这里首先要找到阿里云的官方使用说明:
中文版:Terraform(Terraform)-阿里云帮助中心
各自创建一个阿里云的RAM子账号,并给与OPAPI的调用权限,(就是有aksk,生成好之后保存下.)
创建路径:
登陆阿里云主账号-->控制台-->右上角企业-->人员权限管理--用户--创建用户
创建好之后会让你保存csv格式的aksk.保存下来备用
配置本地环境变量配置方法参见,或者直接写到代码中(不太安全)
给子账号授权
这里授权的权限是ecs与vpc的所有权限.根据个人需求自定义.
如果使用vscode这类编辑工具的话可以直接使用如下方式定义本地环境变量.
export ALICLOUD_ACCESS_KEY="<yourAccessKeyID>"
export ALICLOUD_SECRET_KEY="<yourAccessKeySecret>"
export ALICLOUD_REGION="cn-beijing"终于环境变量如何引用后面会提.
创建资源所需文件
创建main.tf文件
这里说明一下,其中有三个注释项目,就是上面设置的三个环境变量,这里如果不填入,或者直接注释掉系统就自动会从环境变量中调用.调用的位置只有这里,其他位置不需要额外配置调用内容,
#main.tf
#这里原本可以用来指定阿里云上创建大好的AKSK以及地域信息.这里因为使用了环境变量的形式,所以就给注释掉了.
provider "alicloud" {
# access_key = var.alicloud_access_key
# secret_key = var.alicloud_secret_key
# region = var.region
}
------------------
#创建安全组相关信息
resource "alicloud_security_group" "default" {
security_group_name = "terraform-example" #安全组名字
vpc_id = alicloud_vpc.default.id #关联的vpc的id号码
security_group_type = "normal" #安全组类型是普通类型,还有企业类型的这里没设置.需要的话另说.
}
resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
count = length(var.tcp_rules) #动态创建多条规则时使用,同时定义多个端口号count统计所有端口号的总和,
type = "ingress" #入方向ingress,出方向egress
ip_protocol = "tcp" #tcp协议
nic_type = "intranet" #网络类型,这里表示内网规则internet表示外网,这里是内网
policy = "accept" #表示允许流量通过,drop表示禁止流量通过
port_range = var.tcp_rules[count.index] #配置端口范围,这里因为是配置了多个端口,所以使用了一个列表+下标索引进行配置,
priority = 1 #流量进出优先级,范围是i1-100,数值越小优先级越高.
security_group_id = alicloud_security_group.default.id #安全组id,用来关联这一大段规则属于哪个安全组,
cidr_ip = "0.0.0.0/0" #允许IP访问范围.
}
#出网流量.这里不做解释.跟上面的入网条目类似,区别在于
resource "alicloud_security_group_rule" "allow_all_tcp_egress" {
type = "egress"
ip_protocol = "tcp"
nic_type = "intranet"
policy = "accept"
port_range = "1/65535"
priority = 1
security_group_id = alicloud_security_group.default.id
cidr_ip = "0.0.0.0/0"
}
#定义变量,这里定义了一堆端口号,
variable "tcp_rules" {
type = list(string)
default = ["80/80", "443/443", "8080/8080", "3306/3306", "22/22"]
}
#这里定义了vpc名字
variable "vpc_name" {
type = string
default = "tf-vpc"
}
----------------
#定义一个版本相关信息,
terraform {
required_providers {
alicloud = {
source = "aliyun/alicloud"
version = "1.249.0"
}
}
}
--------------
#创建vpc
resource "alicloud_vpc" "default" {
# ipv6_isp = "BGP" #指定运营商,这里表示阿里云BGP多线提供
description = "test" #vpc描述信息
cidr_block = "10.0.0.0/12" #网段划分,这里是指整个vpc的网段,避免过小导致vpc内的ip数量不足.
vpc_name = "tf-vpc" #vpc名字
enable_ipv6 = true #是否启用ipv6功能.
}
上面的内容可以定义在一个或者多个文件中,看自己需求.
