diff --git a/solution/tech-solution/access-model-studio-by-privatelink/README.md b/solution/tech-solution/access-model-studio-by-privatelink/README.md
new file mode 100644
index 000000000..8ffd96c8f
--- /dev/null
+++ b/solution/tech-solution/access-model-studio-by-privatelink/README.md
@@ -0,0 +1,76 @@
+## Introduction
+
+<!-- DOCS_DESCRIPTION_CN -->
+本示例用于实现解决方案[通过私网安全高效访问 AI 模型服务](https://www.aliyun.com/solution/tech-solution/access-model-services-over-private-networks), 涉及到专有网络VPC、虚拟交换机vSwitch、云服务器ECS、云企业网CEN、阿里云百炼服务、私网连接PrivateLink等资源的部署。
+<!-- DOCS_DESCRIPTION_CN -->
+
+<!-- DOCS_DESCRIPTION_EN -->
+This example is used to implement solution [Securely and Efficiently Access AI Model Services via Private Network](https://www.aliyun.com/solution/tech-solution/access-model-services-over-private-networks), which involves the creation and deployment of resources such as Virtual Private Cloud (VPC), vSwitch, Elastic Compute Service (ECS), Cloud Enterprise Network (CEN), Bailian AI Service, and PrivateLink.
+<!-- DOCS_DESCRIPTION_EN -->
+
+
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_alicloud"></a> [alicloud](#provider\_alicloud) | n/a |
+| <a name="provider_alicloud.region_beijing"></a> [alicloud.region\_beijing](#provider\_alicloud.region\_beijing) | n/a |
+| <a name="provider_alicloud.region_hangzhou"></a> [alicloud.region\_hangzhou](#provider\_alicloud.region\_hangzhou) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [alicloud_cen_instance.cen](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_instance) | resource |
+| [alicloud_cen_transit_router.bj-tr](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router) | resource |
+| [alicloud_cen_transit_router.hz-tr](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router) | resource |
+| [alicloud_cen_transit_router_peer_attachment.cen-tr-peer-attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_peer_attachment) | resource |
+| [alicloud_cen_transit_router_route_table_association.bj_peer_attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_association) | resource |
+| [alicloud_cen_transit_router_route_table_association.bj_vpc_attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_association) | resource |
+| [alicloud_cen_transit_router_route_table_association.hz_peer_attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_association) | resource |
+| [alicloud_cen_transit_router_route_table_association.hz_vpc_attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_association) | resource |
+| [alicloud_cen_transit_router_route_table_propagation.bj_peer_propagation](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_propagation) | resource |
+| [alicloud_cen_transit_router_route_table_propagation.bj_vpc_propagation](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_propagation) | resource |
+| [alicloud_cen_transit_router_route_table_propagation.hz_peer_propagation](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_propagation) | resource |
+| [alicloud_cen_transit_router_route_table_propagation.hz_vpc_propagation](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_route_table_propagation) | resource |
+| [alicloud_cen_transit_router_vpc_attachment.bj_vpc_attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_vpc_attachment) | resource |
+| [alicloud_cen_transit_router_vpc_attachment.hz_vpc_attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/cen_transit_router_vpc_attachment) | resource |
+| [alicloud_instance.ecs_hz](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/instance) | resource |
+| [alicloud_privatelink_vpc_endpoint.dashscope_endpoint](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/privatelink_vpc_endpoint) | resource |
+| [alicloud_privatelink_vpc_endpoint_zone.zone1](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/privatelink_vpc_endpoint_zone) | resource |
+| [alicloud_privatelink_vpc_endpoint_zone.zone2](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/privatelink_vpc_endpoint_zone) | resource |
