u304c\u5287\u7684\u306b\u52b9\u7387\u5316\u3055\u308c\u3001\u904b\u7528\u30b3\u30b9\u30c8\u306e\u524a\u6e1b\u3068\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5411\u4e0a\u3092\u540c\u6642\u306b\u5b9f\u73fe\u3067\u304d\u307e\u3059\u3002\u6b21\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u306f\u3001\u5b9f\u969b\u306e\u74b0\u5883\u69cb\u7bc9\u624b\u9806\u306b\u3064\u3044\u3066\u8a73\u3057\u304f\u8aac\u660e\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-6\">Terraform for AWS\u3092\u306f\u3058\u3081\u308b\u305f\u3081\u306e\u74b0\u5883\u69cb\u7bc9\u624b\u9806<\/h2>\n\n\n\n<p>AWS\u74b0\u5883\u3067Terraform\u3092\u52b9\u679c\u7684\u306b\u4f7f\u7528\u3059\u308b\u305f\u3081\u306e\u74b0\u5883\u69cb\u7bc9\u624b\u9806\u3092\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u8003\u616e\u3057\u306a\u304c\u3089\u8a73\u3057\u304f\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-7\">\u305f\u3063\u305f10\u5206\u3067\u5b8c\u4e86\u3059\u308b\u521d\u671f\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-8\">1. \u524d\u63d0\u6761\u4ef6\u306e\u78ba\u8a8d<\/h4>\n\n\n\n<p>\u5fc5\u8981\u306a\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AWS \u30a2\u30ab\u30a6\u30f3\u30c8<\/li>\n\n\n\n<li>AWS CLI<\/li>\n\n\n\n<li>Terraform\uff08\u30d0\u30fc\u30b8\u30e7\u30f31.5.0\u4ee5\u4e0a\u63a8\u5968\uff09<\/li>\n\n\n\n<li>Git\uff08\u30d0\u30fc\u30b8\u30e7\u30f3\u7ba1\u7406\u7528\uff09<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-9\">2. Terraform\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n\n\n\n<p><strong>MacOS\u306e\u5834\u5408\uff1a<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Homebrew\u3092\u4f7f\u7528\u3057\u3066\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nbrew tap hashicorp\/tap\nbrew install hashicorp\/tap\/terraform\n\n# \u30d0\u30fc\u30b8\u30e7\u30f3\u78ba\u8a8d\nterraform version<\/pre>\n\n\n\n<p><strong>Linux\u306e\u5834\u5408\uff1a<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u5fc5\u8981\u306a\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nsudo apt-get update &amp;&amp; sudo apt-get install -y gnupg software-properties-common\n\n# HashiCorp\u306eGPG\u30ad\u30fc\u3092\u8ffd\u52a0\nwget -O- https:\/\/apt.releases.hashicorp.com\/gpg | \\\ngpg --dearmor | \\\nsudo tee \/usr\/share\/keyrings\/hashicorp-archive-keyring.gpg\n\n# \u30ea\u30dd\u30b8\u30c8\u30ea\u306e\u8ffd\u52a0\necho \"deb [signed-by=\/usr\/share\/keyrings\/hashicorp-archive-keyring.gpg] \\\nhttps:\/\/apt.releases.hashicorp.com $(lsb_release -cs) main\" | \\\nsudo tee \/etc\/apt\/sources.list.d\/hashicorp.list\n\n# Terraform\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nsudo apt-get update &amp;&amp; sudo apt-get install terraform<\/pre>\n\n\n\n<p><strong>Windows\u306e\u5834\u5408\uff1a<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Chocolatey\u3092\u4f7f\u7528\u3057\u3066\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nchoco install terraform\n\n# \u307e\u305f\u306f\u3001\u516c\u5f0f\u30b5\u30a4\u30c8\u304b\u3089\u30d0\u30a4\u30ca\u30ea\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u74b0\u5883\u5909\u6570\u306ePath\u306b\u8ffd\u52a0<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-10\">3. \u4f5c\u696d\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u6e96\u5099<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u4f5c\u6210\nmkdir terraform-aws-project\ncd terraform-aws-project\n\n# Git\u30ea\u30dd\u30b8\u30c8\u30ea\u306e\u521d\u671f\u5316\ngit init\n\n# .gitignore\u30d5\u30a1\u30a4\u30eb\u306e\u4f5c\u6210\ncat &lt;&lt; EOF &gt; .gitignore\n.terraform\n*.tfstate\n*.tfstate.*\n.terraform.lock.hcl\n*.tfvars\nEOF<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-11\">AWS\u30a2\u30ab\u30a6\u30f3\u30c8\u3068\u306e\u63a5\u7d9a\u8a2d\u5b9a\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-12\">1. IAM\u30e6\u30fc\u30b6\u30fc\u306e\u4f5c\u6210\u3068\u30dd\u30ea\u30b7\u30fc\u8a2d\u5b9a<\/h4>\n\n\n\n<p>AWS\u30b3\u30f3\u30bd\u30fc\u30eb\u3067\u4ee5\u4e0b\u306e\u624b\u9806\u3092\u5b9f\u884c\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>IAM\u30b3\u30f3\u30bd\u30fc\u30eb\u306b\u30a2\u30af\u30bb\u30b9<\/li>\n\n\n\n<li>\u300c\u30e6\u30fc\u30b6\u30fc\u300d\u2192\u300c\u30e6\u30fc\u30b6\u30fc\u3092\u8ffd\u52a0\u300d\u3092\u9078\u629e<\/li>\n\n\n\n<li>\u4ee5\u4e0b\u306e\u30dd\u30ea\u30b7\u30fc\u3092\u9069\u7528\uff1a<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"ec2:*\",\n                \"s3:*\",\n                \"vpc:*\",\n                \"iam:*\",\n                \"rds:*\"\n                \/\/ \u5fc5\u8981\u306b\u5fdc\u3058\u3066\u6a29\u9650\u3092\u8ffd\u52a0\n            ],\n            \"Resource\": \"*\"\n        }\n    ]\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-13\">2. AWS\u8a8d\u8a3c\u60c5\u5831\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p><strong>\u65b9\u6cd51: AWS CLI\u306e\u8a2d\u5b9a\uff08\u63a8\u5968\uff09<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># AWS CLI\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u78ba\u8a8d\naws --version\n\n# \u8a8d\u8a3c\u60c5\u5831\u306e\u8a2d\u5b9a\naws configure\n\n# \u4ee5\u4e0b\u306e\u60c5\u5831\u3092\u5165\u529b\n# AWS Access Key ID: [IAM\u30e6\u30fc\u30b6\u30fc\u306e\u30a2\u30af\u30bb\u30b9\u30ad\u30fc]\n# AWS Secret Access Key: [IAM\u30e6\u30fc\u30b6\u30fc\u306e\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u30ad\u30fc]\n# Default region name: [\u4f7f\u7528\u3059\u308b\u30ea\u30fc\u30b8\u30e7\u30f3\u4f8b\uff1aap-northeast-1]\n# Default output format: json<\/pre>\n\n\n\n<p><strong>\u65b9\u6cd52: \u74b0\u5883\u5909\u6570\u306e\u4f7f\u7528<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Linux\/MacOS\nexport AWS_ACCESS_KEY_ID=\"your_access_key\"\nexport AWS_SECRET_ACCESS_KEY=\"your_secret_key\"\nexport AWS_DEFAULT_REGION=\"ap-northeast-1\"\n\n# Windows