All Products
Search
Document Center

Resource Orchestration Service:Release notes

Last Updated:Dec 25, 2023

This topic describes the release notes for Resource Orchestration Service (ROS) and provides links to the relevant references.

April 2023

Category

Description

References

Resource type of PolarDB-X

ALIYUN::PolarDBX::Database: creates a database.

ALIYUN::PolarDBX::Database

DataSource resource types of Alibaba Cloud services

The following DataSource resource types are supported for CloudMonitor, Alibaba Cloud CDN (CDN), and Data Transmission Service (DTS):

  • DATASOURCE::CMS::AlarmContacts

  • DATASOURCE::CDN::Domains

  • DATASOURCE::DTS::MigrationInstances

  • DATASOURCE::CMS::SlsGroups

Resource types that support drift detection and resource import

  • ALIYUN::ECS::ForwardEntry: configures a Destination Network Address Translation (DNAT) table for a NAT gateway.

  • ALIYUN::ECS::AssignPrivateIpAddresses: assigns secondary private IP addresses to an elastic network interface (ENI).

Time range in ListStacks

The StartTime and EndTime parameters are supported in the ListStacks operation. You can use the parameters to specify the start time and the end time of a time range.

ListStacks

Parameter query results filtered in Terraform templates by using rules

The query results of parameters in Terraform templates can be filtered by using rules.

ROS features and resources supported by Terraform

March 2023

Category

Description

References

Resource type of ApsaraDB for Redis

ALIYUN::REDIS::Connection: applies for a public endpoint for an instance.

ALIYUN::REDIS::Connection

Resource type of ApsaraDB RDS

ALIYUN::RDS::Connection: applies for a public endpoint.

ALIYUN::RDS::Connection

Resource types of GDB

  • ALIYUN::GraphDatabase::Account: creates an account.

  • ALIYUN::GraphDatabase::DbInstance: creates a Graph Database (GDB) instance.

Resource type of PolarDB-X

ALIYUN::PolarDBX::Account: creates an account.

ALIYUN::PolarDBX::Account

Resource type of Container Registry

ALIYUN::CR::Instance: creates a Container Registry instance.

ALIYUN::CR::Instance

Resource types that support resource cleanup

The resource cleanup feature is supported for the following resource types of Resource Access Management (RAM), Container Registry, Microservices Engine (MSE), PrivateLink, Direct Mail, Key Management Service (KMS), Message Service (MNS), and CloudOps Orchestration Service (OOS):

  • ALIYUN::RAM::User

  • ALIYUN::RAM::Group

  • ALIYUN::RAM::Role

  • ALIYUN::RAM::ManagedPolicy

  • ALIYUN::RAM::SAMLProvider

  • ALIYUN::CR::Instance

  • ALIYUN::MSE::Cluste

  • ALIYUN::MSE::Gateway

  • ALIYUN::PrivateLink::VpcEndpointService

  • ALIYUN::DirectMail::Doman

  • ALIYUN::DirectMail::Ipfilter

  • ALIYUN::KMS::Key

  • ALIYUN::KMS::Secret

  • ALIYUN::MNS::Queue

  • ALIYUN::MNS::Topic

  • ALIYUN::OOS::Parameter

  • ALIYUN::OOS::SecretParameter

  • ALIYUN::OOS::PatchBaseline

Properties in ALIYUN::Lindorm::Instance

The StreamSpec and StreamNum properties are supported in the ALIYUN::Lindorm::Instance resource type.

ALIYUN::Lindorm::Instance

Resource type that supports updates for the Tags property

Updates for the Tags property are supported for the following resource type of Elastic Compute Service (ECS):

  • ALIYUN::ECS::InstanceGroup

ALIYUN::ECS::InstanceGroup

DataSource resource types of Alibaba Cloud services

The following DataSource resource types are supported for ECS, Elastic IP Address (EIP), and Virtual Private Cloud (VPC), and Serverless Workflow (SWF):

  • DATASOURCE::EIP::Addresses

  • DATASOURCE::ECS::Commands

  • DATASOURCE::VPC::FlowLogs

  • DATASOURCE::FNF::Flows

  • DATASOURCE::FNF::Schedules

  • DATASOURCE::ALB::LoadBalancers

  • DATASOURCE::NLB::LoadBalancers

Price inquiry and system tags for GDB

Price inquiry and system tags are supported for the ALIYUN::GraphDatabase::DbInstance resource type.

ALIYUN::GraphDatabase::DbInstance

DeleteOptions in DeleteStack

The DeleteOptions parameter is supported in the DeleteStack operation. You can use DeleteOptions to specify that an error is thrown if subscription resources exist when a stack is deleted.

DeleteStack

Drift detection and resource import information queried by using GetFeatureDetails

The information about the drift detection and resource import features can be queried by using the GetFeatureDetails operation.

GetFeatureDetails

Resource types that support drift detection

The drift detection feature is supported for the following resource types:

  • ALIYUN::SLB::DomainExtension

  • ALIYUN::SLB::AccessControl

  • ALIYUN::SLB::BackendServerToVServerGroupAddition

  • ALIYUN::SLB::Certificate

  • ALIYUN::SLB::DomainExtension

  • ALIYUN::SLB::LoadBalancerClone

  • ALIYUN::SLB::Rule

Parameter query for Terraform resources

The parameter query feature is supported for Terraform resources.

ROS features and resources supported by Terraform

Official modules of the alicloud provider in Terraform

The official modules provided by the alicloud provider are supported in Terraform.

ROS features and resources supported by Terraform

February 2023

Category

Description

References

Parameter query for ApsaraDB for ClickHouse

Zones can be queried when you use the following resource type of ApsaraDB for ClickHouse:

  • ALIYUN::ClickHouse::DBCluster

ALIYUN::ClickHouse::DBCluster

Properties returned for PolarDB

The following properties can be returned for the ALIYUN::POLARDB::DBCluster resource type: PrimaryConnectionStrings and PrimaryEndpointIds.

ALIYUN::POLARDB::DBCluster

DataSource resource types of Alibaba Cloud services

The following DataSource resource types are supported for ECS, VPC, API Gateway, ApsaraMQ for RocketMQ, PolarDB, OOS, Elastic Block Storage (EBS), Direct Mail, and Global Accelerator (GA):

  • DATASOURCE::ECS::ManagedInstances

  • DATASOURCE::VPC::CustomerGateways

  • DATASOURCE::VPC::NatIpCidrs

  • DATASOURCE::ROCKETMQ::Groups

  • DATASOURCE::ROCKETMQ::Instances

  • DATASOURCE::ROCKETMQ::Topics

  • DATASOURCE::POLARDB::ParameterGroup

  • DATASOURCE::POLARDB::GlobalDatabaseNetwork

  • DATASOURCE::OOS::PatchBaseline

  • DATASOURCE::OOS::SecretParameter

  • DATASOURCE::EBS::DiskReplicaGroups

  • DATASOURCE::EBS::DiskReplicaPairs

  • DATASOURCE::DirectMail::Domains

  • DATASOURCE::DirectMail::Ipfilters

  • DATASOURCE::VPC::PrefixLists

  • DATASOURCE::VPC::TrafficMirrorFilters

  • DATASOURCE::VPC::Ipv4Gateways

  • DATASOURCE::GA::Acls

PhysicalResourceId in PreviewStack

The PhysicalResourceId response parameter is supported in the PreviewStack operation.

PreviewStack

Resource types of PolarDB

  • ALIYUN::POLARDB::ParameterGroup: creates a parameter template of PolarDB.

  • ALIYUN::POLARDB::GlobalDatabaseNetwork: creates a global database network (GDN).

Resource types of OOS

  • ALIYUN::OOS::PatchBaseline: creates a patch baseline.

  • ALIYUN::OOS::SecretParameter: creates an encryption parameter.

Resource types of EBS

  • ALIYUN::EBS::DiskReplicaGroup: creates a replication pair-consistent group.

  • ALIYUN::EBS::DiskReplicaPair: creates a replication pair to asynchronously replicate data between cloud disks.

Resource types of Direct Mail

  • ALIYUN::DirectMail::Domain: creates a domain name in Direct Mail.

  • ALIYUN::DirectMail::Ipfilter: adds an IP filter.

Resource types of VPC

  • ALIYUN::VPC::PrefixList: creates a prefix list.

  • ALIYUN::VPC::TrafficMirrorFilter: creates a filter for traffic mirroring.

  • ALIYUN::VPC::Ipv4Gateway: creates an IPv4 gateway.

Resource replication, import, or migration for resource types of SLB

The resource replication, import, or migration feature is supported for the following resource types of Server Load Balancer (SLB):

  • ALIYUN::SLB::AccessControl

  • ALIYUN::SLB::DomainExtension

  • ALIYUN::SLB::Rule

  • ALIYUN::SLB::Certificate

January 2023

Category

Description

References

Parameter query for NAS

Zones can be queried when you use the following resource type of Apsara File Storage NAS (NAS):

  • ALIYUN::NAS::FileSystem

ALIYUN::NAS::FileSystem

Parameters of Auto Scaling

  • The AttachOptions and DetachOptions parameters are supported in the ALIYUN::ESS::ScalingGroupEnable resource type.