初始化创建资源
#初始化资源
34826@DESKTOP-FRSFPNH MINGW64 /e/GOPATH/src/terraform
$ terraform.exe init
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of aliyun/alicloud from the dependency lock file
- Using previously-installed aliyun/alicloud v1.249.0
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
#这里说明初始化成功
代码检查
-----------
代码内容检查
34826@DESKTOP-FRSFPNH MINGW64 /e/GOPATH/src/terraform
$ terraform.exe validate -json
{
"format_version": "1.0",
"valid": true,
"error_count": 0,
"warning_count": 0,
"diagnostics": []
}
查看执行计划
34826@DESKTOP-FRSFPNH MINGW64 /e/GOPATH/src/terraform
$ terraform.exe plan
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# alicloud_security_group.default will be created
+ resource "alicloud_security_group" "default" {
+ create_time = (known after apply)
+ id = (known after apply)
+ inner_access = (known after apply)
+ inner_access_policy = (known after apply)
+ name = (known after apply)
+ security_group_name = "terraform-example"
+ security_group_type = "normal"
+ vpc_id = (known after apply)
}
# alicloud_security_group_rule.allow_all_tcp_egress will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_egress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "1/65535"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "egress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[0] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "80/80"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[1] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "443/443"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[2] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "8080/8080"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[3] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "3306/3306"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[4] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "22/22"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_vpc.default will be created
+ resource "alicloud_vpc" "default" {
+ cidr_block = "10.0.0.0/12"
+ create_time = (known after apply)
+ description = "test"
+ dns_hostname_status = (known after apply)
+ enable_ipv6 = true
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_blocks = (known after apply)
+ ipv6_isp = "BGP"
+ name = (known after apply)
+ region_id = (known after apply)
+ resource_group_id = (known after apply)
+ route_table_id = (known after apply)
+ router_id = (known after apply)
+ router_table_id = (known after apply)
+ secondary_cidr_blocks = (known after apply)
+ status = (known after apply)
+ system_route_table_route_propagation_enable = (known after apply)
+ user_cidrs = (known after apply)
+ vpc_name = "tf-vpc"
}
# alicloud_vswitch.main will be created
+ resource "alicloud_vswitch" "main" {
+ availability_zone = (known after apply)
+ cidr_block = "10.0.0.0/16"
+ create_time = (known after apply)
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_mask = (known after apply)
+ name = (known after apply)
+ status = (known after apply)
+ vpc_id = (known after apply)
+ vswitch_name = (known after apply)
+ zone_id = "cn-beijing-b"
}
Plan: 9 to add, 0 to change, 0 to destroy.
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.这里可以自己检查下要创建的资源是否都包含在其中,不要因为有些参数没加载成功出现资源漏创建的情况.
执行创建操作
#执行创建操作,
34826@DESKTOP-FRSFPNH MINGW64 /e/GOPATH/src/terraform
$ terraform apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# alicloud_security_group.default will be created
+ resource "alicloud_security_group" "default" {
+ create_time = (known after apply)
+ id = (known after apply)
+ inner_access = (known after apply)
+ inner_access_policy = (known after apply)
+ name = (known after apply)
+ security_group_name = "terraform-example"
+ security_group_type = "normal"
+ vpc_id = (known after apply)
}
# alicloud_security_group_rule.allow_all_tcp_egress will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_egress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "1/65535"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "egress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[0] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "80/80"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[1] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "443/443"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[2] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "8080/8080"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[3] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "3306/3306"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_security_group_rule.allow_all_tcp_ingress[4] will be created
+ resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
+ cidr_ip = "0.0.0.0/0"
+ id = (known after apply)
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "22/22"
+ prefix_list_id = (known after apply)
+ priority = 1
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ type = "ingress"
}
# alicloud_vpc.default will be created
+ resource "alicloud_vpc" "default" {
+ cidr_block = "10.0.0.0/12"
+ create_time = (known after apply)
+ description = "test"
+ dns_hostname_status = (known after apply)
+ enable_ipv6 = true
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_blocks = (known after apply)
+ ipv6_isp = "BGP"
+ name = (known after apply)
+ region_id = (known after apply)
+ resource_group_id = (known after apply)
+ route_table_id = (known after apply)
+ router_id = (known after apply)
+ router_table_id = (known after apply)
+ secondary_cidr_blocks = (known after apply)
+ status = (known after apply)
+ system_route_table_route_propagation_enable = (known after apply)
+ user_cidrs = (known after apply)
+ vpc_name = "tf-vpc"
}
# alicloud_vswitch.main will be created
+ resource "alicloud_vswitch" "main" {
+ availability_zone = (known after apply)
+ cidr_block = "10.0.0.0/16"
+ create_time = (known after apply)
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_mask = (known after apply)
+ name = (known after apply)
+ status = (known after apply)
+ vpc_id = (known after apply)
+ vswitch_name = (known after apply)
+ zone_id = "cn-beijing-b"
}
Plan: 9 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
alicloud_vpc.default: Creating...