PowerShell\n$env:AWS_ACCESS_KEY_ID=\"your_access_key\"\n$env:AWS_SECRET_ACCESS_KEY=\"your_secret_key\"\n$env:AWS_DEFAULT_REGION=\"ap-northeast-1\"<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-14\">3. Terraform\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># providers.tf\nterraform {\n  required_providers {\n    aws = {\n      source  = \"hashicorp\/aws\"\n      version = \"~&gt; 5.0\"\n    }\n  }\n\n  # \u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u7528\u306e\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u8a2d\u5b9a\uff08\u63a8\u5968\uff09\n  backend \"s3\" {\n    bucket = \"your-terraform-state-bucket\"\n    key    = \"terraform.tfstate\"\n    region = \"ap-northeast-1\"\n    encrypt = true\n  }\n}\n\nprovider \"aws\" {\n  region = \"ap-northeast-1\"\n\n  # \u30bf\u30b0\u306e\u81ea\u52d5\u4ed8\u4e0e\u8a2d\u5b9a\n  default_tags {\n    tags = {\n      Environment = \"production\"\n      ManagedBy   = \"terraform\"\n    }\n  }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-15\">4. \u52d5\u4f5c\u78ba\u8a8d<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u521d\u671f\u5316\nterraform init\n\n# \u7c21\u5358\u306a\u30ea\u30bd\u30fc\u30b9\u5b9a\u7fa9\u306e\u30c6\u30b9\u30c8\ncat &lt;&lt; EOF &gt; main.tf\nresource \"aws_s3_bucket\" \"test\" {\n  bucket = \"my-test-bucket-${random_string.suffix.result}\"\n}\n\nresource \"random_string\" \"suffix\" {\n  length  = 8\n  special = false\n}\nEOF\n\n# \u8a2d\u5b9a\u306e\u78ba\u8a8d\nterraform plan<\/pre>\n\n\n\n<p><strong>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\uff1a<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u6700\u5c0f\u6a29\u9650\u306e\u539f\u5247\u306b\u5f93\u3046<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IAM\u30dd\u30ea\u30b7\u30fc\u306f\u5fc5\u8981\u6700\u5c0f\u9650\u306e\u6a29\u9650\u306e\u307f\u3092\u4ed8\u4e0e<\/li>\n\n\n\n<li>\u74b0\u5883\u3054\u3068\u306b\u7570\u306a\u308bIAM\u30e6\u30fc\u30b6\u30fc\u3092\u4f7f\u7528<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u8a8d\u8a3c\u60c5\u5831\u306e\u4fdd\u8b77<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306f\u5b9a\u671f\u7684\u306b\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3<\/li>\n\n\n\n<li>\u8a8d\u8a3c\u60c5\u5831\u3092Git\u306b\u30b3\u30df\u30c3\u30c8\u3057\u306a\u3044<\/li>\n\n\n\n<li>AWS KMS\u3092\u4f7f\u7528\u3057\u305f\u6697\u53f7\u5316\u3092\u691c\u8a0e<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>S3\u30d0\u30b1\u30c3\u30c8\u306e\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3092\u6709\u52b9\u5316<\/li>\n\n\n\n<li>\u30b9\u30c6\u30fc\u30c8\u30d5\u30a1\u30a4\u30eb\u306e\u6697\u53f7\u5316\u3092\u5fc5\u305a\u6709\u52b9\u5316<\/li>\n\n\n\n<li>S3\u30d0\u30b1\u30c3\u30c8\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u5236\u9650<\/li>\n<\/ul>\n\n\n\n<p>\u3053\u308c\u3067\u57fa\u672c\u7684\u306a\u74b0\u5883\u69cb\u7bc9\u306f\u5b8c\u4e86\u3067\u3059\u3002\u6b21\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u306f\u3001\u3053\u306e\u74b0\u5883\u3092\u4f7f\u7528\u3057\u305f\u5b9f\u8df5\u7684\u306a\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u306b\u3064\u3044\u3066\u8aac\u660e\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-16\">13\u306e\u5b9f\u8df5\u7684\u306aTerraform for AWS\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9<\/h2>\n\n\n\n<p>\u5b9f\u52d9\u3067\u5373\u6d3b\u7528\u3067\u304d\u308b\u4ee3\u8868\u7684\u306a\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u3068\u5b9f\u88c5\u4f8b\u3092\u7d39\u4ecb\u3057\u307e\u3059\u3002\u5404\u5b9f\u88c5\u4f8b\u306f\u672c\u756a\u74b0\u5883\u3067\u306e\u4f7f\u7528\u3092\u60f3\u5b9a\u3057\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3068\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3092\u8003\u616e\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-17\">VPC\u3068\u30b5\u30d6\u30cd\u30c3\u30c8\u306e\u81ea\u52d5\u69cb\u7bc9\u4f8b<\/h3>\n\n\n\n<p>\u30de\u30eb\u30c1AZ\u69cb\u6210\u306e\u5805\u7262\u306a\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u74b0\u5883\u3092\u69cb\u7bc9\u3059\u308b\u4f8b\u3092\u793a\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># vpc.tf\nmodule \"vpc\" {\n  source = \".\/modules\/vpc\"\n\n  vpc_cidr = \"10.0.0.0\/16\"\n  environment = var.environment\n\n  # \u30d1\u30d6\u30ea\u30c3\u30af\u30b5\u30d6\u30cd\u30c3\u30c8\u8a2d\u5b9a\n  public_subnets = {\n    \"ap-northeast-1a\" = \"10.0.1.0\/24\"\n    \"ap-northeast-1c\" = \"10.0.2.0\/24\"\n  }\n\n  # \u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30b5\u30d6\u30cd\u30c3\u30c8\u8a2d\u5b9a\n  private_subnets = {\n    \"ap-northeast-1a\" = \"10.0.10.0\/24\"\n    \"ap-northeast-1c\" = \"10.0.11.0\/24\"\n  }\n\n  # \u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u7528\u30b5\u30d6\u30cd\u30c3\u30c8\u8a2d\u5b9a\n  database_subnets = {\n    \"ap-northeast-1a\" = \"10.0.20.0\/24\"\n    \"ap-northeast-1c\" = \"10.0.21.0\/24\"\n  }\n\n  tags = {\n    Environment = var.environment\n    ManagedBy   = \"terraform\"\n  }\n}\n\n# NAT Gateway\u7528\u306eElastic IP\nresource \"aws_eip\" \"nat\" {\n  domain = \"vpc\"\n  tags = {\n    Name = \"nat-gateway-eip\"\n  }\n}\n\n# \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u306e\u5b9a\u7fa9\nresource \"aws_security_group\" \"web\" {\n  name        = \"web-sg\"\n  description = \"Security group for web servers\"\n  vpc_id      = module.vpc.vpc_id\n\n  ingress {\n    from_port   = 80\n    to_port     = 80\n    protocol    = \"tcp\"\n    cidr_blocks = [\"0.0.0.0\/0\"]\n  }\n\n  ingress {\n    from_port   = 443\n    to_port     = 443\n    protocol    = \"tcp\"\n    cidr_blocks = [\"0.0.0.0\/0\"]\n  }\n\n  egress {\n    from_port   = 0\n    to_port     = 0\n    protocol    = \"-1\"\n    cidr_blocks = [\"0.0.0.0\/0\"]\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-18\">EC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306e\u52b9\u7387\u7684\u306a\u30c7\u30d7\u30ed\u30a4\u30e1\u30f3\u30c8<\/h3>\n\n\n\n<p>Auto Scaling\u3092\u5229\u7528\u3057\u305f\u53ef\u7528\u6027\u306e\u9ad8\u3044EC2\u74b0\u5883\u3092\u69cb\u7bc9\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># ec2.tf\nmodule \"ec2_cluster\" {\n  source = \".