+| [alicloud_pvtz_zone.dashscope_pvtz_zone](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/pvtz_zone) | resource |
+| [alicloud_pvtz_zone_attachment.hz_vpc_attachment](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/pvtz_zone_attachment) | resource |
+| [alicloud_pvtz_zone_record.dashscope_cname_record](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/pvtz_zone_record) | resource |
+| [alicloud_security_group.sg_bj](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group.sg_hz](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group_rule.allow_workbench](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.http_ingress_rule](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.https_ingress_rule](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_vpc.vpc_bj](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vpc.vpc_hz](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vswitch.vsw1_bj](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [alicloud_vswitch.vsw1_hz](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [alicloud_vswitch.vsw2_bj](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [alicloud_vswitch.vsw2_hz](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [random_id.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [alicloud_cen_transit_router_route_tables.bj-tr-rt](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/data-sources/cen_transit_router_route_tables) | data source |
+| [alicloud_cen_transit_router_route_tables.hz-tr-rt](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/data-sources/cen_transit_router_route_tables) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_bj_zone_id1"></a> [bj\_zone\_id1](#input\_bj\_zone\_id1) | 北京可用区1 | `string` | `"cn-beijing-l"` | no |
+| <a name="input_bj_zone_id2"></a> [bj\_zone\_id2](#input\_bj\_zone\_id2) | 北京可用区2 | `string` | `"cn-beijing-k"` | no |
+| <a name="input_ecs_instance_password"></a> [ecs\_instance\_password](#input\_ecs\_instance\_password) | 服务器登录密码，长度8-30，必须包含三项（大写字母、小写字母、数字、特殊符号） | `string` | n/a | yes |
+| <a name="input_hz_zone_id1"></a> [hz\_zone\_id1](#input\_hz\_zone\_id1) | 杭州可用区1 | `string` | `"cn-hangzhou-j"` | no |
+| <a name="input_hz_zone_id2"></a> [hz\_zone\_id2](#input\_hz\_zone\_id2) | 杭州可用区2 | `string` | `"cn-hangzhou-k"` | no |
+| <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | ECS实例规格 | `string` | `"ecs.e-c1m2.large"` | no |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/solution/tech-solution/access-model-studio-by-privatelink/main.tf b/solution/tech-solution/access-model-studio-by-privatelink/main.tf
new file mode 100644
index 000000000..5d5613c96
--- /dev/null
+++ b/solution/tech-solution/access-model-studio-by-privatelink/main.tf
@@ -0,0 +1,342 @@
+# ------------------------------------------------------------------------------
+# 核心资源定义 (Main Resource Definitions)
+#
+# 本文件包含了模块的核心基础设施资源。
+# 这里的代码负责根据输入变量来创建和配置所有云资源。
+# ------------------------------------------------------------------------------
+
+# 杭州地域
+provider "alicloud" {
+  alias  = "region_hangzhou"
+  region = "cn-hangzhou"
+}
+
+# 北京地域
+provider "alicloud" {
+  alias  = "region_beijing"
+  region = "cn-beijing"
+}
+
+# 生成随机后缀，确保资源名称唯一性
+resource "random_id" "suffix" {
+  byte_length = 8
+}
+
+# 本地变量定义
+locals {
+  common_name = random_id.suffix.id # 所有资源的通用名称前缀
+}
+
+# 杭州 VPC
+resource "alicloud_vpc" "vpc_hz" {
+  provider   = alicloud.region_hangzhou
+  cidr_block = "192.168.0.0/16"
+  vpc_name   = "${local.common_name}-hz-vpc"
+}
+
+# 杭州可用区1交换机
+resource "alicloud_vswitch" "vsw1_hz" {
+  provider     = alicloud.region_hangzhou
+  vpc_id       = alicloud_vpc.vpc_hz.id
+  cidr_block   = "192.168.1.0/24"
+  zone_id      = var.hz_zone_id1
+  vswitch_name = "${local.common_name}-hz-vsw1"
+}
+
+# 杭州可用区2交换机
+resource "alicloud_vswitch" "vsw2_hz" {
+  provider     = alicloud.region_hangzhou