  • The cloud_auto parameter is supported for the SystemDiskCategory property in the ALIYUN::ESS::ScalingConfiguration resource type.

Value of RecreatingOptions in ContinueCreateStack

The RecreatingOptions parameter can be set to AutoRecreatingResources when you call the ContinueCreateStack operation.

ContinueCreateStack

December 2022

Category

Description

References

Resource types of ApsaraMQ for RocketMQ 5.0

  • ALIYUN::ROCKETMQ5::Instance: creates an instance in ApsaraMQ for RocketMQ 5.0.

  • ALIYUN::ROCKETMQ5::Topic: creates a topic in ApsaraMQ for RocketMQ 5.0.

  • ALIYUN::ROCKETMQ5::ConsumerGroup: creates a consumer group in ApsaraMQ for RocketMQ 5.0.

Resource types of MSE

  • ALIYUN::MSE::NacosService: creates a Nacos service.

  • ALIYUN::MSE::NacosConfig: creates a Nacos configuration.

Resource types of Lindorm

  • ALIYUN::Lindorm::MultiZoneInstance: creates a multi-zone Lindorm instance.

  • ALIYUN::Lindorm::Instance: creates a Lindorm instance.

Resource cleanup for Apsara File Storage for HDFS

The resource cleanup feature is supported for the following resource types of Apsara File Storage for HDFS:

  • ALIYUN::DFS:FileSystem

  • ALIYUN::DFS:AccessGroup

Resource cleanup for NLB

The resource cleanup feature is supported for the following resource types of Network Load Balancer (NLB):

  • ALIYUN::NLB:LoadBalancer

  • ALIYUN::NLB:ServerGroup

Resource cleanup for CloudMonitor

The resource cleanup feature is supported for the following resource types of CloudMonitor:

  • ALIYUN::CMS::MetricRuleTemplate

  • ALIYUN::CMS::SiteMonitor

Resource cleanup for ARMS

The resource cleanup feature is supported for the following resource types Application Real-Time Monitoring Service (ARMS):

  • ALIYUN::ARMS:AlertContact

  • ALIYUN::ARMS:AlertContactGroup

  • ALIYUN::ARMS:RetcodeApp

November 2022

Category

Description

References

Resource type of BH

ALIYUN::BastionHost::Host: creates a host for O&M in a bastion host of Bastionhost (BH).

ALIYUN::BastionHost::Host

Resource types of ACK

  • ALIYUN::CS::ClusterHelmApplication: deploys applications by using Helm in Container Service for Kubernetes (ACK).

  • ALIYUN::CS::ClusterAddons: installs components in a cluster.

Resource type of E-HPC

ALIYUN::EHPC::AutoScaleConfig: configures the auto scaling settings of an Elastic High Performance Computing (E-HPC) cluster.

ALIYUN::EHPC::AutoScaleConfig

Resource cleanup for API Gateway

The resource cleanup feature is supported for the following resource types of API Gateway:

  • ALIYUN::ApiGateway::LogConfig

  • ALIYUN::ApiGateway::Plugin

  • ALIYUN::ApiGateway::Signature

  • ALIYUN::ApiGateway::TrafficControl

DataSource resource type of ACK

DATASOURCE::CS::ClusterApplicationResources: queries the information about specified types of resources in an ACK cluster.

DATASOURCE::CS::ClusterApplicationResources

AcsResourceType in PreviewStack

The AcsResourceType response parameter is supported in the PreviewStack operation.

PreviewStack

Features of Terraform

The following features are supported in Terraform: user tags, system tags, resource groups, price inquiry, and risk detection. Custom providers can be specified in Terraform.

ROS features and resources supported by Terraform

October 2022

Category

Description

References

Resource type of PolarDB-X

ALIYUN::PolarDBX::DBInstance: creates a PolarDB-X instance.

ALIYUN::PolarDBX::DBInstance

Resource type of EMR

ALIYUN::EMR::Cluster2: creates an E-MapReduce (EMR) cluster.

ALIYUN::EMR::Cluster2

Resource type of DLF

ALIYUN::DLF::Catalog: creates a catalog in Data Lake Formation (DLF).

ALIYUN::DLF::Catalog

Features of GetServiceProvisions

The GetServiceProvisions operation can be called to check the activation status and the RAM roles of an Alibaba Cloud service, and return the API information about the RAM roles.

GetServiceProvisions

Terraform v1.2

Terraform v1.2 is supported.

ROS features and resources supported by Terraform

September 2022

Category

Description

References

Resource types of VPC

  • ALIYUN::VPC::NatGateway: creates a NAT gateway in VPC.

  • ALIYUN::VPC::VpcPeerConnection: creates a VPC peering connection.

  • ALIYUN::VPC::NatIp: creates a NAT IP address.

Resource type of KMS

ALIYUN::KMS::Key: creates a customer master key (CMK) in KMS.

ALIYUN::KMS::Key

Resource types of Alibaba Cloud DNS PrivateZone

  • ALIYUN::PVTZ::Zone: creates a private zone.

  • ALIYUN::PVTZ::ZoneRecord: adds a Domain Name Service (DNS) record to a private zone.

  • ALIYUN::PVTZ::ZoneVpcBinder: binds a private zone to a VPC or unbinds a private zone from a VPC.

Resource types of PrivateLink

  • ALIYUN::PrivateLink::VpcEndpoint: creates an endpoint.

  • ALIYUN::PrivateLink::VpcEndpointService: creates an endpoint service.

Resource types of ApsaraMQ for RabbitMQ

  • ALIYUN::AMQP::Binding: binds a queue or an exchange to an exchange.

  • ALIYUN::AMQP::Exchange: creates an exchange.

  • ALIYUN::AMQP::Instance: creates an ApsaraMQ for RabbitMQ instance.

  • ALIYUN::AMQP::Queue: creates a queue.

  • ALIYUN::AMQP::VirtualHost: creates a vhost.

Resource types of Apsara File Storage for HDFS

  • ALIYUN::DFS::AccessGroup: creates a permission group.

  • ALIYUN::DFS::AccessRule: creates a rule for a permission group.

  • ALIYUN::DFS::FileSystem: creates a file system.

  • ALIYUN::DFS::MountPoint: creates a mount target.

Resource cleanup for API Gateway

The resource cleanup feature is supported for the following resource types of API Gateway:

  • ALIYUN::ApiGateway::App

  • ALIYUN::ApiGateway::Group

Resource cleanup for SWF

The resource cleanup feature is supported for the following resource type of Serverless Workflow (SWF):

ALIYUN::FNF::Flow

ALIYUN::FNF::Flow

Resource cleanup for DNS

The resource cleanup feature is supported for the following resource type of Alibaba Cloud DNS (DNS):

ALIYUN::DNS::DomainGroup

ALIYUN::DNS::DomainGroup

Resource cleanup for AnalyticDB for PostgreSQL

The resource cleanup feature is supported for the following resource type of AnalyticDB for PostgreSQL:

ALIYUN::GPDB::DBInstance

ALIYUN::GPDB::DBInstance

Resource cleanup for Application Configuration Management

The resource cleanup feature is supported for the following resource type of Application Configuration Management:

ALIYUN::ACM::Namespace

ALIYUN::ACM::Namespace

Resource cleanup for ActionTrail

The resource cleanup feature is supported for the following resource type of ActionTrail:

ALIYUN::ACTIONTRAIL::Trail

ALIYUN::ACTIONTRAIL::Trail

Resource cleanup for ASM

The resource cleanup feature is supported for the following resource type of Service Mesh (ASM):

ALIYUN::ASM::ServiceMesh

ALIYUN::ASM::ServiceMesh

Resource cleanup for ENS

The resource cleanup feature is supported for the following resource type of Edge Node Service (ENS):

ALIYUN::ENS::Instance

ALIYUN::ENS::Instance

Resource cleanup for ApsaraMQ for Kafka

The resource cleanup feature is supported for the following resource type of ApsaraMQ for Kafka:

ALIYUN::KAFKA::Instance

ALIYUN::KAFKA::Instance

Resource cleanup for TSDB

The resource cleanup feature is supported for the following resource type of Time Series Database (TSDB):

ALIYUN::TSDB::HiTSDBInstance

ALIYUN::TSDB::HiTSDBInstance

Resource cleanup for ApsaraDB MyBase

The resource cleanup feature is supported for the following resource type of ApsaraDB MyBase:

ALIYUN::CDDC::DedicatedHostGroup

ALIYUN::CDDC::DedicatedHostGroup

Resource cleanup for ApsaraDB for ClickHouse

The resource cleanup feature is supported for the following resource type of ApsaraDB for ClickHouse:

ALIYUN::ClickHouse::DBCluster

ALIYUN::ClickHouse::DBCluster

Resource cleanup for ECP

The resource cleanup feature is supported for the following resource type of Elastic Cloud Phone (ECP):

ALIYUN::CloudPhone::InstanceGroup

ALIYUN::CloudPhone::InstanceGroup

Resources in ValidateTemplate

The Resources response parameter is supported in the ValidateTemplate operation.