\/modules\/ec2-cluster\"\n\n  name                = \"web-cluster\"\n  instance_type      = \"t3.micro\"\n  min_size           = 2\n  max_size           = 4\n  desired_capacity   = 2\n  vpc_id             = module.vpc.vpc_id\n  subnet_ids         = module.vpc.private_subnet_ids\n  security_group_ids = [aws_security_group.web.id]\n\n  user_data = &lt;&lt;-EOF\n              #!\/bin\/bash\n              yum update -y\n              yum install -y httpd\n              systemctl start httpd\n              systemctl enable httpd\n              EOF\n\n  tags = {\n    Environment = var.environment\n    Service     = \"web\"\n  }\n\n  # \u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u306e\u8a2d\u5b9a\n  iam_instance_profile = aws_iam_instance_profile.web_profile.name\n\n  # EBS\u30dc\u30ea\u30e5\u30fc\u30e0\u8a2d\u5b9a\n  root_block_device = {\n    volume_size = 20\n    volume_type = \"gp3\"\n    encrypted   = true\n  }\n}\n\n# ALB\u306e\u8a2d\u5b9a\nresource \"aws_lb\" \"web\" {\n  name               = \"web-alb\"\n  internal           = false\n  load_balancer_type = \"application\"\n  security_groups    = [aws_security_group.alb.id]\n  subnets            = module.vpc.public_subnet_ids\n\n  enable_deletion_protection = true\n\n  tags = {\n    Environment = var.environment\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-19\">S3\u30d0\u30b1\u30c3\u30c8\u306e\u30bb\u30ad\u30e5\u30a2\u306a\u4f5c\u6210\u3068\u7ba1\u7406<\/h3>\n\n\n\n<p>\u6697\u53f7\u5316\u3068\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3092\u6709\u52b9\u306b\u3057\u305fS3\u30d0\u30b1\u30c3\u30c8\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># s3.tf\nresource \"aws_s3_bucket\" \"app_data\" {\n  bucket = \"my-secure-app-data-${data.aws_caller_identity.current.account_id}\"\n\n  tags = {\n    Environment = var.environment\n    Purpose     = \"application-data\"\n  }\n}\n\n# \u30d0\u30b1\u30c3\u30c8\u306e\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u8a2d\u5b9a\nresource \"aws_s3_bucket_versioning\" \"app_data\" {\n  bucket = aws_s3_bucket.app_data.id\n  versioning_configuration {\n    status = \"Enabled\"\n  }\n}\n\n# \u30b5\u30fc\u30d0\u30fc\u30b5\u30a4\u30c9\u6697\u53f7\u5316\u306e\u8a2d\u5b9a\nresource \"aws_s3_bucket_server_side_encryption_configuration\" \"app_data\" {\n  bucket = aws_s3_bucket.app_data.id\n\n  rule {\n    apply_server_side_encryption_by_default {\n      sse_algorithm = \"aws:kms\"\n      kms_master_key_id = aws_kms_key.s3_key.id\n    }\n  }\n}\n\n# \u30d1\u30d6\u30ea\u30c3\u30af\u30a2\u30af\u30bb\u30b9\u306e\u30d6\u30ed\u30c3\u30af\nresource \"aws_s3_bucket_public_access_block\" \"app_data\" {\n  bucket = aws_s3_bucket.app_data.id\n\n  block_public_acls       = true\n  block_public_policy     = true\n  ignore_public_acls      = true\n  restrict_public_buckets = true\n}\n\n# \u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\nresource \"aws_s3_bucket_policy\" \"app_data\" {\n  bucket = aws_s3_bucket.app_data.id\n\n  policy = jsonencode({\n    Version = \"2012-10-17\"\n    Statement = [\n      {\n        Sid       = \"EnforceTLS\"\n        Effect    = \"Deny\"\n        Principal = \"*\"\n        Action    = \"s3:*\"\n        Resource = [\n          aws_s3_bucket.app_data.arn,\n          \"${aws_s3_bucket.app_data.arn}\/*\"\n        ]\n        Condition = {\n          Bool = {\n            \"aws:SecureTransport\" = \"false\"\n          }\n        }\n      }\n    ]\n  })\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-20\">RDS\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u69cb\u7bc9\u81ea\u52d5\u5316<\/h3>\n\n\n\n<p>\u30de\u30eb\u30c1AZ\u69cb\u6210\u306eRDS\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3092\u4f5c\u6210\u3057\u3001\u81ea\u52d5\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># rds.tf\nmodule \"db\" {\n  source = \".\/modules\/rds\"\n\n  identifier = \"production-db\"\n\n  engine            = \"postgres\"\n  engine_version    = \"14.7\"\n  instance_class    = \"db.t3.medium\"\n  allocated_storage = 20\n  storage_encrypted = true\n\n  # \u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u8a2d\u5b9a\n  db_name  = \"myapp\"\n  username = \"dbadmin\"\n  password = data.aws_secretsmanager_secret_version.db_password.secret_string\n\n  # \u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u8a2d\u5b9a\n  vpc_security_group_ids = [aws_security_group.db.id]\n  subnet_ids            = module.vpc.database_subnet_ids\n\n  # \u30de\u30eb\u30c1AZ\u8a2d\u5b9a\n  multi_az = true\n\n  # \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u8a2d\u5b9a\n  backup_retention_period = 7\n  backup_window          = \"03:00-04:00\"\n  maintenance_window     = \"Mon:04:00-Mon:05:00\"\n\n  # \u30d1\u30e9\u30e1\u30fc\u30bf\u30b0\u30eb\u30fc\u30d7\u8a2d\u5b9a\n  parameters = [\n    {\n      name  = \"max_connections\"\n      value = \"100\"\n    },\n    {\n      name  = \"shared_buffers\"\n      value = \"{DBInstanceClassMemory\/32768}\"\n    }\n  ]\n\n  tags = {\n    Environment = var.environment\n    ManagedBy   = \"terraform\"\n  }\n}\n\n# \u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u7528\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\nresource \"aws_security_group\" \"db\" {\n  name        = \"database-sg\"\n  description = \"Security group for database\"\n  vpc_id      = module.vpc.vpc_id\n\n  ingress {\n    from_port       = 5432\n    to_port         = 5432\n    protocol        = \"tcp\"\n    security_groups = [aws_security_group.web.id]\n  }\n}<\/pre>\n\n\n\n<p>\u5404\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u306b\u304a\u3051\u308b\u91cd\u8981\u306a\u30dd\u30a4\u30f3\u30c8\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>VPC\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u8a2d\u8a08<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30de\u30eb\u30c1AZ\u69cb\u6210\u306b\u3088\u308b\u9ad8\u53ef\u7528\u6027<\/li>\n\n\n\n<li>\u30d1\u30d6\u30ea\u30c3\u30af\/\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30b5\u30d6\u30cd\u30c3\u30c8\u306e\u9069\u5207\u306a\u5206\u96e2<\/li>\n\n\n\n<li>NAT\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u306b\u3088\u308b\u5916\u90e8\u63a5\u7d9a<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>EC2\u30c7\u30d7\u30ed\u30a4\u30e1\u30f3\u30c8<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Auto Scaling\u306b\u3088\u308b\u81ea\u52d5\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0<\/li>\n\n\n\n<li>ALB\u306b\u3088\u308b\u8ca0\u8377\u5206\u6563<\/li>\n\n\n\n<li>\u30ab\u30b9\u30bf\u30e0IAM\u30ed\u30fc\u30eb\u306e\u9069\u7528<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>S3\u30d0\u30b1\u30c3\u30c8\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>KMS\u306b\u3088\u308b\u6697\u53f7\u5316<\/li>\n\n\n\n<li>\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u306e\u6709\u52b9\u5316<\/li>\n\n\n\n<li>\u30d1\u30d6\u30ea\u30c3\u30af\u30a2\u30af\u30bb\u30b9\u306e\u5b8c\u5168\u30d6\u30ed\u30c3\u30af<\/li>\n\n\n\n<li>TLS\u901a\u4fe1\u306e\u5f37\u5236<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>RDS\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u69cb\u6210<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30de\u30eb\u30c1AZ\u69cb\u6210<\/li>\n\n\n\n<li>\u81ea\u52d5\u30d0\u30c3\u30af\u30a2\u30c3\u30d7<\/li>\n\n\n\n<li>\u30d1\u30e9\u30e1\u30fc\u30bf\u30b0\u30eb\u30fc\u30d7\u306e\u30ab\u30b9\u30bf\u30de\u30a4\u30ba<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u306b\u3088\u308b\u30a2\u30af\u30bb\u30b9\u5236\u5fa1<\/li>\n<\/ul>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u306f\u3001\u672c\u756a\u74b0\u5883\u3067\u306e\u5b9f\u7528\u3092\u60f3\u5b9a\u3057\u3066\u8a2d\u8a08\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u5404\u5b9f\u88c5\u306f\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u30ab\u30b9\u30bf\u30de\u30a4\u30ba\u3057\u3001\u81ea\u8eab\u306e\u74b0\u5883\u306b\u5408\u308f\u305b\u3066\u8abf\u6574\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-21\">Terraform for AWS\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b92024<\/h2>\n\n\n\n<p>2024\u5e74\u306b\u304a\u3051\u308b\u52b9\u7387\u7684\u306aTerraform\u7ba1\u7406\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3092\u3001\u5177\u4f53\u7684\u306a\u5b9f\u88c5\u4f8b\u3068\u5171\u306b\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-22\">\u5909\u6570\u7ba1\u7406\u3068\u30e2\u30b8\u30e5\u30fc\u30eb\u5316\u3067\u5b9f\u73fe\u3059\u308b\u4fdd\u5b88\u6027\u306e\u9ad8\u3044\u30b3\u30fc\u30c9<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-23\">1. \u52b9\u7387\u7684\u306a\u5909\u6570\u7ba1\u7406<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># variables.tf\nvariable \"environment\" {\n  description = \"\u74b0\u5883\u540d\uff08production\/staging\/development\uff09\"\n  type        = string\n  validation {\n    condition     = contains([\"production\", \"staging\", \"development\"], var.environment)\n    error_message = \"\u74b0\u5883\u540d\u306f 'production', 'staging', 'development' \u306e\u3044\u305a\u308c\u304b\u3067\u3042\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\"\n  }\n}\n\nvariable \"vpc_config\" {\n  description = \"VPC\u8a2d\u5b9a\"\n  type = object({\n    cidr_block = string\n    azs        = list(string)\n    subnets = object({\n      public    = map(string)\n      private   = map(string)\n      database  = map(string)\n    })\n  })\n\n  validation {\n    condition     = can(cidrhost(var.vpc_config.cidr_block, 0))\n    error_message = \"VPC\u306eCIDR\u30d6\u30ed\u30c3\u30af\u304c\u4e0d\u6b63\u3067\u3059\u3002\"\n  }\n}\n\n# terraform.tfvars\nenvironment = \"production\"\nvpc_config = {\n  cidr_block = \"10.0.0.0\/16\"\n  azs        = [\"ap-northeast-1a\", \"ap-northeast-1c\"]\n  subnets = {\n    public = {\n      \"ap-northeast-1a\" = \"10.0.1.0\/24\"\n      \"ap-northeast-1c\" = \"10.0.2.0\/24\"\n    }\n    private = {\n      \"ap-northeast-1a\" = \"10.0.10.0\/24\"\n      \"ap-northeast-1c\" = \"10.0.11.0\/24\"\n    }\n    database = {\n      \"ap-northeast-1a\" = \"10.0.20.0\/24\"\n      \"ap-northeast-1c\" = \"10.0.21.0\/24\"\n    }\n  }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-24\">2. \u518d\u5229\u7528\u53ef\u80fd\u306a\u30e2\u30b8\u30e5\u30fc\u30eb\u8a2d\u8a08<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># modules\/vpc\/main.tf\nmodule \"vpc\" {\n  source = \".\/modules\/vpc\"\n\n  # \u57fa\u672c\u8a2d\u5b9a\n  name               = \"${var.environment}-vpc\"\n  cidr               = var.vpc_config.cidr_block\n  azs                = var.vpc_config.azs\n  private_subnets    = values(var.vpc_config.subnets.private)\n  public_subnets     = values(var.vpc_config.subnets.public)\n  database_subnets   = values(var.vpc_config.subnets.database)\n\n  # DNS\u30b5\u30dd\u30fc\u30c8\n  enable_dns_hostnames = true\n  enable_dns_support   = true\n\n  # NAT\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u8a2d\u5b9a\n  enable_nat_gateway     = true\n  single_nat_gateway     = var.environment != \"production\"\n  one_nat_gateway_per_az = var.environment == \"production\"\n\n  # \u30bf\u30b0\u8a2d\u5b9a\n  tags = local.common_tags\n  vpc_tags = merge(local.common_tags, {\n    Name = \"${var.environment}-vpc\"\n  })\n}\n\n# modules\/vpc\/outputs.tf\noutput \"vpc_id\" {\n  description = \"VPC ID\"\n  value       = module.vpc.vpc_id\n}\n\noutput \"private_subnet_ids\" {\n  description = \"\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30b5\u30d6\u30cd\u30c3\u30c8\u306eID\u4e00\u89a7\"\n  value       = module.vpc.private_subnets\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-25\">3. \u74b0\u5883\u5225\u306e\u8a2d\u5b9a\u7ba1\u7406<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># environments\/production\/main.tf\nmodule \"production\" {\n  source = \"..