+  vpc_id       = alicloud_vpc.vpc_hz.id
+  cidr_block   = "192.168.2.0/24"
+  zone_id      = var.hz_zone_id2
+  vswitch_name = "${local.common_name}-hz-vsw2"
+}
+
+# 安全组
+resource "alicloud_security_group" "sg_hz" {
+  provider            = alicloud.region_hangzhou
+  security_group_name = "${local.common_name}-hz-sg"
+  vpc_id              = alicloud_vpc.vpc_hz.id
+}
+
+# 允许云助手连接（SSH）
+resource "alicloud_security_group_rule" "allow_workbench" {
+  provider          = alicloud.region_hangzhou
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  port_range        = "22/22"
+  cidr_ip           = "100.104.0.0/16"
+  security_group_id = alicloud_security_group.sg_hz.id
+}
+
+# 杭州 ECS 实例 - 访问百炼服务的客户端
+resource "alicloud_instance" "ecs_hz" {
+  provider             = alicloud.region_hangzhou
+  instance_name        = "${local.common_name}-ecs-1"
+  image_id             = "aliyun_3_9_x64_20G_alibase_20231219.vhd"
+  instance_type        = var.instance_type
+  system_disk_category = "cloud_essd"
+  system_disk_size     = 40
+  vswitch_id           = alicloud_vswitch.vsw1_hz.id
+  security_groups      = [alicloud_security_group.sg_hz.id]
+  password             = var.ecs_instance_password
+}
+
+# 北京 VPC
+resource "alicloud_vpc" "vpc_bj" {
+  provider   = alicloud.region_beijing
+  cidr_block = "172.16.0.0/16"
+  vpc_name   = "${local.common_name}-bj-vpc"
+}
+
+# 北京可用区1交换机
+resource "alicloud_vswitch" "vsw1_bj" {
+  provider     = alicloud.region_beijing
+  vpc_id       = alicloud_vpc.vpc_bj.id
+  cidr_block   = "172.16.1.0/24"
+  zone_id      = var.bj_zone_id1
+  vswitch_name = "${local.common_name}-bj-vsw1"
+}
+
+# 北京可用区2交换机
+resource "alicloud_vswitch" "vsw2_bj" {
+  provider     = alicloud.region_beijing
+  vpc_id       = alicloud_vpc.vpc_bj.id
+  cidr_block   = "172.16.2.0/24"
+  zone_id      = var.bj_zone_id2
+  vswitch_name = "${local.common_name}-bj-vsw2"
+}
+
+
+# 安全组
+resource "alicloud_security_group" "sg_bj" {
+  provider            = alicloud.region_beijing
+  security_group_name = "${local.common_name}-bj-sg"
+  vpc_id              = alicloud_vpc.vpc_bj.id
+}
+
+# 允许来自杭州 VPC 的 HTTP 访问
+resource "alicloud_security_group_rule" "http_ingress_rule" {
+  provider          = alicloud.region_beijing
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "80/80"
+  priority          = 1
+  security_group_id = alicloud_security_group.sg_bj.id
+  cidr_ip           = alicloud_vpc.vpc_hz.cidr_block
+}
+
+# 允许来自杭州 VPC 的 HTTPS 访问
+resource "alicloud_security_group_rule" "https_ingress_rule" {
+  provider          = alicloud.region_beijing
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "443/443"
+  priority          = 1
+  security_group_id = alicloud_security_group.sg_bj.id
+  cidr_ip           = alicloud_vpc.vpc_hz.cidr_block
+}
+# CEN 实例 - 跨地域网络连接
+resource "alicloud_cen_instance" "cen" {
+  cen_instance_name = "${local.common_name}-cen"
+  description       = "CEN instance for cross-region connectivity with route synchronization"
+}
+
+# 杭州 Transit Router
+resource "alicloud_cen_transit_router" "hz-tr" {
+  provider            = alicloud.region_hangzhou
+  cen_id              = alicloud_cen_instance.cen.id
+  transit_router_name = "${local.common_name}-hz-tr"
+}
+
+# 北京 Transit Router
+resource "alicloud_cen_transit_router" "bj-tr" {
+  provider            = alicloud.region_beijing
+  cen_id              = alicloud_cen_instance.cen.id
+  transit_router_name = "${local.common_name}-bj-tr"
+}
+
+# 杭州 VPC 连接到杭州 Transit Router
+resource "alicloud_cen_transit_router_vpc_attachment" "hz_vpc_attachment" {
+  provider          = alicloud.region_hangzhou
+  cen_id            = alicloud_cen_instance.cen.id
+  transit_router_id = alicloud_cen_transit_router.hz-tr.transit_router_id
+  vpc_id            = alicloud_vpc.vpc_hz.id
+
+  # 多可用区映射
+  zone_mappings {
+    zone_id    = var.hz_zone_id1
+    vswitch_id = alicloud_vswitch.vsw1_hz.id
+  }
+  zone_mappings {