ValidateTemplate

Information about StatusReason displayed in GetStack and ListStacks by using OperationInfo

The OperationInfo response parameter is supported in the GetStack and ListStacks operations. You can use this parameter to view the structured information about StatusReason.

Fn::Contains, Fn::EachMemberIn, and Fn::MatchPattern

The following functions are supported: Fn::Contains, Fn::EachMemberIn, and Fn::MatchPattern.

Functions

Resource import in Terraform

The resource import feature is supported in Terraform.

ROS features and resources supported by Terraform

August 2022

Category

Description

References

Resource types of ALB

  • ALIYUN::ALB::HealthCheckTemplate: creates a health check template in Application Load Balancer (ALB).

  • ALIYUN::ALB::SecurityPolicy: creates a custom security policy.

  • ALIYUN::ALB::Acl: creates an access control list (ACL).

  • ALIYUN::ALB::AclAssociation: associates ACLs with a listener.

Resource type of EBS

ALIYUN::EBS::DiskReplicaPairAddition: adds a replication pair to a replication pair-consistent group.

ALIYUN::EBS::DiskReplicaPairAddition

Resource cleanup for SAE

The resource cleanup feature is supported for the following resource types of Serverless App Engine (SAE):

  • ALIYUN::SAE::Application

  • ALIYUN::SAE::Namespace

Resource cleanup for API Gateway

The resource cleanup feature is supported for the following resource type of API Gateway:

ALIYUN::ApiGateway::Instance

ALIYUN::ApiGateway::Instance

Resource cleanup for ApsaraDB for MongoDB

The resource cleanup feature is supported for the following resource type of ApsaraDB for MongoDB:

ALIYUN::MONGODB::Instance

ALIYUN::MONGODB::Instance

Resource cleanup for OCS

The resource cleanup feature is supported for the following resource type of ApsaraDB for Memcache (OCS):

ALIYUN::Memcache::Instance

ALIYUN::Memcache::Instance

Resource cleanup for ApsaraDB for Redis

The resource cleanup feature is supported for the following resource type of ApsaraDB for Redis:

ALIYUN::REDIS::Instance

ALIYUN::REDIS::Instance

Resource cleanup for Certificate Management Service

The resource cleanup feature is supported for the following resource type of Certificate Management Service:

ALIYUN::CAS::Certificate

ALIYUN::CAS::Certificate

Resource cleanup for Alibaba Cloud DNS PrivateZone

The resource cleanup feature is supported for the following resource type of Alibaba Cloud DNS PrivateZone:

ALIYUN::PVTZ::Zone

ALIYUN::PVTZ::Zone

Resource cleanup for ACK

The resource cleanup feature is supported for the following resource type of ACK:

ALIYUN::CS::AnyCluster

ALIYUN::CS::AnyCluster

Resource cleanup for OSS

The resource cleanup feature is supported for the following resource type of Object Storage Service (OSS):

ALIYUN::OSS::Bucket

ALIYUN::OSS::Bucket

Resource cleanup for HBR

The resource cleanup feature is supported for the following resource type of Hybrid Backup Recovery (HBR):

ALIYUN::HBR::DbVault

ALIYUN::HBR::DbVault

Resource cleanup for EMR

The resource cleanup feature is supported for the following resource type of EMR:

ALIYUN::EMR::Cluster

ALIYUN::EMR::Cluster

Pseudo parameters in Terraform

The following pseudo parameters are supported in Terraform:

  • ALIYUN__ResourceGroupId

  • ALIYUN__Tags

ROS features and resources supported by Terraform

Risk detection

The risk detection feature is supported in Terraform.

ROS features and resources supported by Terraform

July 2022

Category

Description

References

Resource type of Log Service

ALIYUN::SLS::Dashboard: creates a dashboard.

ALIYUN::SLS::Dashboard

Resource type of CloudMonitor

ALIYUN::CMS::ResourceMetricRule: creates an alert rule for a specified metric of a resource.

ALIYUN::CMS::ResourceMetricRule

Resource type of WUYING Workspace

ALIYUN::ECD::Desktops: creates cloud computers in WUYING Workspace.

ALIYUN::ECD::Desktops

Resource types of NLB

  • ALIYUN::NLB::LoadBalancer: creates an NLB instance.

  • ALIYUN::NLB::Listener: creates a listener.

Resource types of Realtime Compute for Apache Flink

  • ALIYUN::Flink::Instance: creates a subscription or pay-as-you-go Realtime Compute for Apache Flink instance.

  • ALIYUN::Flink::Namespace: creates a project.

Resource type of CEN

ALIYUN::CEN::ChildInstanceRouteEntryToAttachment: adds a route entry to a network instance to which an Enterprise Edition transit router in Cloud Enterprise Network (CEN) is connected.

ALIYUN::CEN::ChildInstanceRouteEntryToAttachment

Resource type of ApsaraDB RDS

ALIYUN::RDS::MigrateTask: creates a migration task to restore backup files from an OSS bucket to an ApsaraDB RDS for SQL Server instance.

ALIYUN::RDS::MigrateTask

DataSource resource types of VPC

The following DataSource resource types are supported for VPC:

  • DATASOURCE::VPC::CommonBandwidthPackages

  • DATASOURCE::VPC::HaVips

Resource cleanup for PolarDB

The resource cleanup feature is supported for the following resource type of PolarDB: ALIYUN::POLARDB::DBCluster.

ALIYUN::POLARDB::DBCluster

Resource cleanup for Elastic Container Instance

The resource cleanup feature is supported for the following resource type of Elastic Container Instance: ALIYUN::ECI::ImageCache.

ALIYUN::ECI::ImageCache

Resource cleanup for OOS

The resource cleanup feature is supported for the following resource types of OOS:

  • ALIYUN::OOS::Template

  • ALIYUN::OOS::Execution

Resource cleanup for EDAS

The resource cleanup feature is supported for the following resource types of Enterprise Distributed Application Service (EDAS):

  • ALIYUN::EDAS::Application

  • ALIYUN::EDAS::Cluster

Resource cleanup for ALB

The resource cleanup feature is supported for the following resource type of ALB: ALIYUN::ALB::ServerGroup.

ALIYUN::ALB::ServerGroup

Resource cleanup for SAG

The resource cleanup feature is supported for the following resource types of Smart Access Gateway (SAG):

  • ALIYUN::SAG::ACL

  • ALIYUN::SAG::Qos

Resource cleanup for Elasticsearch

The resource cleanup feature is supported for the following resource type of Elasticsearch: ALIYUN::ElasticSearch::Instance.

ALIYUN::ElasticSearch::Instance

Resource cleanup for PolarDB-X 1.0

The resource cleanup feature is supported for the following resource type of PolarDB-X 1.0: ALIYUN::DRDS::DrdsInstance.

ALIYUN::DRDS::DrdsInstance

StackId in PreviewStack

The StackId parameter is supported in the PreviewStack operation. You can use this parameter to preview a stack that you want to update.

PreviewStack

Resource import in Terraform

The resource import feature is supported in Terraform.

ROS features and resources supported by Terraform

Drift detection for Terraform stack groups

The drift detection feature is supported for stack groups that are created based on Terraform templates.

ROS features and resources supported by Terraform

June 2022

Category

Description

References

Resource types of SAG

  • ALIYUN::SAG::App: creates an SAG app.

  • ALIYUN::SAG::AppUser: creates a client account for an SAG app.

Resource type of ECP

ALIYUN::CloudPhone::InstanceGroup: creates and starts ECP instances.

ALIYUN::CloudPhone::InstanceGroup

DataSource resource types of Alibaba Cloud services

The following DataSource resource types are supported for ApsaraDB RDS, ApsaraDB for Redis, API Gateway, and DNS:

  • DATASOURCE::RDS::Accounts

  • DATASOURCE::RDS::Databases

  • DATASOURCE::RDS::DBInstances

  • DATASOURCE::RDS::Zones

  • DATASOURCE::REDIS::Accounts

  • DATASOURCE::REDIS::Instances

  • DATASOURCE::ApiGateway::Apis

  • DATASOURCE::ApiGateway::Apps

  • DATASOURCE::DNS::DomainGroups

  • DATASOURCE::DNS::Domains

Resource cleanup for VPC

The resource cleanup feature is supported for the following resource types of VPC:

  • ALIYUN::VPC::NetworkAcl

  • ALIYUN::VPC::FlowLog

Resource cleanup for SLB

The resource cleanup feature is supported for the following resource types of SLB:

  • ALIYUN::SLB::LoadBalancer

  • ALIYUN::SLB::Certificate

  • ALIYUN::SLB::Listener

Resource cleanup for Auto Scaling

The resource cleanup feature is supported for the following resource type of Auto Scaling: ALIYUN::ESS::ScalingGroup.