alicloud_vpc.default: Creation complete after 7s [id=vpc-2ze7fwv7cpnu8iy265ptf]
alicloud_vswitch.main: Creating...
alicloud_security_group.default: Creating...
alicloud_security_group.default: Creation complete after 1s [id=sg-2zei6vhmj9odactm3zmg]
alicloud_security_group_rule.allow_all_tcp_ingress[4]: Creating...
alicloud_security_group_rule.allow_all_tcp_egress: Creating...
alicloud_security_group_rule.allow_all_tcp_ingress[1]: Creating...
alicloud_security_group_rule.allow_all_tcp_ingress[0]: Creating...
alicloud_security_group_rule.allow_all_tcp_ingress[2]: Creating...
alicloud_security_group_rule.allow_all_tcp_ingress[3]: Creating...
alicloud_security_group_rule.allow_all_tcp_egress: Creation complete after 1s [id=sg-2zei6vhmj9odactm3zmg:egress:tcp:1/65535:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[0]: Creation complete after 1s [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:80/80:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[2]: Creation complete after 1s [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:8080/8080:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[1]: Creation complete after 1s [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:443/443:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[3]: Creation complete after 1s [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:3306/3306:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[4]: Creation complete after 1s [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:22/22:intranet:0.0.0.0/0:accept:1]
alicloud_vswitch.main: Creation complete after 4s [id=vsw-2zerm02oxz9z1kp064jrw]
Apply complete! Resources: 9 added, 0 changed, 0 destroyed.登陆阿里云检查是否创建成功
vpc:
交换机:
ecs-->安全组
资源创建成功.
释放资源
34826@DESKTOP-FRSFPNH MINGW64 /e/GOPATH/src/terraform
$ terraform destroy
alicloud_vpc.default: Refreshing state... [id=vpc-2ze7fwv7cpnu8iy265ptf]
alicloud_security_group.default: Refreshing state... [id=sg-2zei6vhmj9odactm3zmg]
alicloud_vswitch.main: Refreshing state... [id=vsw-2zerm02oxz9z1kp064jrw]
alicloud_security_group_rule.allow_all_tcp_egress: Refreshing state... [id=sg-2zei6vhmj9odactm3zmg:egress:tcp:1/65535:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[4]: Refreshing state... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:22/22:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[1]: Refreshing state... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:443/443:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[2]: Refreshing state... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:8080/8080:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[3]: Refreshing state... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:3306/3306:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[0]: Refreshing state... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:80/80:intranet:0.0.0.0/0:accept:1]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# alicloud_security_group.default will be destroyed
- resource "alicloud_security_group" "default" {
- create_time = "2025-05-23T10:23:59Z" -> null
- id = "sg-2zei6vhmj9odactm3zmg" -> null
- inner_access = true -> null
- inner_access_policy = "Accept" -> null
- name = "terraform-example" -> null
- security_group_name = "terraform-example" -> null
- security_group_type = "normal" -> null
- tags = {} -> null
- vpc_id = "vpc-2ze7fwv7cpnu8iy265ptf" -> null
# (2 unchanged attributes hidden)
}