+    zone_id    = var.hz_zone_id2
+    vswitch_id = alicloud_vswitch.vsw2_hz.id
+  }
+  transit_router_vpc_attachment_name = "${local.common_name}-hz-vpc-attachment"
+  auto_publish_route_enabled         = true
+}
+
+# 北京 VPC 连接到北京 Transit Router
+resource "alicloud_cen_transit_router_vpc_attachment" "bj_vpc_attachment" {
+  provider          = alicloud.region_beijing
+  cen_id            = alicloud_cen_instance.cen.id
+  transit_router_id = alicloud_cen_transit_router.bj-tr.transit_router_id
+  vpc_id            = alicloud_vpc.vpc_bj.id
+
+  # 多可用区映射
+  zone_mappings {
+    zone_id    = var.bj_zone_id1
+    vswitch_id = alicloud_vswitch.vsw1_bj.id
+  }
+  zone_mappings {
+    zone_id    = var.bj_zone_id2
+    vswitch_id = alicloud_vswitch.vsw2_bj.id
+  }
+  transit_router_vpc_attachment_name = "${local.common_name}-bj-vpc-attachment"
+  auto_publish_route_enabled         = true
+}
+
+# 杭州 Transit Router 系统路由表查询
+data "alicloud_cen_transit_router_route_tables" "hz-tr-rt" {
+  provider                        = alicloud.region_hangzhou
+  transit_router_id               = alicloud_cen_transit_router.hz-tr.transit_router_id
+  transit_router_route_table_type = "System"
+}
+
+# 北京 Transit Router 系统路由表查询
+data "alicloud_cen_transit_router_route_tables" "bj-tr-rt" {
+  provider                        = alicloud.region_beijing
+  transit_router_id               = alicloud_cen_transit_router.bj-tr.transit_router_id
+  transit_router_route_table_type = "System"
+}
+
+# 提取系统路由表ID
+locals {
+  hz_system_route_table_id = data.alicloud_cen_transit_router_route_tables.hz-tr-rt.tables[0].transit_router_route_table_id
+  bj_system_route_table_id = data.alicloud_cen_transit_router_route_tables.bj-tr-rt.tables[0].transit_router_route_table_id
+}
+
+# 杭州到北京的跨地域连接
+resource "alicloud_cen_transit_router_peer_attachment" "cen-tr-peer-attachment" {
+  provider                            = alicloud.region_hangzhou
+  cen_id                              = alicloud_cen_instance.cen.id
+  transit_router_id                   = alicloud_cen_transit_router.hz-tr.transit_router_id
+  peer_transit_router_region_id       = "cn-beijing"
+  peer_transit_router_id              = alicloud_cen_transit_router.bj-tr.transit_router_id
+  bandwidth_type                      = "DataTransfer"
+  bandwidth                           = 5
+  transit_router_peer_attachment_name = "${local.common_name}-peer-attachment"
+  auto_publish_route_enabled          = true
+}
+
+# 杭州 VPC 连接关联到杭州系统路由表
+resource "alicloud_cen_transit_router_route_table_association" "hz_vpc_attachment" {
+  provider                      = alicloud.region_hangzhou
+  transit_router_route_table_id = local.hz_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_vpc_attachment.hz_vpc_attachment.transit_router_attachment_id
+}
+
+# 北京 VPC 连接关联到北京系统路由表
+resource "alicloud_cen_transit_router_route_table_association" "bj_vpc_attachment" {
+  provider                      = alicloud.region_beijing
+  transit_router_route_table_id = local.bj_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_vpc_attachment.bj_vpc_attachment.transit_router_attachment_id
+}
+
+# 跨地域连接关联到北京系统路由表
+resource "alicloud_cen_transit_router_route_table_association" "bj_peer_attachment" {
+  provider                      = alicloud.region_beijing
+  transit_router_route_table_id = local.bj_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_peer_attachment.cen-tr-peer-attachment.transit_router_attachment_id
+}
+
+# 跨地域连接关联到杭州系统路由表
+resource "alicloud_cen_transit_router_route_table_association" "hz_peer_attachment" {
+  provider                      = alicloud.region_hangzhou
+  transit_router_route_table_id = local.hz_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_peer_attachment.cen-tr-peer-attachment.transit_router_attachment_id
+}
+
+# 杭州 VPC 路由传播到杭州系统路由表
+resource "alicloud_cen_transit_router_route_table_propagation" "hz_vpc_propagation" {
+  provider                      = alicloud.region_hangzhou