ALIYUN::ESS::ScalingGroup

Resource cleanup for Elastic Container Instance

The resource cleanup feature is supported for the following resource type of Elastic Container Instance: ALIYUN::ECI::ContainerGroup.

ALIYUN::ECI::ContainerGroup

Resource cleanup for Function Compute

The resource cleanup feature is supported for the following resource type of Function Compute: ALIYUN::FC::Service.

ALIYUN::FC::Service

Resource cleanup for Log Service

The resource cleanup feature is supported for the following resource type of Log Service: ALIYUN::SLS::Project.

ALIYUN::SLS::Project

Resource cleanup for ALB

The resource cleanup feature is supported for the following resource type of ALB: ALIYUN::ALB::LoadBalancer.

ALIYUN::ALB::LoadBalancer

Resource cleanup for DNS

The resource cleanup feature is supported for the following resource type of DNS: ALIYUN::DNS::Domain.

ALIYUN::DNS::Domain

Resource cleanup for CDN

The resource cleanup feature is supported for the following resource type of CDN: ALIYUN::CDN::Domain.

ALIYUN::CDN::Domain

Resource cleanup for WAF

The resource cleanup feature is supported for the following resource type of Web Application Firewall (WAF): ALIYUN::WAF::Domain.

ALIYUN::WAF::Domain

Resource cleanup for AnalyticDB for MySQL

The resource cleanup feature is supported for the following resource type of AnalyticDB for MySQL: ALIYUN::ADB::DBCluster.

ALIYUN::ADB::DBCluster

Resource cleanup for NAS

The resource cleanup feature is supported for the following resource types of NAS:

  • ALIYUN::NAS::AccessGroup

  • ALIYUN::NAS::FileSystem

Resource cleanup for ApsaraMQ for RabbitMQ

The resource cleanup feature is supported for the following resource type: ALIYUN::ROCKETMQ::Instance.

ALIYUN::ROCKETMQ::Instance

DTS in GetServiceProvision

DTS is supported in the GetServiceProvisions operation.

GetServiceProvisions

ResourceTypes in ValidateTemplate

The ResourceTypes response parameter is supported in the ValidateTemplate operation.

ValidateTemplate

ResourceAttributes in GetStackResource

The ResourceAttributes parameter is supported in the GetStackResource operation.

GetStackResource

LogOption in GetStack

The LogOption parameter is supported in the GetStack operation.

GetStack

May 2022

Category

Description

References

DataSource resource types of Alibaba Cloud services

The following DataSource resource types are supported for Tablestore, ENS, Application Configuration Management, EDAS, MSE, E-HPC, and Container Registry:

  • DATASOURCE::OTS::Tables

  • DATASOURCE::ENS::Instances

  • DATASOURCE::ACM::Namespaces

  • DATASOURCE::ACM::Configurations

  • DATASOURCE::EDAS::Applications

  • DATASOURCE::EDAS::Clusters

  • DATASOURCE::EDAS::UserDefineRegions

  • DATASOURCE::MSE::Clusters

  • DATASOURCE::MSE::Gateways

  • DATASOURCE::EHPC::Nodes

  • DATASOURCE::CR::ClusterNodePools

Resource types that support automatic association of system tags

Automatic association of system tags is supported for the following resource types of API Gateway, ApsaraMQ for Kafka, AnalyticDB for PostgreSQL, AnalyticDB for MySQL, EMR, DTS, ALB, HBR, and Alibaba Cloud DNS PrivateZone:

  • ALIYUN::ApiGateway::Plugin

  • ALIYUN::ApiGateway::Instance

  • ALIYUN::KAFKA::Topic

  • ALIYUN::GPDB::DBInstance

  • ALIYUN::GPDB::ElasticDBInstance

  • ALIYUN::ADB::DBCluster

  • ALIYUN::EMR::Cluster

  • ALIYUN::DTS::SubscriptionInstance

  • ALIYUN::ALB::ServerGroup

  • ALIYUN::HBR::DbVault

  • ALIYUN::HBR::BackupClients

  • ALIYUN::PVTZ::Zone

Resource type of Log Service

ALIYUN::SLS::MetricStore: creates a Logstore.

ALIYUN::SLS::MetricStore

Resource type of AnalyticDB for PostgreSQL

ALIYUN::GPDB::Account: creates a database account for an instance.

ALIYUN::GPDB::Account

Resource type of AnalyticDB for MySQL

ALIYUN::ADB::Account: creates a database account for a cluster.

ALIYUN::ADB::Account

Resource type of IMM

ALIYUN::IMM::Project: creates an Intelligent Media Management (IMM) project.

ALIYUN::IMM::Project

Resource type of MPS

ALIYUN::MPS::Pipeline: creates an ApsaraVideo Media Processing (MPS) queue.

ALIYUN::MPS::Pipeline

Resource type of EventBridge

ALIYUN::EventBridge::Rule: creates an event rule for a specified event bus.

ALIYUN::EventBridge::Rule

Resource types of ROS

  • ALIYUN::ROS::StackGroup: creates a stack group.

  • ALIYUN::ROS::StackInstances: creates stacks within specified accounts in specified regions.

Resource cleanup for ECS

The resource cleanup feature is supported for the following resource type of ECS: ALIYUN::ECS::PrefixList.

ALIYUN::ECS::PrefixList

Resource cleanup for VPC

The resource cleanup feature is supported for the following resource types of VPC:

  • ALIYUN::VPC::CommonBandwidthPackage

  • ALIYUN::VPC::NatGateway

  • ALIYUN::VPC::RouteTable

  • ALIYUN::VPC::DhcpOptionsSet

Drift detection in Terraform

The following API operations related to the drift detection feature are supported in Terraform:

  • DetectStackDrift

  • DetectStackGroupDrift

  • GetStackDriftDetectionStatus

  • ListStackResourceDrifts

Drift detection in Terraform

Query for resources that support the resource cleanup feature

The resources that support the resource cleanup feature can be queried when you call the GetFeatureDetails operation.

GetFeatureDetails

Mappings in Terraform templates

The Mappings section is supported in Terraform templates.

Terraform template structure

April 2022

Category

Description

References

Resource types that support automatic association of system tags

Automatic association of system tags is supported for the following resource types of ECS, VPC, SLB, ApsaraMQ for Kafka, PolarDB, ApsaraDB for MongoDB, and Elasticsearch:

  • ALIYUN::ECS::AutoSnapshotPolicy

  • ALIYUN::ECS::SecurityGroupClone

  • ALIYUN::ECS::VPC

  • ALIYUN::ECS::VSwitch

  • ALIYUN::VPC::RouteTable

  • ALIYUN::VPC::EIP

  • ALIYUN::VPC::EIPPro

  • ALIYUN::VPC::CommonBandwidthPackage

  • ALIYUN::VPC::VpnGateway

  • ALIYUN::SLB::AccessControl

  • ALIYUN::SLB::Certificate

  • ALIYUN::KAFKA::Instance

  • ALIYUN::KAFKA::Topic

  • ALIYUN::POLARDB::DBCluster

  • ALIYUN::REDIS::Instance

  • ALIYUN::MONGODB::Instance

  • ALIYUN::MONGODB::ShardingInstance

  • ALIYUN::MONGODB::ServerlessInstance

  • ALIYUN::ElasticSearch::Instance

Resource cleanup for ECS

The resource cleanup feature is supported for the following resource types of ECS:

  • ALIYUN::ECS::DedicatedHost

  • ALIYUN::ECS::HpcCluster

  • ALIYUN::ECS::SSHKeyPair

  • ALIYUN::ECS::DeploymentSet

  • ALIYUN::ECS::LaunchTemplate

Optimization of Fn::Sub and Fn::Calculate

  • Fn::Sub: JSON objects are supported.

  • Fn::Calculate: Remainders can be obtained.

Resource type of ECS

ALIYUN::ECS::PrefixList: creates a prefix list.

ALIYUN::ECS::PrefixList

Resource types that support updates for the Tags property

Updates for the Tags property are supported for the following resource types of AnalyticDB for MySQL, OOS, NAS, ApsaraDB MyBase, ApsaraMQ for RocketMQ, Alibaba Cloud DNS PrivateZone, Function Compute, and ACK:

  • ALIYUN::ADB::DBCluster

  • ALIYUN::OOS::Template

  • ALIYUN::OOS::Execution

  • ALIYUN::NAS::FileSystem

  • ALIYUN::CDDC::DedicatedHost

  • ALIYUN::ROCKETMQ::Instance

  • ALIYUN::PVTZ::Zone

  • ALIYUN::FC::Service

  • ALIYUN::CS::AnyCluster

  • ALIYUN::CS::KubernetesCluster

  • ALIYUN::CS::ManagedEdgeKubernetesCluster

  • ALIYUN::CS::ManagedKubernetesCluster

  • ALIYUN::CS::ServerlessKubernetesCluster

Query for resource types available for a scenario by using GetFeatureDetails

When you call the GetFeatureDetails operation, the Feature parameter can be set to TemplateScratch to query the resource types available for a scenario.

