diff --git a/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/README.md b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/README.md
new file mode 100644
index 000000000..0f694b76c
--- /dev/null
+++ b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/README.md
@@ -0,0 +1,49 @@
+## Introduction
+
+
+本示例用于实现解决方案[MSE 助力实现全方位流量防护](https://www.aliyun.com/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection), 涉及到专有网络(VPC)、交换机(VSwitch)、云服务器(ECS)等资源的创建。
+
+
+
+This example is used to implement solution [use-mse-to-implement-comprehensive-traffic-protection](https://www.aliyun.com/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection). It involves the creation, and deployment of resources such as Virtual Private Cloud (VPC), VSwitch, Elastic Compute Service (ECS).
+
+
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [alicloud](#provider\_alicloud) | n/a |
+| [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [alicloud_ecs_command.run_command](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/ecs_command) | resource |
+| [alicloud_ecs_invocation.invoke_script](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/ecs_invocation) | resource |
+| [alicloud_instance.ecs_instance](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/instance) | resource |
+| [alicloud_ram_access_key.ramak](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/ram_access_key) | resource |
+| [alicloud_ram_user.ram_user](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/ram_user) | resource |
+| [alicloud_ram_user_policy_attachment.attach_policy_to_user](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/ram_user_policy_attachment) | resource |
+| [alicloud_security_group.security_group](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group_rule.allow_80](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_vpc.vpc](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vswitch.vswitch](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/resources/vswitch) | resource |
+| [random_string.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+| [alicloud_images.default](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/data-sources/images) | data source |
+| [alicloud_regions.current_region_ds](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/data-sources/regions) | data source |
+| [alicloud_zones.default](https://registry.terraform.io/providers/hashicorp/alicloud/latest/docs/data-sources/zones) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [ecs\_instance\_password](#input\_ecs\_instance\_password) | 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)` | `string` | n/a | yes |
+| [ecs\_instance\_type](#input\_ecs\_instance\_type) | 实例类型 | `string` | `"ecs.t6-c1m2.large"` | no |
+| [mse\_license\_key](#input\_mse\_license\_key) | 当前环境 MSE License Key。登录MSE控制台:https://mse.console.aliyun.com,点击治理中心 > 应用治理,在顶部选择地域, 在右上角点击查看License Key,获取MSE License Key。 | `string` | n/a | yes |
+
\ No newline at end of file
diff --git a/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/main.tf b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/main.tf
new file mode 100644
index 000000000..f0325a1dc
--- /dev/null
+++ b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/main.tf
@@ -0,0 +1,139 @@
+# ------------------------------------------------------------------------------
+# 核心资源定义 (Main Resource Definitions)
+#
+# 本文件包含了模块的核心基础设施资源。
+# 这里的代码负责根据输入变量来创建和配置所有云资源。
+# ------------------------------------------------------------------------------
+
+# 配置阿里云提供商 (Provider)
+provider "alicloud" {
+ region = "cn-hangzhou"
+}
+
+# 查询当前部署地域
+data "alicloud_regions" "current_region_ds" {
+ current = true
+}
+
+# 查询支持指定ECS实例规格和磁盘类型的可用区
+data "alicloud_zones" "default" {
+ available_disk_category = "cloud_essd"
+ available_resource_creation = "VSwitch"
+ available_instance_type = var.ecs_instance_type
+}
+
+# 创建一个随机ID,用于生成唯一的资源名称后缀,避免命名冲突
+resource "random_string" "suffix" {
+ length = 8
+ lower = true
+ upper = false
+ numeric = false
+ special = false
+}
+
+# 定义一个局部变量,将随机ID用作通用名称后缀
+locals {
+ common_name = random_string.suffix.id
+ region = data.alicloud_regions.current_region_ds.regions.0.id
+}
+
+# 创建一个专有网络(VPC),为云资源提供一个隔离的网络环境
+resource "alicloud_vpc" "vpc" {
+ cidr_block = "192.168.0.0/16"
+ vpc_name = "vpc-${local.common_name}"
+}
+
+# 创建一个交换机(VSwitch),用于在VPC内划分一个子网
+resource "alicloud_vswitch" "vswitch" {
+ vpc_id = alicloud_vpc.vpc.id
+ cidr_block = "192.168.0.0/24"
+ zone_id = data.alicloud_zones.default.zones.0.id