+  transit_router_route_table_id = local.hz_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_vpc_attachment.hz_vpc_attachment.transit_router_attachment_id
+}
+
+# 北京 VPC 路由传播到北京系统路由表
+resource "alicloud_cen_transit_router_route_table_propagation" "bj_vpc_propagation" {
+  provider                      = alicloud.region_beijing
+  transit_router_route_table_id = local.bj_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_vpc_attachment.bj_vpc_attachment.transit_router_attachment_id
+}
+
+# 跨地域连接路由传播到北京系统路由表
+resource "alicloud_cen_transit_router_route_table_propagation" "bj_peer_propagation" {
+  provider                      = alicloud.region_beijing
+  transit_router_route_table_id = local.bj_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_peer_attachment.cen-tr-peer-attachment.transit_router_attachment_id
+}
+
+# 跨地域连接路由传播到杭州系统路由表
+resource "alicloud_cen_transit_router_route_table_propagation" "hz_peer_propagation" {
+  provider                      = alicloud.region_hangzhou
+  transit_router_route_table_id = local.hz_system_route_table_id
+  transit_router_attachment_id  = alicloud_cen_transit_router_peer_attachment.cen-tr-peer-attachment.transit_router_attachment_id
+}
+
+# Privatelink
+resource "alicloud_privatelink_vpc_endpoint" "dashscope_endpoint" {
+  provider           = alicloud.region_beijing
+  service_name       = "com.aliyuncs.dashscope"
+  vpc_endpoint_name  = "${local.common_name}-dashscope-endpoint"
+  security_group_ids = [alicloud_security_group.sg_bj.id]
+  vpc_id             = alicloud_vpc.vpc_bj.id
+}
+
+# 终端节点可用区1配置
+resource "alicloud_privatelink_vpc_endpoint_zone" "zone1" {
+  provider    = alicloud.region_beijing
+  endpoint_id = alicloud_privatelink_vpc_endpoint.dashscope_endpoint.id
+  vswitch_id  = alicloud_vswitch.vsw1_bj.id
+  zone_id     = var.bj_zone_id1
+}
+
+# 终端节点可用区2配置
+resource "alicloud_privatelink_vpc_endpoint_zone" "zone2" {
+  provider    = alicloud.region_beijing
+  endpoint_id = alicloud_privatelink_vpc_endpoint.dashscope_endpoint.id
+  vswitch_id  = alicloud_vswitch.vsw2_bj.id
+  zone_id     = var.bj_zone_id2
+}
+
+# 私有 DNS 配置
+resource "alicloud_pvtz_zone" "dashscope_pvtz_zone" {
+  provider  = alicloud.region_hangzhou
+  zone_name = "vpc-cn-beijing.dashscope.aliyuncs.com"
+}
+
+# DNS CNAME 记录指向北京 PrivateLink 终端节点
+resource "alicloud_pvtz_zone_record" "dashscope_cname_record" {
+  provider = alicloud.region_hangzhou
+  zone_id  = alicloud_pvtz_zone.dashscope_pvtz_zone.id
+  value    = alicloud_privatelink_vpc_endpoint.dashscope_endpoint.endpoint_domain
+  rr       = "@"
+  type     = "CNAME"
+  ttl      = 60
+  status   = "ENABLE"
+}
+
+# 将杭州 VPC 绑定到私有 DNS 区域
+resource "alicloud_pvtz_zone_attachment" "hz_vpc_attachment" {
+  provider = alicloud.region_hangzhou
+  zone_id  = alicloud_pvtz_zone.dashscope_pvtz_zone.id
+  vpcs {
+    vpc_id    = alicloud_vpc.vpc_hz.id
+    region_id = "cn-hangzhou"
+  }
+}
\ No newline at end of file
diff --git a/solution/tech-solution/access-model-studio-by-privatelink/outputs.tf b/solution/tech-solution/access-model-studio-by-privatelink/outputs.tf
new file mode 100644
index 000000000..6b688613c
--- /dev/null
+++ b/solution/tech-solution/access-model-studio-by-privatelink/outputs.tf
@@ -0,0 +1,12 @@
+# ------------------------------------------------------------------------------
+# 模块输出值 (Module Outputs)
+#
+# 本文件定义了模块执行成功后返回给调用方的值。
+# 这些输出可以被其他 Terraform 配置引用，或在 apply 命令结束后显示给用户。
+# ------------------------------------------------------------------------------
+
+# ECS登录地址
+output "ecs_login_address" {
+  description = "ECS登录地址"
+  value       = format("https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs&regionId=%s&instanceId=%s", "cn-hangzhou", alicloud_instance.ecs_hz.id)
+} 
\ No newline at end of file
diff --git a/solution/tech-solution/access-model-studio-by-privatelink/variables.tf b/solution/tech-solution/access-model-studio-by-privatelink/variables.tf