GetFeatureDetails

Scenario feature for PolarDB

PolarDB clusters can be replicated, imported, and migrated by using the scenario feature.

ALIYUN::POLARDB::DBCluster

Parameter query for ACK and ECS

The parameter query feature is supported for ACK and ECS. You can query container nodes across regions and ECS instances across zones.

DATASOURCE::ECS::RecommendInstanceTypes

Resource types that support updates for the Tags property

Updates for the Tags property are supported for the following resource types of ALB, DNS, ECS, ApsaraDB for Redis, Alibaba Cloud DNS PrivateZone, ApsaraDB RDS, and SLB:

  • ALIYUN::ALB::LoadBalancer

  • ALIYUN::ALB::ServerGroup

  • ALIYUN::DNS::Domain

  • ALIYUN::ECS::VPC

  • ALIYUN::ECS::AutoSnapshotPolicy

  • ALIYUN::ECS::CopyImage

  • ALIYUN::ECS::CustomImage

  • ALIYUN::ECS::Disk

  • ALIYUN::ECS::NetworkInterface

  • ALIYUN::ECS::DedicatedHost

  • ALIYUN::ECS::Instance

  • ALIYUN::ECS::InstanceGroup

  • ALIYUN::ECS::SecurityGroup

  • ALIYUN::ECS::Snapshot

  • ALIYUN::ECS::SSHKeyPair

  • ALIYUN::REDIS::Instance

  • ALIYUN::PVTZ::Zone

  • ALIYUN::RDS::DBInstance

  • ALIYUN::SLB::AccessControl

  • ALIYUN::SLB::Certificate

  • ALIYUN::SLB::LoadBalancer

  • ALIYUN::VPC::CommonBandwidthPackage

  • ALIYUN::VPC::EIP and ALIYUN::VPC::EIPPro

DataSource resource types of Alibaba Cloud services

  • DATASOURCE::FC::Services: queries services in Function Compute.

  • DATASOURCE::FC::Functions: queries functions in Function Compute.

  • DATASOURCE::FC::Aliases: queries the aliases of a service in Function Compute.

  • DATASOURCE::FC::Triggers: queries triggers in Function Compute.

  • DATASOURCE::FC::CustomDomains: queries custom domain names that are associated with a service in Function Compute.

  • DATASOURCE::SLS::Project: queries projects in Log Service.

  • DATASOURCE::SLS::Logstores: queries Logstores in Log Service.

  • DATASOURCE::CR::Namespaces: queries namespaces in Container Registry.

  • DATASOURCE::CR::Repositories: queries repositories in Container Registry.

  • DATASOURCE::CS::KubernetesClusters: queries ACK clusters.

  • DATASOURCE::CS::ClusterNodePools: queries the node pools in a cluster.

  • DATASOURCE::SAE::Applications: queries applications in SAE.

  • DATASOURCE::SAE::Namespace: queries namespaces in SAE.

  • DATASOURCE::MNS::Queues: queries queues in MNS.

  • DATASOURCE::MNS::Topics: queries topics in MNS.

  • DATASOURCE::MNS::Subscriptions: queries subscriptions in MNS.

  • DATASOURCE::OTS::Instances: queries instances in Tablestore.

Parameter query for ZoneIds of ACK resources

The parameter query feature is supported for ZoneIds of ACK resources.

None.

March 2022

Category

Description

References

Count and DependsOn in ValidateTemplate and CreateTemplate

Count and DependsOn are supported when you call the ValidateTemplate or CreateTemplate operation to validate or create a template.

DataSource resource types of RAM and NAS

  • DATASOURCE::RAM::Users: queries RAM users.

  • DATASOURCE::RAM::Groups: queries RAM user groups.

  • DATASOURCE::RAM::Roles: queries RAM roles.

  • DATASOURCE::RAM::Policies: queries RAM policies.

  • DATASOURCE::NAS::FileSystems: queries NAS file systems.

  • DATASOURCE::NAS::Zones: queries zones in NAS.

Scenario feature for RAM

The following resource types of RAM can be replicated, imported, and migrated by using the scenario feature:

  • ALIYUN::RAM::User

  • ALIYUN::RAM::Group

  • ALIYUN::RAM::Role

  • ALIYUN::RAM::ManagedPolicy

When you create a scenario, the PreferenceParameters parameter can be set to DisableNameUnique to disable name uniqueness.

DataSource resource types of ECS

  • DATASOURCE::ECS::AutoSnapshotPolicies: queries automatic snapshot policies.

  • DATASOURCE::ECS::Snapshots: queries snapshots.

  • DATASOURCE::ECS::DedicatedHosts: queries dedicated hosts.

  • DATASOURCE::ECS::DeploymentSets: queries deployment sets.

  • DATASOURCE::ECS::HpcClusters: queries High Performance Computing (HPC) clusters.

  • DATASOURCE::ECS::KeyPairs: queries SSH key pairs.

Resource type of VPC

ALIYUN::VPC::EIPPro: creates a specified elastic IP address (EIP).

ALIYUN::VPC::EIPPro

Resource cleanup for ApsaraDB RDS

The resource cleanup feature is supported for the following resource type of ApsaraDB RDS: ALIYUN::RDS:DBInstance.

ALIYUN::RDS::DBInstance

Parameter query for ApsaraDB RDS and Elasticsearch

The parameter query feature is supported for ApsaraDB RDS and Elasticsearch. You can query the specifications of Elasticsearch instances. The query performance is optimized for queries on the specifications of ApsaraDB RDS instances.

Parameter extraction for Terraform parameters

If the type parameter is set to any in the .tf file and does not have a default value, this parameter is identified as the Type parameter and is defined as String in the Parameters section.

Parameters (Optional)

DataSource resource types of VPC

  • DATASOURCE::VPC::NatGatways: queries NAT gateways.

  • DATASOURCE::VPC::NetworkAcls: queries network ACLs.

Resource types that support price inquiry

The price inquiry feature is supported for the following resource types of ALB, VPC, ApsaraDB MyBase, Elastic Container Instance, ENS, and SAG:

  • ALIYUN::ALB::LoadBalancer

  • ALIYUN::VPC::AnycastEIP

  • ALIYUN::CDDC::DedicatedHost

  • ALIYUN::ECI::ImageCache

  • ALIYUN::ENS::Instance

  • ALIYUN::SAG::SmartAccessGateway

February 2022

Category

Description

References

Resource types of SAG and EDAS

  • ALIYUN::SAG::SerialNumberBinding: associates an SAG device with an SAG instance.

  • ALIYUN::EDAS::K8sSlbBinding: binds an SLB instance to an application in an ACK cluster.

Managed stack

Managed stacks are supported to allow you to resolve issues that are related to the access control of ROS for Alibaba Cloud services. Alibaba Cloud services can assume RAM roles to create managed stacks. You can view managed stacks, but you cannot modify them.

GetStack

Resource types of SAG

  • ALIYUN::SAG::Qos: creates a quality of service (QoS) policy.

  • ALIYUN::SAG::QosAssociation: associates a QoS policy with an SAG instance.

  • ALIYUN::SAG::QosCar: creates a traffic throttling rule for a QoS policy.

  • ALIYUN::SAG::QosPolicy: creates a traffic classification rule for a QoS policy.

E-HPC in GetServiceProvisions

The GetServiceProvisions operation can be called to query the activation status and the RAM roles of E-HPC.

GetServiceProvisions

January 2022

Category

Description

References

Resource types of ALB

  • ALIYUN::ALB::BackendServerAttachment: adds backend servers to a server group.

  • ALIYUN::ALB::Listener: creates an HTTP, HTTPS, or Quick UDP Internet Connections (QUIC) listener.

  • ALIYUN::ALB::Rule: creates a forwarding rule.

  • ALIYUN::ALB::ServerGroup: creates a server group.

Terraform v1.1

The Transform parameter can be set to Aliyun::Terraform-v1.1.x in a Terraform template of ROS.

Transform (Required)

Resource type of ROS

ALIYUN::ROS::ResourceCleaner: cleans up resources.

ALIYUN::ROS::ResourceCleaner

DataSource resource types

DataSource resource types are supported. You can use a DataSource resource type to query the data sources of resources that belong to Alibaba Cloud services. Data sources can be referenced by resources and outputs.

DataSource resource

DataSource resource types of ECS

  • DATASOURCE::ECS::RecommendInstanceTypes: queries the recommended ECS instance types.

  • DATASOURCE::ECS::Images: queries images.

  • DATASOURCE::ECS::DiskCategories: queries the type and the category of a disk in ECS.

Resource types of TSDB and SAG

  • ALIYUN::TSDB::InfluxDBDatabase: creates a TSDB database.