+ vswitch_name = "vswitch-${local.common_name}"
+}
+
+# 创建一个安全组,作为虚拟防火墙来控制ECS实例的网络访问
+resource "alicloud_security_group" "security_group" {
+ vpc_id = alicloud_vpc.vpc.id
+ security_group_name = "sg-${local.common_name}"
+}
+
+# 在安全组中添加入方向规则,允许外部流量访问80端口
+resource "alicloud_security_group_rule" "allow_80" {
+ type = "ingress"
+ ip_protocol = "tcp"
+ nic_type = "intranet"
+ policy = "accept"
+ port_range = "80/80"
+ priority = 1
+ security_group_id = alicloud_security_group.security_group.id
+ cidr_ip = "192.168.0.0/24"
+ # 如需允许从公网访问ECS,请将cidr_ip修改为0.0.0.0/0
+ # cidr_ip = "0.0.0.0/0"
+}
+
+# 查询可用的阿里云镜像
+data "alicloud_images" "default" {
+ name_regex = "^aliyun_3_x64_20G_alibase_.*"
+ # name_regex = "^ubuntu_24_04_x64_20G_alibase_.*"
+ most_recent = true
+ owners = "system"
+}
+
+# 创建一个RAM用户,用于后续给ECS实例授权访问其他云服务
+resource "alicloud_ram_user" "ram_user" {
+ name = "ram-user-${local.common_name}"
+}
+
+# 为前面创建的RAM用户生成一个Access Key
+resource "alicloud_ram_access_key" "ramak" {
+ user_name = alicloud_ram_user.ram_user.name
+}
+
+# 为RAM用户附加一个系统策略
+resource "alicloud_ram_user_policy_attachment" "attach_policy_to_user" {
+ user_name = alicloud_ram_user.ram_user.name
+ # 策略类型为系统预设策略
+ policy_type = "System"
+ # 授予日志服务的完全访问权限
+ policy_name = "AliyunLogFullAccess"
+}
+
+# 创建一台ECS实例(云服务器)
+resource "alicloud_instance" "ecs_instance" {
+ instance_name = "ecs-${local.common_name}"
+ image_id = data.alicloud_images.default.images[0].id
+ instance_type = var.ecs_instance_type
+ system_disk_category = "cloud_essd"
+ security_groups = [alicloud_security_group.security_group.id]
+ vswitch_id = alicloud_vswitch.vswitch.id
+ password = var.ecs_instance_password
+ internet_max_bandwidth_out = 5
+}
+
+# 创建一个云助手命令,指令用于:部署示例应用,并通过应用接口来调用大模型
+resource "alicloud_ecs_command" "run_command" {
+ name = "command-run-${local.common_name}"
+ command_content = base64encode(<> ~/.bash_profile
+export LICENSE_KEY=${var.mse_license_key}
+EOT
+
+source ~/.bash_profile
+
+curl -fsSL https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/install-script/use-mse-to-implement-comprehensive-traffic-protection/install.sh | bash
+
+EOF
+ )
+ working_dir = "/root"
+ type = "RunShellScript"
+ timeout = 3600
+}
+
+# 在指定的ECS实例上执行上面创建的云助手命令
+resource "alicloud_ecs_invocation" "invoke_script" {
+ instance_id = [alicloud_instance.ecs_instance.id]
+ command_id = alicloud_ecs_command.run_command.id
+ timeouts {
+ create = "15m"
+ }
+}
diff --git a/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/outputs.tf b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/outputs.tf
new file mode 100644
index 000000000..e84a931da
--- /dev/null
+++ b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/outputs.tf
@@ -0,0 +1,16 @@
+# ------------------------------------------------------------------------------
+# 模块输出值 (Module Outputs)
+#
+# 本文件定义了模块执行成功后返回给调用方的值。
+# 这些输出可以被其他 Terraform 配置引用,或在 apply 命令结束后显示给用户。
+# ------------------------------------------------------------------------------
+
+output "ecs_login_address" {
+ description = "部署应用的ECS实例的登录地址。登录后执行"
+ value = format("https://ecs-workbench.aliyun.com/?from=ecs&instanceType=ecs®ionId=%s&instanceId=%s&resourceGroupId=", local.region, alicloud_instance.ecs_instance.id)
+}
+
+output "DemoUrl" {
+ description = "应用Web页面访问地址"
+ value = "http://${alicloud_instance.ecs_instance.public_ip}:80"
+}
\ No newline at end of file
diff --git a/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/variables.tf b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/variables.tf
new file mode 100644
index 000000000..2d1f907fb
--- /dev/null
+++ b/solution/tech-solution/use-mse-to-implement-comprehensive-traffic-protection/variables.tf
@@ -0,0 +1,26 @@
+# ------------------------------------------------------------------------------
+# 模块输入变量 (Module Input Variables)
+#
+# 本文件定义了该 Terraform 模块所有可配置的输入变量。
+# 每个变量都包含了详细的 'description',以说明其用途、格式和默认值逻辑。
+# 请参考这些描述来正确配置模块。
+# ------------------------------------------------------------------------------
+
+variable "ecs_instance_type" {
+ type = string
+ default = "ecs.t6-c1m2.large"
+ description = "实例类型"
+}
+
+variable "ecs_instance_password" {
+ type = string
+ sensitive = true
+ description = "服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)"
+ # default = ""
+}
+
+variable "mse_license_key" {
+ type = string
+ description = "当前环境 MSE License Key。登录MSE控制台:https://mse.console.aliyun.com,点击治理中心 > 应用治理,在顶部选择地域, 在右上角点击查看License Key,获取MSE License Key。"
+ # default = ""
+}
\ No newline at end of file