new file mode 100644
index 000000000..228966b83
--- /dev/null
+++ b/solution/tech-solution/access-model-studio-by-privatelink/variables.tf
@@ -0,0 +1,49 @@
+# ------------------------------------------------------------------------------
+# 模块输入变量 (Module Input Variables)
+#
+# 本文件定义了该 Terraform 模块所有可配置的输入变量。
+# 每个变量都包含了详细的 'description'，以说明其用途、格式和默认值逻辑。
+# 请参考这些描述来正确配置模块。
+# ------------------------------------------------------------------------------
+
+# 北京地域可用区1
+variable "bj_zone_id1" {
+  type        = string
+  description = "北京可用区1"
+  default     = "cn-beijing-l"
+}
+
+# 北京地域可用区2
+variable "bj_zone_id2" {
+  type        = string
+  description = "北京可用区2"
+  default     = "cn-beijing-k"
+}
+
+# ECS 实例规格
+variable "instance_type" {
+  type        = string
+  description = "ECS实例规格"
+  default     = "ecs.e-c1m2.large"
+}
+
+# ECS 实例登录密码
+variable "ecs_instance_password" {
+  type        = string
+  sensitive   = true
+  description = "服务器登录密码，长度8-30，必须包含三项（大写字母、小写字母、数字、特殊符号）"
+}
+
+# 杭州地域可用区1
+variable "hz_zone_id1" {
+  type        = string
+  description = "杭州可用区1"
+  default     = "cn-hangzhou-j"
+}
+
+# 杭州地域可用区2
+variable "hz_zone_id2" {
+  type        = string
+  description = "杭州可用区2"
+  default     = "cn-hangzhou-k"
+}
\ No newline at end of file
diff --git a/solution/tech-solution/nat-service/README.md b/solution/tech-solution/nat-service/README.md
new file mode 100644
index 000000000..119982001
--- /dev/null
+++ b/solution/tech-solution/nat-service/README.md
@@ -0,0 +1,55 @@
+## Introduction
+
+<!-- DOCS_DESCRIPTION_CN -->
+本示例用于实现解决方案[高效安全：企业统一公网出口](https://www.aliyun.com/solution/tech-solution/nat-service), 涉及到专有网络VPC、虚拟交换机vSwitch、公网 NAT 网关、云服务器ECS等资源的部署。
+<!-- DOCS_DESCRIPTION_CN -->
+
+<!-- DOCS_DESCRIPTION_EN -->
+This example is used to implement solution [Efficient and Secure: Unified Public Network Egress](https://www.aliyun.com/solution/tech-solution/nat-service), which involves the creation and deployment of resources such as Virtual Private Cloud (VPC), Virtual Switch (vSwitch), Internet NAT Gateway and Elastic Compute Service (ECS).
+<!-- DOCS_DESCRIPTION_EN -->
+
+
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_alicloud"></a> [alicloud](#provider\_alicloud) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [alicloud_eip.eip](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/eip) | resource |
+| [alicloud_eip_association.eip_association](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/eip_association) | resource |
+| [alicloud_instance.ecs_instance1](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/instance) | resource |
+| [alicloud_instance.ecs_instance2](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/instance) | resource |
+| [alicloud_nat_gateway.nat_gateway](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/nat_gateway) | resource |
+| [alicloud_security_group.security_group](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group_rule.allow_http](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.allow_https](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.allow_workbench](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_snat_entry.snat](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/snat_entry) | resource |
+| [alicloud_snat_entry.snat2](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/snat_entry) | resource |
+| [alicloud_vpc.vpc](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vswitch.vswitch1](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [alicloud_vswitch.vswitch2](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [alicloud_vswitch.vswitch3](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [random_id.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_instance_password"></a> [instance\_password](#input\_instance\_password) | 服务器登录密码,长度8-30，必须包含三项（大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号）` | `string` | n/a | yes |