  • ALIYUN::TSDB::InfluxDBUser: creates a TSDB database account.

  • ALIYUN::SAG::SmartAccessGateway: creates an SAG instance.

Resource cleanup for ECS

The resource cleanup feature is supported for the following resource type of ECS: ALIYUN::ECS::Instance.

ALIYUN::ECS::Instance

Resources that support price inquiry, system tags, user tags, or resource groups

  • alicloud_elasticsearch_instance: supports price inquiry, system tags, user tags, and resource groups.

  • alicloud_emr_cluster: supports price inquiry, user tags, and resource groups.

ROS resources supported by Terraform

Support for Terraform templates

  • Terraform templates are supported by nested stacks.

  • The Fn::GetStackOutput function can be used to obtain the output of a stack that is created based on a Terraform template.

Terraform template structure

Parameter query for AnalyticDB for PostgreSQL

Zones can be queried when you use the following resource types of AnalyticDB for PostgreSQL:

  • ALIYUN::GPDB::DBInstance

  • ALIYUN::GPDB::ElasticDBInstance

December 2021

Category

Description

References

Resource group propagation in Terraform

Resource group can be propagated in Terraform.

ROS features supported by Terraform

Resources that support tags

User tags and system tags are supported for the following ECS and VPC resources: alicloud_key_pair, alicloud_security_group, alicloud_vpc, and alicloud_vswitch.

ROS resources supported by Terraform

API operations that support the scenario feature

The CreateChangeSet operation can be called for resource migration scenarios. The TemplateScratchRegionId parameter is added to the CreateStack, PreviewStack, and GetTemplateEstimateCost operations to support cross-region migration and replication.

Template sharing with members in a resource directory

A management account or a member in a resource directory can use the resource sharing feature provided by Alibaba Cloud to share an ROS template with other members in the resource directory. This facilitates centralized management of templates based on a specific account and reduces operating costs.

Share a template with members in a resource directory

Resource types of ALB and ROS

  • ALIYUN::ALB::LoadBalancer: creates an ALB instance.

  • ALIYUN::ROS::Sleep: delays the creation, deletion, update, and rollback of other resources.

Elastic Container Instance, Alibaba Cloud Marketplace, ApsaraDB RDS, and ECS resources that support price inquiry, tags, or resource groups in Terraform templates

  • Price inquiry: alicloud_market_order, alicloud_eci_container_group, and alicloud_drds_instance.

  • User tags: alicloud_snapshot, alicloud_image_copy, alicloud_image, alicloud_ecs_network_interface, alicloud_ecs_launch_template, and alicloud_drds_instance.

  • System tags: alicloud_snapshot, alicloud_image_copy, alicloud_image, alicloud_ecs_network_interface, and alicloud_ecs_launch_template.

  • Resource groups: alicloud_image_copy, alicloud_image, alicloud_ecs_network_interface, alicloud_ecs_launch_template, alicloud_drds_instance, and alicloud_eci_container_group.

ROS resources supported by Terraform

November 2021

Category

Description

References

Provider versions of Terraform

Provider versions can be specified in Terraform. If you use Terraform v1.0.10 and the alicloud provider, the values that can be specified as the provider versions range from 1.139.0 to 1.140.0.

ROS features and resources supported by Terraform

Provider types of Terraform

The helm and kubernetes provider types are supported in Terraform.

ROS features and resources supported by Terraform

GetServiceProvisions

The GetServiceProvisions operation is supported. You can call this operation to query the activation status and the RAM roles of an Alibaba Cloud service.

GetServiceProvisions

Change set and stack group in Terraform

Change sets are available for Terraform stacks. Terraform templates can be used to create stack groups.

Data structures

Scenario

The scenario feature is supported. When you create a scenario, you can specify the scope of resources on a visualized interface and perform operations such as replication, management, or migration on the resources in a simplified manner.

Overview

Terraform resources that support price inquiry or tags

  • Price inquiry and user tags: alicloud_cen_bandwidth_package, alicloud_mongodb_instance, and alicloud_polardb_cluster.

  • System tags: alicloud_polardb_cluster.

ROS resources supported by Terraform

October 2021

Category

Description

References

Price inquiry for Terraform resources

The prices of resources in Terraform templates can be queried by using the ROS console or by calling the GetTemplateEstimateCost operation.

September 2021

Category

Description

References

Resource types of Alibaba Cloud services

The following resource types are supported for CEN, Alibaba Cloud DNS PrivateZone, AnalyticDB for MySQL, ACK, Container Registry, and HBR:

  • ALIYUN::CEN::CenRouteService: accesses an Alibaba Cloud service.

  • ALIYUN::PVTZ::UserVpcAuthorization: associates VPCs across accounts.

  • ALIYUN::ADB::DBCluster: creates an AnalyticDB for MySQL cluster.

  • ALIYUN::CS::ClusterNodePool: creates a node pool for a cluster.

  • ALIYUN::CR::UserInfo: creates the information about a user.

  • ALIYUN::HBR::DbAgent: installs a backup client for a database.

Fn::MarketplaceImage

The Fn::MarketplaceImage function is supported. You can invoke this function to query the default image ID that corresponds to the code of a specified image service in Alibaba Cloud Marketplace.

Functions

Concurrency in Terraform

The Parallelism parameter is supported in the following operations: CreateStack, UpdateStack, PreviewStack, and ContinueCreateStack. You can use this parameter to specify the concurrency values for Terraform stacks.

GetTemplateParameterConstraints

The GetTemplateParameterConstraints operation is supported. You can call this operation to query the values of template parameters.

GetTemplateParameterConstraints

August 2021

Category

Description

References

Resource types of VPC

The following resource types are supported for VPC:

  • ALIYUN::VPC::DhcpOptionsSet: creates a Dynamic Host Configuration Protocol (DHCP) option set.

  • ALIYUN::VPC::DhcpOptionsSetAttachment: associates a DHCP option set with a VPC.

Provider types of Terraform

The fortios and fortimanager provider types are supported in Terraform.

ROS features and resources supported by Terraform

Resource type of Function Compute

ALIYUN::FC::Layer: releases a layer version.

ALIYUN::FC::Layer

Service-managed permissions model for stack groups

The service-managed permissions model is supported. When you create a stack group, you can grant self-managed or service-managed permissions to the stack group. The following information describes the differences between the permission models:

  • Before the service-managed permissions model is released, only the self-managed permissions model is available. Before you create a stack group that has self-managed permissions, you must manually create RAM roles within the administrator and execution accounts and establish a trust relationship between the accounts. Then, you can deploy stacks within the execution account.

  • The service-managed permissions model is now available. If you want to create a stack group that has service-managed permissions, you need to only enable the trusted access feature. This way, ROS automatically creates service-linked roles within the administrator and execution accounts. Then, the administrator account assumes the service-linked roles to deploy stacks within the execution account. The service-managed permissions model provides the following benefits:

    • You do not need to manually create RAM roles that are required by stack groups. ROS automatically creates and manages the RAM roles.

    • You can deploy stacks in a stack group that has service-managed permissions in the folders of a resource directory. ROS listens to changes that are applied to members in folders to automatically synchronize the changes to the stacks within the members. For example, ROS can automatically deploy or delete instances within the members.

Overview

ValidationOption in ValidateTemplate

The ValidationOption parameter in supported in the ValidateTemplate operation. This parameter specifies whether to enable additional validation. Valid values:

  • None (default): does not enable additional validation.

  • EnableTerraformValidation: enables additional verification for a Terraform template by running the validate command in the Terraform CLI.

ValidateTemplate

July 2021

Category

Description

References

Resource types that support updates for the Tags property

Updates for the Tags property are supported for the following resource types of API Gateway, Function Compute, Log Service, SAE, OSS, ACK, VPC, NAS, and ECS:

  • ALIYUN::ApiGateway::Group: creates an API group.

  • ALIYUN::ApiGateway::App: creates an application.

  • ALIYUN::FC::Service: creates a service in Function Compute.

  • ALIYUN::SLS::Project: creates a Log Service project.

  • ALIYUN::SAE::Application: creates an SAE application.

  • ALIYUN::OSS::Bucket: creates an OSS bucket.

  • ALIYUN::CS::AnyCluster: creates an ACK cluster of a specific type.

  • ALIYUN::CS::KubernetesCluster: creates an ACK dedicated cluster.

  • ALIYUN::CS::ManagedEdgeKubernetesCluster: creates an ACK edge cluster.

  • ALIYUN::CS::ManagedKubernetesCluster: creates an ACK managed cluster.

  • ALIYUN::CS::ServerlessKubernetesCluster: creates an ACK Serverless cluster.

  • ALIYUN::VPC::EIP: applies for an EIP.

  • ALIYUN::NAS::FileSystem: creates a file system.

  • ALIYUN::ECS::SecurityGroup: creates a security group.

Resource type of Log Service

ALIYUN::SLS::Etl: creates a data transformation task.