\/..\/modules\/vpc\"\n\n  environment = \"production\"\n  vpc_config  = {\n    cidr_block = \"10.0.0.0\/16\"\n    azs        = [\"ap-northeast-1a\", \"ap-northeast-1c\", \"ap-northeast-1d\"]\n    subnets    = {\n      public   = {\n        \"ap-northeast-1a\" = \"10.0.1.0\/24\"\n        \"ap-northeast-1c\" = \"10.0.2.0\/24\"\n        \"ap-northeast-1d\" = \"10.0.3.0\/24\"\n      }\n      private  = {\n        \"ap-northeast-1a\" = \"10.0.10.0\/24\"\n        \"ap-northeast-1c\" = \"10.0.11.0\/24\"\n        \"ap-northeast-1d\" = \"10.0.12.0\/24\"\n      }\n      database = {\n        \"ap-northeast-1a\" = \"10.0.20.0\/24\"\n        \"ap-northeast-1c\" = \"10.0.21.0\/24\"\n        \"ap-northeast-1d\" = \"10.0.22.0\/24\"\n      }\n    }\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-26\">\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u306e\u30bb\u30ad\u30e5\u30a2\u306a\u65b9\u6cd5\u3068\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u6226\u7565<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-27\">1. S3\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># backend.tf\nterraform {\n  backend \"s3\" {\n    bucket         = \"terraform-state-${data.aws_caller_identity.current.account_id}\"\n    key            = \"terraform.tfstate\"\n    region         = \"ap-northeast-1\"\n    encrypt        = true\n    dynamodb_table = \"terraform-state-lock\"\n  }\n}\n\n# DynamoDB\u306b\u3088\u308b\u30b9\u30c6\u30fc\u30c8\u30ed\u30c3\u30af\nresource \"aws_dynamodb_table\" \"terraform_state_lock\" {\n  name           = \"terraform-state-lock\"\n  billing_mode   = \"PAY_PER_REQUEST\"\n  hash_key       = \"LockID\"\n\n  attribute {\n    name = \"LockID\"\n    type = \"S\"\n  }\n\n  tags = {\n    Name        = \"terraform-state-lock\"\n    Environment = var.environment\n  }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-28\">2. \u30b9\u30c6\u30fc\u30c8\u30d5\u30a1\u30a4\u30eb\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># S3\u30d0\u30b1\u30c3\u30c8\u306e\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u8a2d\u5b9a\nresource \"aws_s3_bucket_versioning\" \"state\" {\n  bucket = aws_s3_bucket.terraform_state.id\n  versioning_configuration {\n    status = \"Enabled\"\n  }\n}\n\n# \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u30eb\u30fc\u30eb\nresource \"aws_s3_bucket_lifecycle_configuration\" \"state_backup\" {\n  bucket = aws_s3_bucket.terraform_state.id\n\n  rule {\n    id     = \"state-backup\"\n    status = \"Enabled\"\n\n    noncurrent_version_transition {\n      noncurrent_days = 30\n      storage_class   = \"STANDARD_IA\"\n    }\n\n    noncurrent_version_transition {\n      noncurrent_days = 60\n      storage_class   = \"GLACIER\"\n    }\n\n    noncurrent_version_expiration {\n      noncurrent_days = 90\n    }\n  }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-29\">\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u306e\u307e\u3068\u3081<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b3\u30fc\u30c9\u69cb\u9020\u306e\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u74b0\u5883\u5225\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u69cb\u9020<\/li>\n\n\n\n<li>\u5171\u901a\u30e2\u30b8\u30e5\u30fc\u30eb\u306e\u4f5c\u6210<\/li>\n\n\n\n<li>\u5909\u6570\u306e\u30d0\u30ea\u30c7\u30fc\u30b7\u30e7\u30f3\u5b9f\u88c5<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u547d\u540d\u898f\u5247\u306e\u7d71\u4e00<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   locals {\n     common_tags = {\n       Environment = var.environment\n       ManagedBy   = \"terraform\"\n       Project     = var.project_name\n       Owner       = var.team_name\n     }\n   }<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6697\u53f7\u5316\u306e\u5fb9\u5e95<\/li>\n\n\n\n<li>\u6700\u5c0f\u6a29\u9650\u306e\u539f\u5247\u9069\u7528<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u306e\u9069\u5207\u306a\u8a2d\u5b9a<\/li>\n<\/ul>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u904b\u7528\u52b9\u7387\u306e\u5411\u4e0a<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30c6\u30e9\u30d5\u30a9\u30fc\u30e0\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u306e\u6d3b\u7528<\/li>\n\n\n\n<li>CI\u30d1\u30a4\u30d7\u30e9\u30a4\u30f3\u3068\u306e\u7d71\u5408<\/li>\n\n\n\n<li>\u30b3\u30fc\u30c9\u30ec\u30d3\u30e5\u30fc\u30d7\u30ed\u30bb\u30b9\u306e\u78ba\u7acb<\/li>\n<\/ul>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u4fdd\u5b88\u6027\u304c\u9ad8\u304f\u3001\u30bb\u30ad\u30e5\u30a2\u306a\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u306e\u7ba1\u7406\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-30\">\u3088\u304f\u3042\u308bTerraform for AWS\u306e\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0<\/h2>\n\n\n\n<p>Terraform\u3092\u4f7f\u7528\u3057\u305fAWS\u74b0\u5883\u306e\u69cb\u7bc9\u30fb\u7ba1\u7406\u306b\u304a\u3044\u3066\u767a\u751f\u3057\u3084\u3059\u3044\u554f\u984c\u3068\u305d\u306e\u89e3\u6c7a\u65b9\u6cd5\u3092\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-31\">\u4f9d\u5b58\u95a2\u4fc2\u30a8\u30e9\u30fc\u306e\u89e3\u6c7a\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-32\">1. \u6697\u9ed9\u7684\u4f9d\u5b58\u95a2\u4fc2\u306b\u3088\u308b\u30a8\u30e9\u30fc<\/h4>\n\n\n\n<p><strong>\u30a8\u30e9\u30fc\u4f8b<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">Error: Error creating instance: InvalidParameterValue: Value () for parameter \nSubnetId is invalid. Please check the value of your parameter.