+| <a name="input_instance_type1"></a> [instance\_type1](#input\_instance\_type1) | ECS1 实例规格 | `string` | `"ecs.e-c1m2.large"` | no |
+| <a name="input_instance_type2"></a> [instance\_type2](#input\_instance\_type2) | ECS2 实例规格 | `string` | `"ecs.e-c1m2.large"` | no |
+| <a name="input_region"></a> [region](#input\_region) | 地域 | `string` | `"cn-hangzhou"` | no |
+| <a name="input_region_zone_id1"></a> [region\_zone\_id1](#input\_region\_zone\_id1) | 可用区1 | `string` | `"cn-hangzhou-j"` | no |
+| <a name="input_region_zone_id2"></a> [region\_zone\_id2](#input\_region\_zone\_id2) | 可用区2 | `string` | `"cn-hangzhou-k"` | no |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/solution/tech-solution/nat-service/main.tf b/solution/tech-solution/nat-service/main.tf
new file mode 100644
index 000000000..ec5d423ec
--- /dev/null
+++ b/solution/tech-solution/nat-service/main.tf
@@ -0,0 +1,149 @@
+# ------------------------------------------------------------------------------
+# 核心资源定义 (Main Resource Definitions)
+#
+# 本文件包含了模块的核心基础设施资源。
+# 这里的代码负责根据输入变量来创建和配置所有云资源。
+# ------------------------------------------------------------------------------
+
+# 配置阿里云提供商 (Provider)
+provider "alicloud" {
+  # 资源部署地域
+  region = "cn-hangzhou"
+}
+
+# 生成随机ID后缀
+resource "random_id" "suffix" {
+  byte_length = 8
+}
+
+# 定义本地变量
+locals {
+  common_name = random_id.suffix.id
+}
+
+# 创建VPC
+resource "alicloud_vpc" "vpc" {
+  cidr_block = "192.168.0.0/16"
+  vpc_name   = "${local.common_name}-vpc"
+}
+
+# 创建交换机
+resource "alicloud_vswitch" "vswitch1" {
+  vpc_id       = alicloud_vpc.vpc.id
+  cidr_block   = "192.168.1.0/24"
+  zone_id      = var.region_zone_id1
+  vswitch_name = "${local.common_name}-app1-vsw"
+}
+
+# 创建交换机
+resource "alicloud_vswitch" "vswitch2" {
+  vpc_id       = alicloud_vpc.vpc.id
+  cidr_block   = "192.168.2.0/24"
+  zone_id      = var.region_zone_id2
+  vswitch_name = "${local.common_name}-app2-vsw"
+}
+
+# 创建交换机（NAT网关）
+resource "alicloud_vswitch" "vswitch3" {
+  vpc_id       = alicloud_vpc.vpc.id
+  cidr_block   = "192.168.3.0/24"
+  zone_id      = var.region_zone_id1
+  vswitch_name = "${local.common_name}-pub-vsw"
+}
+
+# 创建安全组
+resource "alicloud_security_group" "security_group" {
+  vpc_id              = alicloud_vpc.vpc.id
+  security_group_name = "${local.common_name}-sg"
+}
+
+# 安全组规则：允许HTTPS
+resource "alicloud_security_group_rule" "allow_https" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  port_range        = "443/443"
+  cidr_ip           = "0.0.0.0/0"
+  security_group_id = alicloud_security_group.security_group.id
+}
+
+# 安全组规则：允许HTTP
+resource "alicloud_security_group_rule" "allow_http" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  port_range        = "80/80"
+  cidr_ip           = "0.0.0.0/0"
+  security_group_id = alicloud_security_group.security_group.id
+}
+
+# 安全组规则：允许SSH
+resource "alicloud_security_group_rule" "allow_workbench" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  port_range        = "22/22"
+  cidr_ip           = "100.104.0.0/16"
+  security_group_id = alicloud_security_group.security_group.id
+}
+
+# 创建ECS1
+resource "alicloud_instance" "ecs_instance1" {
+  instance_name              = "${local.common_name}-ecs-1"
+  image_id                   = "aliyun_3_9_x64_20G_alibase_20231219.vhd"
+  instance_type              = var.instance_type1
+  system_disk_category       = "cloud_essd"
+  vswitch_id                 = alicloud_vswitch.vswitch1.id
+  security_groups            = [alicloud_security_group.security_group.id]
+  internet_max_bandwidth_out = 0
+  password                   = var.ecs_instance_password
+}
+
+# 创建ECS2
+resource "alicloud_instance" "ecs_instance2" {
+  instance_name              = "${local.common_name}-ecs-2"
+  image_id                   = "aliyun_3_9_x64_20G_alibase_20231219.vhd"
+  instance_type              = var.instance_type2
+  system_disk_category       = "cloud_essd"