ALIYUN::SLS::Etl

Query for the resource creation progress

  • The ShowProgressEvent property is supported in the ALIYUN::ROS::WaitCondition resource type. This property specifies whether to display progress events that are used to receive UserData messages.

  • The ShowResourceProgress parameter is supported in the GetStack operation. This parameter specifies whether to return the processing progress of resources.

Features and version of Terraform

  • The Parameters section and the ContinueCreateStack parameter are supported in Terraform templates.

  • Terraform templates can be created by specifying RAM roles or by using Security Token Service (STS).

  • Terraform v1.0 is supported for stacks.

  • The following provider types are supported in Terraform:

    • time: provides features that are related to time.

    • random: provides features that are related to random numbers.

    • template: provides features that are related to templates.

ROS features and resources supported by Terraform

Pseudo parameters in Terraform templates

The following pseudo parameters are supported in Terraform templates:

  • ALIYUN__StackId: ALIYUN::StackId

  • ALIYUN__StackName: ALIYUN::StackName

  • ALIYUN__TenantId: ALIYUN::TenantId

  • ALIYUN__Region: ALIYUN::Region

  • ALIYUN__AccountId: ALIYUN::AccountId

  • ALIYUN__NoValue: ALIYUN::NoValue

Terraform template structure

Resource types of AnalyticDB for PostgreSQL

The following resource types are supported for AnalyticDB for PostgreSQL:

  • ALIYUN::GPDB::DBInstance: creates an AnalyticDB for PostgreSQL instance in reserved storage mode.

  • ALIYUN::GPDB::ElasticDBInstance: creates an AnalyticDB for PostgreSQL instance in elastic storage mode.

  • ALIYUN::GPDB::InstancePublicConnection: allocates a public endpoint for an AnalyticDB for PostgreSQL instance.

June 2021

Category

Description

References

Fn::Any

The Fn::Any function is supported. You can invoke this function to determine whether the values in the specified array are true or false. If a value in the specified array is true, true is returned. If a value in the specified array is false, false is returned.

Functions

Resource types of Alibaba Cloud services

The following resource types are supported for Resource Management, MaxCompute, and EMR:

  • ALIYUN::ResourceManager::ResourceShare: creates a resource share.

  • ALIYUN::MaxCompute::Table: creates a table.

  • ALIYUN::EMR::ClusterServiceConfigs: creates or modifies the configurations of a specified service in a cluster.

May 2021

Category

Description

References

Automatic activation of EDAS

EDAS can be automatically activated by using the ALIYUN::ROS::AutoEnableService resource type.

ALIYUN::ROS::AutoEnableService

Resource types of CFW and VPC

The following resource types are supported for Cloud Firewall (CFW) and VPC:

  • ALIYUN::CLOUDFW::VpcFirewallControlPolicy: adds an access control policy to a specified policy group of a VPC firewall.

  • ALIYUN::VPC::FlowLog: creates a flow log.

  • ALIYUN::VPC::VpnRouteEntry: creates a destination-based route for a VPN gateway.

April 2021

Category

Description

References

Fn::FormatTime

The Fn::FormatTime function is supported. You can invoke this function to query the current time in a specified format.

Functions

Resource types of Alibaba Cloud services

The following resource types are supported for EDAS, API Gateway, Cloud Config, RAM, Log Service, and WAF:

  • ALIYUN::EDAS::K8sCluster: creates an ACK cluster.

  • ALIYUN::EDAS::K8sApplication: creates an application in an ACK cluster.

  • ALIYUN::ApiGateway::LogConfig: creates a log configuration.

  • ALIYUN::ApiGateway::PluginAttachment: binds a plug-in to an API.

  • ALIYUN::Config::Rule: creates or modifies a rule.

  • ALIYUN::Config::DeliveryChannel: creates or updates a delivery channel.

  • ALIYUN::RAM::RamAccountAlias: creates an alias for an account.

  • ALIYUN::RAM::SecurityPreference: configures security preferences for a RAM user.

  • ALIYUN::SLS::Audit: configures Log Audit Service.

  • ALIYUN::WAF::LogServiceEnable: enables the log collection feature for a specified domain name.

March 2021

Category

Description

References

Optimization of change sets

Change sets are supported in the Conditions and Mappings sections of templates.

None.

Features of resource groups

  • Resource groups can be specified when you create stacks, stack groups, and templates.

  • If you specify a resource group when you create a stack, the ID of the resource group is propagated to resources that belong to the stack and support the resource group feature.

  • Resource groups can be returned when you query stacks, stack groups, and templates that belong to the resource groups.

  • Permissions on resource groups can be managed. You can manage permissions on a resource group to control the operations that can be performed on the stacks, stack groups, and templates that belong to the resource group.

Automatic activation of Alibaba Cloud services

The following Alibaba Cloud services can be automatically activated by using the ALIYUN::ROS::AutoEnableService resource type: Container Registry, MaxCompute, MNS, DataWorks, and Video Surveillance System.

ALIYUN::ROS::AutoEnableService

February 2021

Category

Description

References

Automatic activation of Industrial Brain

Industrial Brain can be automatically activated by using the ALIYUN::ROS::AutoEnableService resource type.

ALIYUN::ROS::AutoEnableService

January 2021

Category

Description

References

Tag propagation of stacks

If you add a tag to a stack when you create or update the stack, the tag is propagated to resources that belong to the stack and support the tag feature. Tags that you add to resources in templates have higher priority than tags that you add to stacks in the ROS console.

Propagate tags

Resource type of DTS

ALIYUN::DTS::SubscriptionInstance: creates a change tracking instance and configures a change tracking task in DTS.

ALIYUN::DTS::SubscriptionInstance

Automatic activation of Alibaba Cloud services

The following Alibaba Cloud services can be automatically activated by using the ALIYUN::ROS::AutoEnableService resource type: ACK, Dynamic Content Delivery Network (DCDN), and Managed Service for OpenTelemetry.

ALIYUN::ROS::AutoEnableService

InstanceType in ALIYUN::FC::Function

The InstanceType property is supported in the ALIYUN::FC::Function resource type. This property specifies the instance type.

ALIYUN::FC::Function

Optimization of PreviewStack

The logic that is used to validate nested stacks when you call the PreviewStack operation is optimized.

PreviewStack

December 2020

Category

Description

References

Resource types that support tags

Tags are supported for the following resource types:

  • ALIYUN::NAS::FileSystem

  • ALIYUN::SAE::Application

  • ALIYUN::SLS::Project

Resources that support drift detection

The drift detection feature is supported for the following resource types:

  • ALIYUN::RDS::DBInstance

  • ALIYUN::SLS::Savedsearch

  • ALIYUN::SLS::Alert

  • ALIYUN::OTS::Instance

  • ALIYUN::OTS::Table

  • ALIYUN::OTS::VpcBinder

  • ALIYUN::VPC::NatGateway

  • ALIYUN::OSS::Bucket

Resource types that support drift detection and resource import

Stack change notifications sent to EventBridge

The NotificationURLs parameter can be set to EventBridge when you call the CreateStack operation. The NotificationURLs parameter specifies the callback URL. If you set the NotificationURLs parameter to EventBridge, ROS sends event notifications to EventBridge when the status of stacks changes.

CreateStack

Fn::Index

The Fn::Index function is supported. You can invoke this function to query indexes.

Functions

Resource type of CloudMonitor

ALIYUN::CMS::SiteMonitor: creates a site monitoring task.

ALIYUN::CMS::SiteMonitor

Resource type of TSDB

ALIYUN::TSDB::HiTSDBInstance: creates a TSDB instance.

ALIYUN::TSDB::HiTSDBInstance

Resource type of IoT Platform

ALIYUN::IOT::Rule: creates a rule for a specified topic.

ALIYUN::IOT::Rule

Resource type of IoT Platform

ALIYUN::IOT::RuleAction: creates a rule action for a specified rule.

ALIYUN::IOT::RuleAction

Resource type of IoT Platform

ALIYUN::IOT::ProductTopic: creates a custom topic category for a specified product.

ALIYUN::IOT::ProductTopic

Resource type of PrivateLink

ALIYUN::PrivateLink::VpcEndpointService: creates an endpoint service of PrivateLink in a VPC.

ALIYUN::PrivateLink::VpcEndpointService

Resource type of PrivateLink

ALIYUN::PrivateLink::VpcEndpoint: creates a PrivateLink endpoint in a VPC.

ALIYUN::PrivateLink::VpcEndpoint

Resource type of ASM

ALIYUN::ASM::ServiceMesh: creates an ASM instance.

ALIYUN::ASM::ServiceMesh

Resource type of API Gateway

ALIYUN::ApiGateway::Instance: creates a dedicated instance in API Gateway.

ALIYUN::ApiGateway::Instance

Template sharing

The template sharing feature is supported.

SetTemplatePermission

Automatic activation of Alibaba Cloud services

The following Alibaba Cloud services can be automatically activated by using the ALIYUN::ROS::AutoEnableService resource type: ARMS, CloudMonitor, DataHub, Function Compute, and PrivateLink.