<\/pre>\n\n\n\n<p><strong>\u89e3\u6c7a\u65b9\u6cd5<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u660e\u793a\u7684\u306a\u4f9d\u5b58\u95a2\u4fc2\u306e\u5b9a\u7fa9\nresource \"aws_instance\" \"web\" {\n  ami           = \"ami-0123456789abcdef0\"\n  instance_type = \"t3.micro\"\n  subnet_id     = aws_subnet.main.id\n\n  # \u660e\u793a\u7684\u306a\u4f9d\u5b58\u95a2\u4fc2\u306e\u6307\u5b9a\n  depends_on = [\n    aws_vpc.main,\n    aws_subnet.main,\n    aws_internet_gateway.main\n  ]\n}<\/pre>\n\n\n\n<p><strong>\u4e88\u9632\u7b56<\/strong>\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u30ea\u30bd\u30fc\u30b9\u9593\u306e\u4f9d\u5b58\u95a2\u4fc2\u3092\u56f3\u793a\u3057\u3066\u628a\u63e1<\/li>\n\n\n\n<li><code>depends_on<\/code>\u3092\u9069\u5207\u306b\u4f7f\u7528<\/li>\n\n\n\n<li>\u30c7\u30fc\u30bf\u30bd\u30fc\u30b9\u306e\u4f7f\u7528\u30bf\u30a4\u30df\u30f3\u30b0\u306b\u6ce8\u610f<\/li>\n<\/ol>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-33\">2. \u5faa\u74b0\u4f9d\u5b58\u95a2\u4fc2\u306e\u89e3\u6c7a<\/h4>\n\n\n\n<p><strong>\u30a8\u30e9\u30fc\u4f8b<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">Error: Cycle: aws_security_group.a, aws_security_group.b<\/pre>\n\n\n\n<p><strong>\u89e3\u6c7a\u65b9\u6cd5<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u306e\u5206\u5272\u5b9a\u7fa9\nresource \"aws_security_group\" \"web\" {\n  name        = \"web-sg\"\n  description = \"Web server security group\"\n  vpc_id      = aws_vpc.main.id\n\n  # \u57fa\u672c\u7684\u306a\u30eb\u30fc\u30eb\u306e\u307f\u3092\u5b9a\u7fa9\n  ingress {\n    from_port   = 80\n    to_port     = 80\n    protocol    = \"tcp\"\n    cidr_blocks = [\"0.0.0.0\/0\"]\n  }\n}\n\n# \u30eb\u30fc\u30eb\u3092\u5225\u30ea\u30bd\u30fc\u30b9\u3068\u3057\u3066\u5b9a\u7fa9\nresource \"aws_security_group_rule\" \"web_to_db\" {\n  type                     = \"egress\"\n  from_port                = 5432\n  to_port                  = 5432\n  protocol                 = \"tcp\"\n  source_security_group_id = aws_security_group.db.id\n  security_group_id        = aws_security_group.web.id\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-34\">\u30b9\u30c6\u30fc\u30c8\u7af6\u5408\u306e\u9632\u6b62\u3068\u89e3\u6c7a\u7b56<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-35\">1. \u30b9\u30c6\u30fc\u30c8\u30d5\u30a1\u30a4\u30eb\u306e\u30ed\u30c3\u30af\u7af6\u5408<\/h4>\n\n\n\n<p><strong>\u30a8\u30e9\u30fc\u4f8b<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">Error: Error acquiring the state lock\nLock Info:\n  ID:        67890abc-def0-1234-5678-9abcdef01234\n  Path:      terraform.tfstate\n  Operation: OperationTypeApply\n  Who:       user@hostname\n  Version:   1.5.0\n  Created:   2024-01-27 10:30:45.123456789 +0000 UTC\n  Info:      <\/pre>\n\n\n\n<p><strong>\u89e3\u6c7a\u624b\u9806<\/strong>\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u30ed\u30c3\u30af\u72b6\u614b\u306e\u78ba\u8a8d<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># DynamoDB\u306e\u30ed\u30c3\u30af\u72b6\u614b\u78ba\u8a8d\naws dynamodb get-item \\\n  --table-name terraform-state-lock \\\n  --key '{\"LockID\": {\"S\": \"terraform-state\/terraform.tfstate\"}}'<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>\u5f37\u5236\u7684\u306a\u30ed\u30c3\u30af\u89e3\u9664\uff08\u5fc5\u8981\u306a\u5834\u5408\u306e\u307f\uff09<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u6ce8\u610f: \u30c1\u30fc\u30e0\u5185\u3067\u78ba\u8a8d\u3057\u3066\u304b\u3089\u5b9f\u884c\nterraform force-unlock 67890abc-def0-1234-5678-9abcdef01234<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li>\u30ed\u30c3\u30af\u7ba1\u7406\u306e\u6539\u5584<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># backend.tf\nterraform {\n  backend \"s3\" {\n    bucket         = \"terraform-state-bucket\"\n    key            = \"env:\/\/${var.environment}\/terraform.tfstate\"\n    region         = \"ap-northeast-1\"\n    encrypt        = true\n    dynamodb_table = \"terraform-state-lock\"\n\n    # \u30ed\u30c3\u30af\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u306e\u8a2d\u5b9a\n    lock_timeout = \"5m\"\n  }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-36\">2. \u30b9\u30c6\u30fc\u30c8\u4e0d\u6574\u5408\u306e\u89e3\u6c7a<\/h4>\n\n\n\n<p><strong>\u30a8\u30e9\u30fc\u4f8b<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">Error: Resource aws_instance.web not found in state<\/pre>\n\n\n\n<p><strong>\u89e3\u6c7a\u624b\u9806<\/strong>\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u30b9\u30c6\u30fc\u30c8\u306e\u78ba\u8a8d<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u73fe\u5728\u306e\u30b9\u30c6\u30fc\u30c8\u78ba\u8a8d\nterraform show\n\n# \u30b9\u30c6\u30fc\u30c8\u30ea\u30b9\u30c8\u8868\u793a\nterraform state list<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>\u30b9\u30c6\u30fc\u30c8\u306e\u66f4\u65b0<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30b9\u30c6\u30fc\u30c8\u306e\u66f4\u65b0\nterraform refresh\n\n# \u7279\u5b9a\u30ea\u30bd\u30fc\u30b9\u306e\u30a4\u30f3\u30dd\u30fc\u30c8\nterraform import aws_instance.web i-1234567890abcdef0<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li>\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u304b\u3089\u306e\u5fa9\u5143<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># S3\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3092\u4f7f\u7528\u3057\u305f\u5fa9\u5143\naws s3api list-object-versions \\\n  --bucket terraform-state-bucket \\\n  --prefix terraform.tfstate\n\naws s3api get-object \\\n  --bucket terraform-state-bucket \\\n  --key terraform.tfstate \\\n  --version-id \"your-version-id\" \\\n  terraform.tfstate.backup<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-37\">\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30a8\u30e9\u30fc\u4e88\u9632\u7b56<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u5b9a\u671f\u7684\u306a\u30c6\u30e9\u30d5\u30a9\u30fc\u30e0\u30b3\u30de\u30f3\u30c9\u306e\u5b9f\u884c<\/li>\n<\/ul>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   # \u5b9a\u671f\u7684\u306a\u691c\u8a3c\n   terraform fmt\n   terraform validate\n   terraform plan<\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30d0\u30fc\u30b8\u30e7\u30f3\u7ba1\u7406\u306e\u5fb9\u5e95<\/li>\n<\/ul>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   