+  vswitch_id                 = alicloud_vswitch.vswitch2.id
+  security_groups            = [alicloud_security_group.security_group.id]
+  internet_max_bandwidth_out = 0
+  password                   = var.ecs_instance_password
+}
+
+# 创建NAT网关
+resource "alicloud_nat_gateway" "nat_gateway" {
+  vpc_id           = alicloud_vpc.vpc.id
+  vswitch_id       = alicloud_vswitch.vswitch3.id
+  nat_type         = "Enhanced"
+  nat_gateway_name = "${local.common_name}-ngw"
+}
+
+# 创建EIP
+resource "alicloud_eip" "eip" {
+  bandwidth            = 200
+  internet_charge_type = "PayByTraffic"
+  isp                  = "BGP"
+  deletion_protection  = false
+}
+
+# 绑定EIP到NAT网关
+resource "alicloud_eip_association" "eip_association" {
+  instance_id   = alicloud_nat_gateway.nat_gateway.id
+  allocation_id = alicloud_eip.eip.id
+}
+
+# 配置SNAT规则（vswitch1）
+resource "alicloud_snat_entry" "snat" {
+  snat_table_id     = alicloud_nat_gateway.nat_gateway.snat_table_ids
+  snat_ip           = alicloud_eip.eip.ip_address
+  source_vswitch_id = alicloud_vswitch.vswitch1.id
+  snat_entry_name   = "${local.common_name}-snat"
+  depends_on        = [alicloud_eip_association.eip_association]
+}
+
+# 配置SNAT规则（vswitch2）
+resource "alicloud_snat_entry" "snat2" {
+  snat_table_id     = alicloud_nat_gateway.nat_gateway.snat_table_ids
+  snat_ip           = alicloud_eip.eip.ip_address
+  source_vswitch_id = alicloud_vswitch.vswitch2.id
+  snat_entry_name   = "${local.common_name}-snat2"
+  depends_on        = [alicloud_eip_association.eip_association]
+}
\ No newline at end of file
diff --git a/solution/tech-solution/nat-service/outputs.tf b/solution/tech-solution/nat-service/outputs.tf
new file mode 100644
index 000000000..282353b9a
--- /dev/null
+++ b/solution/tech-solution/nat-service/outputs.tf
@@ -0,0 +1,18 @@
+# ------------------------------------------------------------------------------
+# 模块输出值 (Module Outputs)
+#
+# 本文件定义了模块执行成功后返回给调用方的值。
+# 这些输出可以被其他 Terraform 配置引用，或在 apply 命令结束后显示给用户。
+# ------------------------------------------------------------------------------
+
+# ECS1登录地址
+output "ecs_login_address1" {
+  description = "ECS1 登录地址"
+  value       = format("https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs&regionId=%s&instanceId=%s", var.region, alicloud_instance.ecs_instance1.id)
+}
+
+# ECS2登录地址
+output "ecs_login_address2" {
+  description = "ECS2 登录地址"
+  value       = format("https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs&regionId=%s&instanceId=%s", var.region, alicloud_instance.ecs_instance2.id)
+}
diff --git a/solution/tech-solution/nat-service/variables.tf b/solution/tech-solution/nat-service/variables.tf
new file mode 100644
index 000000000..f2e224f8c
--- /dev/null
+++ b/solution/tech-solution/nat-service/variables.tf
@@ -0,0 +1,49 @@
+# ------------------------------------------------------------------------------
+# 模块输入变量 (Module Input Variables)
+#
+# 本文件定义了该 Terraform 模块所有可配置的输入变量。
+# 每个变量都包含了详细的 'description'，以说明其用途、格式和默认值逻辑。
+# 请参考这些描述来正确配置模块。
+# ------------------------------------------------------------------------------
+
+# 部署地域
+variable "region" {
+  type        = string
+  description = "地域"
+  default     = "cn-hangzhou"
+}
+
+# 可用区1
+variable "region_zone_id1" {
+  type        = string
+  description = "可用区1"
+  default     = "cn-hangzhou-j"
+}
+
+# 可用区2
+variable "region_zone_id2" {
+  type        = string
+  description = "可用区2"
+  default     = "cn-hangzhou-k"
+}
+
+# ECS1实例规格
+variable "instance_type1" {
+  type        = string
+  description = "ECS1 实例规格"
+  default     = "ecs.e-c1m2.large"
+}
+
+# ECS2实例规格
+variable "instance_type2" {
+  type        = string
+  description = "ECS2 实例规格"
+  default     = "ecs.e-c1m2.large"
+}
+
+# ECS登录密码
+variable "ecs_instance_password" {
+  type        = string
+  sensitive   = true
+  description = "服务器登录密码,长度8-30，必须包含三项（大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号）"
+}
\ No newline at end of file