ALIYUN::ROS::AutoEnableService

November 2020

Category

Description

References

Authentication of source IP addresses

Source IP addresses can be authenticated by using the ROS API of the earlier version (2015-09-01).

None.

OOS Parameter Store

OOS Parameter Store is supported. You can specify parameters that are stored in OOS Parameter Store in the Resources and Parameters sections of ROS templates.

Use OOS Parameter Store to create parameters for ROS templates

Concurrency of a stack

The number of concurrent creation, update, and deletion operations that can be performed on a stack is limited. By default, the number of concurrent creation, update, and deletion operations that can be performed is 50. You can change the maximum concurrency value on the quota management page in the Quota Center console.

Limits

Resource type of KMS

ALIYUN::KMS::Secret: creates a KMS secret and store the initial version of the secret.

ALIYUN::KMS::Secret

Resource type of PolarDB-X 1.0

ALIYUNN::DRDS::DrdsDB: creates a PolarDB-X 1.0 database.

ALIYUN::DRDS::DrdsDB

Resource type of Tablestore

ALIYUN::OTS::SearchIndex: creates a search index for a table.

ALIYUN::OTS::SearchIndex

October 2020

Category

Description

References

Quota Center console

The Quota Center console is integrated into ROS. The quotas of ROS resources can be changed in the Quota Center console.

Limits

Optional template parameter

The default value of a parameter in a template can be set to null. A value of null specifies that the parameter is optional.

Overview

Resource type of DBS

ALIYUN::DBS::RestoreTask: creates a restore task in Database Backup (DBS).

ALIYUN::DBS::RestoreTask

Resource type of HBR

ALIYUN::HBR::RestoreJob: creates a restore job in HBR.

ALIYUN::HBR::RestoreJob

Resource type of HBR

ALIYUN::HBR::BackupClients: installs HBR backup clients.

ALIYUN::HBR::BackupClients

Resource types that support drift detection

The drift detection feature is supported for the following resource types:

  • ALIYUN::SLB::Project

  • ALIYUN::SLS::Logstore

  • ALIYUN::SLS::Index

  • ALIYUN::FC::Version

  • ALIYUN::FC::CustomDomain

  • ALIYUN::FC::Alias

Resource types that support drift detection and resource import

Automatic activation of Alibaba Cloud services

The following Alibaba Cloud services can be automatically activated by using the ALIYUN::ROS::AutoEnableService resource type: IMM, KMS, and ApsaraMQ for RabbitMQ.

ALIYUN::ROS::AutoEnableService

September 2020

Category

Description

References

AssociationPropertyMetadata in templates

The AssociationPropertyMetadata parameter is supported in templates.

Overview

Automatic activation of Alibaba Cloud services

The following Alibaba Cloud services can be automatically activated by using the ALIYUN::ROS::AutoEnableService resource type: API Gateway, Batch Compute, Enterprise Mobile Application Studio (EMAS), NAS, HBR, Natural Language Processing (NLP), OSS, Tablestore, and Log Service.

ALIYUN::ROS::AutoEnableService

Resource types that support price inquiry

The price inquiry feature is supported for the following resource types:

  • ALIYUN::PolarDB::DBCluster

  • ALIYUN::ECI::ContainerGroup

  • ALIYUN::VPC::CommonBandwidthPackage

  • ALIYUN::CEN::CenBandwidthPackage

  • ALIYUN::ECS::DedicatedHost

  • ALIYUN::EMR::Cluster

  • ALIYUN::RDS::ReadOnlyDBInstance

  • ALIYUN::SAE::Application

  • ALIYUN::ElasticSearch::Instance

  • ALIYUN::Memcache::Instance

  • ALIYUN::EHPC::Cluster

  • ALIYUN::VPC::Ipv6Gateway

  • ALIYUN::VPC::VpnGateway

  • ALIYUN::DRDS::DrdsInstance

Resource types that support price inquiry

Resource types that support drift detection

The drift detection feature is supported for the following resource types:

  • ALIYUN::ApiGateway::Api

  • ALIYUN::ApiGateway::Deployment

  • ALIYUN::ApiGateway::Group

  • ALIYUN::ApiGateway::App

  • ALIYUN::ApiGateway::Authoration

  • ALIYUN::SLS::Index

  • ALIYUN::FS::Service

Resource types that support drift detection and resource import

Resource type of Log Service

ALIYUN::SLS::Alert: creates an alert rule in Log Service.

ALIYUN::SLS::Alert

Resource type of Log Service

ALIYUN::SLS::Savedsearch: saves the search results of Log Service as a saved search.

ALIYUN::SLS::Savedsearch

Resource type of CloudMonitor

ALIYUN::CMS::MetricRuleTemplate: creates an alert template in CloudMonitor.

ALIYUN::CMS::MetricRuleTemplate

Resource type of CloudMonitor

ALIYUN::CMS::MonitorGroupInstances: adds instances to an application group in CloudMonitor.

ALIYUN::CMS::MonitorGroupInstances

Fn::Length

The Fn::Length function is supported. You can invoke this function to calculate the length of a string, list, or dictionary.

Functions

August 2020

Category

Description

References

Management based on Terraform

Terraform templates can be used to create, update, and delete resources by using the ROS console or by calling specific ROS API operations.

Overview

Overview page

The Overview page is added to the ROS console. You can view the number of stacks, stack groups, and custom templates in all regions on this page.

None.

Resource types that support drift detection

The drift detection feature is supported for the following resource types:

  • ALIYUN::SLS::Project

  • ALIYUN::SLS::Logstore

  • ALIYUN::REDIS::Instance

  • ALIYUN::REDIS::Whitelist

  • ALIYUN::MONGODB::Instance

  • ALIYUN::NAS::FileSystem

  • ALIYUN::SLB::MasterSlaveServerGroup

  • ALIYUN::VPC::SnatEntry

Resource types that support drift detection and resource import

Resource type of CloudMonitor

ALIYUN::CMS::DynamicTagGroup: creates an application group in CloudMonitor.

ALIYUN::CMS::DynamicTagGroup

July 2020

Category

Description

References

Optimization of ContinueCreateStack

The ContinueCreateStack operation is optimized for features that are relevant to nested stacks.

ContinueCreateStack

Resource types that support drift detection

The drift detection feature is supported for the following resource types:

  • ALIYUN::ECS::Instance

  • ALIYUN::VPC::CommonBandwidthPackage

  • ALIYUN::VPC::CommonBandwidthPackageIp

Resource types that support drift detection and resource import

Resource type of DTS

ALIYUN::DTS::MigrationJob: creates a data migration task in DTS.

ALIYUN::DTS::MigrationJob

Resource type of ApsaraDB RDS

ALIYUN::RDS::Database: creates a database on an ApsaraDB RDS instance.

ALIYUN::RDS::Database

Resource type of DMS

ALIYUN::DMS::Instance: adds a database instance of Data Management (DMS).

ALIYUN::DMS::Instance

June 2020

Category

Description

References

Resource import

Existing resources can be imported to ROS stacks. This way, you can manage and orchestrate resources in a centralized manner.

Overview

Resource type of SAE

ALIYUN::SAE::Namespace: creates an SAE namespace.

ALIYUN::SAE::Namespace

Resource type of SAE

ALIYUN::SAE::Application: creates an SAE application.

ALIYUN::SAE::Application

Resource type of SAE

ALIYUN::SAE::SlbBinding: binds an SLB instance to an SAE application.

ALIYUN::SAE::SlbBinding

Resource type of VPC

ALIYUN::VPC::Ipv6Gateway: creates an IPv6 gateway.

ALIYUN::VPC::Ipv6Gateway

Resource type of VPC

ALIYUN::VPC::Ipv6InternetBandwidth: purchases a public bandwidth plan for an IPv6 address.

ALIYUN::VPC::Ipv6InternetBandwidth

May 2020

Category

Description

References

Replacement update for resources

A replacement update can be performed on a resource whose properties cannot be changed. After you perform a replacement update, the existing resource is deleted, and a new resource is created.

Update a stack by replacing its resource properties

Fn::GetStackOutput

The Fn::GetStackOutput function is supported. You can invoke this function to query the output of a specified stack.

Functions

Fn::Max and Fn::Min

The Fn::Max and Fn::Min functions are supported. You can invoke the Fn::Max function to obtain the largest number among all numbers. You can invoke the Fn::Min function to obtain the smallest number among all numbers.

Functions

Resource type of CloudMonitor

ALIYUN::CMS::Contact: creates an alert contact in CloudMonitor.

ALIYUN::CMS::Contact

Resource type of CloudMonitor

ALIYUN::CMS::ContactGroup: creates an alert contact group in CloudMonitor.

ALIYUN::CMS::ContactGroup

Resource type of CloudMonitor

ALIYUN::CMS::MonitoringAgentProcess: creates a CloudMonitor process for monitoring.

ALIYUN::CMS::MonitoringAgentProcess