terraform {\n     required_version = \"&gt;= 1.5.0\"\n     required_providers {\n       aws = {\n         source  = \"hashicorp\/aws\"\n         version = \"~&gt; 5.0\"\n       }\n     }\n   }<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u30c7\u30d0\u30c3\u30b0\u65b9\u6cd5<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   # \u8a73\u7d30\u306a\u30ed\u30b0\u51fa\u529b\n   export TF_LOG=DEBUG\n   export TF_LOG_PATH=terraform.log\n\n   # \u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u30c7\u30d0\u30c3\u30b0\n   export AWS_DEBUG=true<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u4e00\u822c\u7684\u306a\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u30d5\u30ed\u30fc<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   graph TD\n     A[\u30a8\u30e9\u30fc\u767a\u751f] --&gt; B{\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8\u78ba\u8a8d}\n     B --&gt; C[\u30b9\u30c6\u30fc\u30c8\u78ba\u8a8d]\n     B --&gt; D[\u4f9d\u5b58\u95a2\u4fc2\u78ba\u8a8d]\n     B --&gt; E[\u6a29\u9650\u78ba\u8a8d]\n     C --&gt; F[\u89e3\u6c7a\u7b56\u5b9f\u884c]\n     D --&gt; F\n     E --&gt; F\n     F --&gt; G{\u89e3\u6c7a\u78ba\u8a8d}\n     G --&gt;|Yes| H[\u5b8c\u4e86]\n     G --&gt;|No| B<\/pre>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u624b\u9806\u3092\u7406\u89e3\u3057\u3001\u9069\u5207\u306b\u5bfe\u5fdc\u3059\u308b\u3053\u3068\u3067\u3001Terraform\u306e\u904b\u7528\u3092\u3088\u308a\u5b89\u5b9a\u3055\u305b\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-38\">Terraform for AWS\u5c0e\u5165\u5f8c\u306e\u904b\u7528\u7ba1\u7406\u306e\u30b3\u30c4<\/h2>\n\n\n\n<p>Terraform\u3092\u6d3b\u7528\u3057\u305fAWS\u74b0\u5883\u306e\u52b9\u7387\u7684\u306a\u904b\u7528\u7ba1\u7406\u65b9\u6cd5\u306b\u3064\u3044\u3066\u3001\u5b9f\u8df5\u7684\u306a\u30a2\u30d7\u30ed\u30fc\u30c1\u3092\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-39\">\u30c1\u30fc\u30e0\u958b\u767a\u306b\u304a\u3051\u308b\u52b9\u7387\u7684\u306a\u30ef\u30fc\u30af\u30d5\u30ed\u30fc<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-40\">1. GitOps\u30d9\u30fc\u30b9\u306e\u30ef\u30fc\u30af\u30d5\u30ed\u30fc\u69cb\u7bc9<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># .github\/workflows\/terraform.yml\nname: \"Terraform CI\/CD\"\n\non:\n  push:\n    branches: [ main ]\n  pull_request:\n    branches: [ main ]\n\njobs:\n  terraform:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions\/checkout@v3\n\n      - name: Setup Terraform\n        uses: hashicorp\/setup-terraform@v2\n        with:\n          terraform_version: 1.5.0\n\n      - name: Terraform Format\n        run: terraform fmt -check\n\n      - name: Terraform Init\n        run: terraform init\n\n      - name: Terraform Validate\n        run: terraform validate\n\n      - name: Terraform Plan\n        run: terraform plan\n\n      - name: Terraform Apply\n        if: github.ref == 'refs\/heads\/main' &amp;&amp; github.event_name == 'push'\n        run: terraform apply -auto-approve<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-41\">2. \u30c1\u30fc\u30e0\u958b\u767a\u306e\u30eb\u30fc\u30eb\u8a2d\u5b9a<\/h4>\n\n\n\n<p><strong>\u30d7\u30eb\u30ea\u30af\u30a8\u30b9\u30c8\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># .github\/pull_request_template.md\n## \u5909\u66f4\u5185\u5bb9\n- [ ] \u30a4\u30f3\u30d5\u30e9\u306e\u8ffd\u52a0\n- [ ] \u30a4\u30f3\u30d5\u30e9\u306e\u4fee\u6b63\n- [ ] \u30a4\u30f3\u30d5\u30e9\u306e\u524a\u9664\n\n### \u8a73\u7d30\u306a\u8aac\u660e\n\u5909\u66f4\u5185\u5bb9\u306e\u8a73\u7d30\u3092\u8a18\u8f09\u3057\u3066\u304f\u3060\u3055\u3044\u3002\n\n### \u5f71\u97ff\u7bc4\u56f2\n- \u5f71\u97ff\u3092\u53d7\u3051\u308b\u30ea\u30bd\u30fc\u30b9\n- \u60f3\u5b9a\u3055\u308c\u308b\u30c0\u30a6\u30f3\u30bf\u30a4\u30e0\n- \u30b3\u30b9\u30c8\u5f71\u97ff\n\n### \u30c1\u30a7\u30c3\u30af\u30ea\u30b9\u30c8\n- [ ] terraform fmt \u306e\u5b9f\u884c\n- [ ] terraform validate \u306e\u5b9f\u884c\n- [ ] terraform plan \u306e\u7d50\u679c\u78ba\u8a8d\n- [ ] \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f71\u97ff\u306e\u78ba\u8a8d\n- [ ] \u30b3\u30b9\u30c8\u30a4\u30f3\u30d1\u30af\u30c8\u306e\u78ba\u8a8d<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-42\">3. \u30e2\u30b8\u30e5\u30fc\u30eb\u306e\u958b\u767a\u3068\u7ba1\u7406<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># modules\/standards\/main.tf\n# \u6a19\u6e96\u8a2d\u5b9a\u30e2\u30b8\u30e5\u30fc\u30eb\nmodule \"naming\" {\n  source = \".\/naming\"\n\n  environment = var.environment\n  project     = var.project_name\n  team        = var.team_name\n}\n\nmodule \"tagging\" {\n  source = \".\/tagging\"\n\n  common_tags = {\n    Environment = var.environment\n    Project     = var.project_name\n    Team        = var.team_name\n    ManagedBy   = \"terraform\"\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-43\">\u30b3\u30b9\u30c8\u7ba1\u7406\u3068\u30ea\u30bd\u30fc\u30b9\u306e\u6700\u9069\u5316\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-44\">1. \u30b3\u30b9\u30c8\u6700\u9069\u5316\u306e\u8a2d\u5b9a\u4f8b<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># cost_optimization.tf\nmodule \"ec2_autoscaling\" {\n  source = \".