# alicloud_security_group_rule.allow_all_tcp_egress will be destroyed
- resource "alicloud_security_group_rule" "allow_all_tcp_egress" {
- cidr_ip = "0.0.0.0/0" -> null
- id = "sg-2zei6vhmj9odactm3zmg:egress:tcp:1/65535:intranet:0.0.0.0/0:accept:1" -> null
- ip_protocol = "tcp" -> null
- nic_type = "intranet" -> null
- policy = "accept" -> null
- port_range = "1/65535" -> null
- priority = 1 -> null
- security_group_id = "sg-2zei6vhmj9odactm3zmg" -> null
- security_group_rule_id = "sgr-2ze0arx65gjwu4jws1sf" -> null
- type = "egress" -> null
# (5 unchanged attributes hidden)
}
# alicloud_security_group_rule.allow_all_tcp_ingress[0] will be destroyed
- resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
- cidr_ip = "0.0.0.0/0" -> null
- id = "sg-2zei6vhmj9odactm3zmg:ingress:tcp:80/80:intranet:0.0.0.0/0:accept:1" -> null
- ip_protocol = "tcp" -> null
- nic_type = "intranet" -> null
- policy = "accept" -> null
- port_range = "80/80" -> null
- priority = 1 -> null
- security_group_id = "sg-2zei6vhmj9odactm3zmg" -> null
- security_group_rule_id = "sgr-2ze8adp4bid9tf56l24x" -> null
- type = "ingress" -> null
# (5 unchanged attributes hidden)
}
# alicloud_security_group_rule.allow_all_tcp_ingress[1] will be destroyed
- resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
- cidr_ip = "0.0.0.0/0" -> null
- id = "sg-2zei6vhmj9odactm3zmg:ingress:tcp:443/443:intranet:0.0.0.0/0:accept:1" -> null
- ip_protocol = "tcp" -> null
- nic_type = "intranet" -> null
- policy = "accept" -> null
- port_range = "443/443" -> null
- priority = 1 -> null
- security_group_id = "sg-2zei6vhmj9odactm3zmg" -> null
- security_group_rule_id = "sgr-2ze3k611m1jf9lhv7z9t" -> null
- type = "ingress" -> null
# (5 unchanged attributes hidden)
}
# alicloud_security_group_rule.allow_all_tcp_ingress[2] will be destroyed
- resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
- cidr_ip = "0.0.0.0/0" -> null
- id = "sg-2zei6vhmj9odactm3zmg:ingress:tcp:8080/8080:intranet:0.0.0.0/0:accept:1" -> null
- ip_protocol = "tcp" -> null
- nic_type = "intranet" -> null
- policy = "accept" -> null
- port_range = "8080/8080" -> null
- priority = 1 -> null
- security_group_id = "sg-2zei6vhmj9odactm3zmg" -> null
- security_group_rule_id = "sgr-2ze79n9hu282um50noj2" -> null
- type = "ingress" -> null
# (5 unchanged attributes hidden)
}
# alicloud_security_group_rule.allow_all_tcp_ingress[3] will be destroyed
- resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
- cidr_ip = "0.0.0.0/0" -> null
- id = "sg-2zei6vhmj9odactm3zmg:ingress:tcp:3306/3306:intranet:0.0.0.0/0:accept:1" -> null
- ip_protocol = "tcp" -> null
- nic_type = "intranet" -> null
- policy = "accept" -> null
- port_range = "3306/3306" -> null
- priority = 1 -> null
- security_group_id = "sg-2zei6vhmj9odactm3zmg" -> null
- security_group_rule_id = "sgr-2zej25002q98mn93498d" -> null
- type = "ingress" -> null
# (5 unchanged attributes hidden)
}
# alicloud_security_group_rule.allow_all_tcp_ingress[4] will be destroyed
- resource "alicloud_security_group_rule" "allow_all_tcp_ingress" {
- cidr_ip = "0.0.0.0/0" -> null
- id = "sg-2zei6vhmj9odactm3zmg:ingress:tcp:22/22:intranet:0.0.0.0/0:accept:1" -> null
- ip_protocol = "tcp" -> null
- nic_type = "intranet" -> null
- policy = "accept" -> null
- port_range = "22/22" -> null
- priority = 1 -> null
- security_group_id = "sg-2zei6vhmj9odactm3zmg" -> null
- security_group_rule_id = "sgr-2zeb98gdsh1n8xll6voj" -> null
