Use Terraform to provide domain configuration resources for Alibaba Cloud CDN - CDN

Terraform is an open source tool that allows you to provision and manage your cloud infrastructure safely and efficiently. You can use Terraform to manage Alibaba Cloud CDN resources. This topic describes how to use Terraform to configure and manage the settings of an Alibaba Cloud CDN-accelerated domain name.

Procedure

Grant required permissions to a RAM user

You must grant a Resource Access Management (RAM) user the permissions required to execute a Terraform template. You must create a RAM user, obtain an AccessKey pair, and then attach a permission policy to the RAM user. The AccessKey pair is configured as an environment variable of Terraform. You need to attach the following policy to the RAM user:

AliyunCDNFullAccess: grants full access to Alibaba Cloud CDN resources.

An Alibaba Cloud account has permissions on all API operations. Security risks may arise if you use an Alibaba Cloud account to call API operations. We recommend that you call API operations or perform routine O&M as a RAM user. Before you call API operations as a RAM user, grant the required permissions to the RAM user based on your business requirements. The RAM user must have the permissions to manage Alibaba Cloud CDN resources. For more information, see Alibaba Cloud CDN system policies.

Install Terraform

For more information about how to install and configure Terraform on your PC, see Install and configure Terraform in the local PC.
After Terraform is installed, you can open the command-line interface (CLI) and then enter terraform version. If version information is returned, Terraform is installed.
If you do not want to install Terraform, use Cloud Shell provided by Alibaba Cloud. Cloud Shell provides a built-in runtime environment for Terraform.

Create a template

Create a file named AddDomain.tf and enter the following content in the file. The file is used to configure and manage domain name settings.

resource "random_integer" "default" {
  min = 10000
  max = 99999
}

# Create a new Domain config.
resource "alicloud_cdn_domain_new" "domain" {
  domain_name = "mycdndomain-${random_integer.default.result}.alicloud-provider.cn"
  cdn_type    = "web"
  scope       = "overseas"
  sources {
    content  = "1.1.X.X"
   1.1.X.X   = "ipaddr"
    priority = "20"
    port     = 80
    weight   = "15"
  }
}

output "dcdn_domain_cname" {
  value = alicloud_Dcdn_domain_new.domain.cname
}

For more information about the configurations for the resource type, see alicloud_cdn_domain_config.

Execute the template

In this example, the following steps are performed on Windows. The specific methods to run commands may be different on other operating systems.

Initialize and load required modules, such as the Provider module.
```
terraform init
```
Check whether the template syntax is valid.
```
terraform validate
```
Create an execution plan.
```
terraform plan
```
Deploy the template.
```
terraform apply
```
Enter yes to add resources. After the resources are added, a CNAME record is automatically obtained. You can configure the CNAME record at your DNS provider.