\/modules\/ec2-autoscaling\"\n\n  # \u30b9\u30b1\u30b8\u30e5\u30fc\u30eb\u30d9\u30fc\u30b9\u306e\u81ea\u52d5\u505c\u6b62\/\u8d77\u52d5\n  scheduled_actions = {\n    \"stop_at_night\" = {\n      recurrence = \"0 20 * * 1-5\"  # \u5e73\u65e520\u6642\n      min_size   = 0\n      max_size   = 0\n    }\n    \"start_in_morning\" = {\n      recurrence = \"0 8 * * 1-5\"   # \u5e73\u65e58\u6642\n      min_size   = 1\n      max_size   = 4\n    }\n  }\n\n  # \u30b9\u30dd\u30c3\u30c8\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306e\u6d3b\u7528\n  instance_market_options = {\n    market_type = \"spot\"\n    spot_options = {\n      max_price = \"0.05\"  # \u4e0a\u9650\u4fa1\u683c\u3092\u8a2d\u5b9a\n    }\n  }\n}\n\n# S3\u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\u30eb\u30fc\u30eb\nresource \"aws_s3_bucket_lifecycle_configuration\" \"cost_optimization\" {\n  bucket = aws_s3_bucket.data.id\n\n  rule {\n    id     = \"move_to_ia\"\n    status = \"Enabled\"\n\n    transition {\n      days          = 30\n      storage_class = \"STANDARD_IA\"\n    }\n\n    transition {\n      days          = 90\n      storage_class = \"GLACIER\"\n    }\n  }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-45\">2. \u30b3\u30b9\u30c8\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># monitoring.tf\n# AWS Budgets\u306e\u8a2d\u5b9a\nresource \"aws_budgets_budget\" \"monthly\" {\n  name              = \"monthly-budget\"\n  budget_type       = \"COST\"\n  limit_amount      = \"1000\"\n  limit_unit        = \"USD\"\n  time_unit         = \"MONTHLY\"\n\n  notification {\n    comparison_operator = \"GREATER_THAN\"\n    threshold          = 80\n    threshold_type     = \"PERCENTAGE\"\n    notification_type  = \"ACTUAL\"\n\n    subscriber_email_addresses = [\n      \"team@example.com\"\n    ]\n  }\n}\n\n# Cost Explorer\u30bf\u30b0\u4ed8\u3051\u30dd\u30ea\u30b7\u30fc\nresource \"aws_ce_tags\" \"cost_allocation\" {\n  tags = [\n    \"Environment\",\n    \"Project\",\n    \"Team\",\n    \"Service\"\n  ]\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-46\">3. \u30ea\u30bd\u30fc\u30b9\u6700\u9069\u5316\u306e\u81ea\u52d5\u5316<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># optimization.tf\n# EC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306e\u81ea\u52d5\u6700\u9069\u5316\nmodule \"compute_optimizer\" {\n  source = \".\/modules\/compute-optimizer\"\n\n  enable_compute_optimizer = true\n\n  # \u6700\u9069\u5316\u30ec\u30b3\u30e1\u30f3\u30c7\u30fc\u30b7\u30e7\u30f3\u306e\u81ea\u52d5\u9069\u7528\n  auto_apply_recommendations = {\n    ec2_instance = true\n    auto_scaling_group = true\n    ebs_volume = true\n  }\n}\n\n# \u672a\u4f7f\u7528\u30ea\u30bd\u30fc\u30b9\u306e\u691c\u51fa\nmodule \"resource_cleanup\" {\n  source = \".\/modules\/resource-cleanup\"\n\n  cleanup_rules = {\n    unused_ebs_volumes = true\n    unused_eip = true\n    old_snapshots = true\n    unattached_security_groups = true\n  }\n\n  notification_topic = aws_sns_topic.cleanup_notifications.arn\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-47\">\u904b\u7528\u7ba1\u7406\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u5b9a\u671f\u7684\u306a\u30ec\u30d3\u30e5\u30fc\u3068\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6bce\u6708\u306e\u30b3\u30b9\u30c8\u30ec\u30d3\u30e5\u30fc<\/li>\n\n\n\n<li>\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u5206\u6790<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u76e3\u67fb<\/li>\n\n\n\n<li>\u30ea\u30bd\u30fc\u30b9\u4f7f\u7528\u72b6\u6cc1\u306e\u78ba\u8a8d<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u81ea\u52d5\u5316\u306e\u63a8\u9032<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   # automation.tf\n   # \u5b9a\u671f\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u30bf\u30b9\u30af\n   resource \"aws_lambda_function\" \"maintenance\" {\n     filename      = \"maintenance.zip\"\n     function_name = \"terraform-maintenance\"\n     role          = aws_iam_role.maintenance.arn\n     handler       = \"index.handler\"\n     runtime       = \"nodejs18.x\"\n\n     environment {\n       variables = {\n         BACKUP_BUCKET = aws_s3_bucket.backup.id\n         NOTIFY_TOPIC = aws_sns_topic.maintenance.arn\n       }\n     }\n   }\n\n   resource \"aws_cloudwatch_event_rule\" \"maintenance\" {\n     name                = \"daily-maintenance\"\n     description         = \"Trigger maintenance tasks\"\n     schedule_expression = \"cron(0 1 * * ? *)\"  # \u6bce\u65e51\u6642\u306b\u5b9f\u884c\n   }<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u76e3\u8996\u3068\u30a2\u30e9\u30fc\u30c8\u8a2d\u5b9a<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   # monitoring.tf\n   module \"monitoring\" {\n     source = \".\/modules\/monitoring\"\n\n     alerts = {\n       high_cost = {\n         threshold = 1000\n         period    = \"DAILY\"\n         actions   = [aws_sns_topic.alerts.arn]\n       }\n       resource_limit = {\n         threshold = 80\n         metric    = \"ResourceUtilization\"\n         actions   = [aws_sns_topic.alerts.arn]\n       }\n     }\n\n     dashboards = {\n       cost        = true\n       performance = true\n       security    = true\n     }\n   }<\/pre>\n\n\n\n<ol start=\"4\" class=\"wp-block-list\">\n<li><strong>\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30a4\u30f3\u30d5\u30e9\u69cb\u6210\u56f3\u306e\u81ea\u52d5\u751f\u6210<\/li>\n\n\n\n<li>\u5909\u66f4\u5c65\u6b74\u306e\u8a18\u9332<\/li>\n\n\n\n<li>\u904b\u7528\u624b\u9806\u66f8\u306e\u6574\u5099<\/li>\n<\/ul>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u904b\u7528\u7ba1\u7406\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3092\u9069\u5207\u306b\u5b9f\u88c5\u3059\u308b\u3053\u3068\u3067\u3001\u5b89\u5b9a\u3057\u305f\u30a4\u30f3\u30d5\u30e9\u74b0\u5883\u306e\u7dad\u6301\u3068\u52b9\u7387\u7684\u306a\u30ea\u30bd\u30fc\u30b9\u5229\u7528\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Warning: Undefined array key &#8220;is_admin&#8221; in \/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/ &#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":{"0":"post-2350","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-aws","7":"nothumb"},"_links":{"self":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2350"}],"version-history":[{"count":1,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2350\/revisions"}],"predecessor-version":[{"id":2351,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2350\/revisions\/2351"}],"wp:attachment":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2350"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}