- type = "ingress" -> null
# (5 unchanged attributes hidden)
}
# alicloud_vpc.default will be destroyed
- resource "alicloud_vpc" "default" {
- cidr_block = "10.0.0.0/12" -> null
- classic_link_enabled = false -> null
- create_time = "2025-05-23T10:23:52Z" -> null
- description = "test" -> null
- dns_hostname_status = "DISABLED" -> null
- enable_ipv6 = true -> null
- id = "vpc-2ze7fwv7cpnu8iy265ptf" -> null
- ipv6_cidr_block = "2408:400a:73b:2a00::/56" -> null
- ipv6_cidr_blocks = [
- {
- ipv6_cidr_block = "2408:400a:73b:2a00::/56"
- ipv6_isp = "BGP"
},
] -> null
- ipv6_isp = "BGP" -> null
- name = "tf-vpc" -> null
- region_id = "cn-beijing" -> null
- resource_group_id = "rg-acfm2d7xyl7us2a" -> null
- route_table_id = "vtb-2ze5jelvopjsqidcc33ed" -> null
- router_id = "vrt-2ze5qp3bdj97nvlozegvo" -> null
- router_table_id = "vtb-2ze5jelvopjsqidcc33ed" -> null
- secondary_cidr_blocks = [] -> null
- status = "Available" -> null
- system_route_table_route_propagation_enable = true -> null
- tags = {} -> null
- user_cidrs = [] -> null
- vpc_name = "tf-vpc" -> null
# (2 unchanged attributes hidden)
}
# alicloud_vswitch.main will be destroyed
- resource "alicloud_vswitch" "main" {
- availability_zone = "cn-beijing-b" -> null
- cidr_block = "10.0.0.0/16" -> null
- create_time = "2025-05-23T10:23:58Z" -> null
- id = "vsw-2zerm02oxz9z1kp064jrw" -> null
name = null
- status = "Available" -> null
- tags = {} -> null
- vpc_id = "vpc-2ze7fwv7cpnu8iy265ptf" -> null
- zone_id = "cn-beijing-b" -> null
# (3 unchanged attributes hidden)
}
Plan: 0 to add, 0 to change, 9 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
alicloud_security_group_rule.allow_all_tcp_egress: Destroying... [id=sg-2zei6vhmj9odactm3zmg:egress:tcp:1/65535:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[0]: Destroying... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:80/80:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[4]: Destroying... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:22/22:intranet:0.0.0.0/0:accept:1]
alicloud_vswitch.main: Destroying... [id=vsw-2zerm02oxz9z1kp064jrw]
alicloud_security_group_rule.allow_all_tcp_ingress[2]: Destroying... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:8080/8080:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[3]: Destroying... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:3306/3306:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[1]: Destroying... [id=sg-2zei6vhmj9odactm3zmg:ingress:tcp:443/443:intranet:0.0.0.0/0:accept:1]
alicloud_security_group_rule.allow_all_tcp_ingress[2]: Destruction complete after 1s
alicloud_security_group_rule.allow_all_tcp_ingress[3]: Destruction complete after 1s
alicloud_security_group_rule.allow_all_tcp_ingress[0]: Destruction complete after 1s
alicloud_security_group_rule.allow_all_tcp_egress: Destruction complete after 1s
alicloud_security_group_rule.allow_all_tcp_ingress[1]: Destruction complete after 1s
alicloud_security_group_rule.allow_all_tcp_ingress[4]: Destruction complete after 1s
alicloud_security_group.default: Destroying... [id=sg-2zei6vhmj9odactm3zmg]
alicloud_security_group.default: Destruction complete after 0s
alicloud_vswitch.main: Destruction complete after 4s
alicloud_vpc.default: Destroying... [id=vpc-2ze7fwv7cpnu8iy265ptf]
alicloud_vpc.default: Destruction complete after 6s
Destroy complete! Resources: 9 destroyed.登陆页面验证:
资源释放成功
其他功能后续会陆续补充.