All Products
Search

This Product

    CloudOps Orchestration Service:ACS-ECS-ApproveBulkyRunCommand

    Document Center

    CloudOps Orchestration Service:ACS-ECS-ApproveBulkyRunCommand

    Last Updated:Dec 22, 2025

    Template name

    ACS-ECS-ApproveBulkyRunCommand: Executes commands in a batch after approval

    Execute Now

    Template description

    Runs a command on multiple Elastic Compute Service (ECS) instances at a time after approval.

    Template type

    Automated

    Owner

    Alibaba Cloud

    Input parameters

    Parameter

    Description

    Type

    Required

    Default value

    Limit

    targets

    Target instance

    Json

    Yes

    commandContent

    The Cloud Assistant command to be run on the ECS instances.

    String

    Yes

    webHookUrl

    The webhook URL of the DingTalk chatbot.

    String

    Yes

    atMobiles

    The users to whom approval notifications are sent in the specified DingTalk group.

    List

    Yes

    approvers

    The users who can approve or reject the O&M task.

    List

    Yes

    regionId

    The region ID.

    String

    No

    {{ ACS::RegionId }}

    commandType

    The type of the Cloud Assistant command.

    String

    No

    RunShellScript

    rateControl

    Task execution concurrency

    Json

    No

    {'Mode': 'Concurrency', 'MaxErrors': 0, 'Concurrency': 10}

    atAll

    Specifies whether to notify all group members when an approval notification is sent to the specified DingTalk group.

    String

    No

    false

    minRequiredApprovals

    The minimum number of approvers who are required to approve the O&M task.

    Number

    No

    1

    OOSAssumeRole

    The Resource Access Management (RAM) role that is assumed by CloudOps Orchestration Service (OOS).

    String

    No

    ""

    Output parameters

    Parameter

    Description

    Type

    commandOutputs

    List

    Permission policy that is required to execute the template

    {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "ecs:DescribeInstances",
                "ecs:DescribeInvocationResults",
                "ecs:DescribeInvocations",
                "ecs:DescribeManagedInstances",
                "ecs:RunCommand"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": [
                "oos:GetApplicationGroup"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

    Details

    For more information, see ACS-ECS-ApproveBulkyRunCommand.yml at GitHub.

    Template content

    FormatVersion: OOS-2019-06-01
Description:
  en: Approve Bulky RunCommand
  zh-cn: Run commands in batches after approval
  name-en: ACS-ECS-ApproveBulkyRunCommand
  name-zh-cn: Run commands in batches after approval
  categories:
    - instance_manage
Parameters:
  regionId:
    Type: String
    Label:
      en: RegionId
      zh-cn: Region ID
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  targets:
    Label:
      en: TargetInstance
      zh-cn: Target Instances
    Type: Json
    AssociationProperty: Targets
    AssociationPropertyMetadata:
      ResourceType: 'ALIYUN::ECS::Instance'
      RegionId: regionId
  commandType:
    Label:
      en: CommandType
      zh-cn: Cloud Assistant Command Type
    Type: String
    AllowedValues:
      - RunBatScript
      - RunPowerShellScript
      - RunShellScript
    Default: RunShellScript
  commandContent:
    Label:
      en: CommandContent
      zh-cn: The Cloud Assistant command to run on the ECS instances
    Type: String
    AssociationProperty: Code
  rateControl:
    Label:
      en: RateControl
      zh-cn: Concurrency rate for task execution
    Type: Json
    AssociationProperty: RateControl
    Default:
      Mode: Concurrency
      MaxErrors: 0
      Concurrency: 10
  webHookUrl:
    Label:
      en: WebHookUrl
      zh-cn: The webhook URL for the DingTalk group assistant
    Description:
      en: >-
        e.g.https://oapi.dingtalk.com/robot/send?access_token=1234zxcvaksdq31414,acquiring DingTalk webhook please refer to second appendix in https://www.alibabacloud.com/help/document_detail/144679.html.
      zh-cn: >-
        For example: https://oapi.dingtalk.com/robot/send?access_token=1234zxcvaksdq31414. For more information about how to obtain a DingTalk webhook, see https://www.alibabacloud.com/help/document_detail/144679.html#h2--2-webhook-5.
    Type: String
  atMobiles:
    Label:
      en: AtMobiles
      zh-cn: The DingTalk mobile phone numbers of group members to be @mentioned in the approval notification
    Type: List
  atAll:
    Label:
      en: AtAll
      zh-cn: Specifies whether to @ all members when the group assistant sends an approval notification to the DingTalk group
    Type: String
    Default: 'false'
  approvers:
    Label:
      en: Approvers
      zh-cn: Users who can approve the task
    Description:
      en: The name to fill is the front part of @ in the RAM user name,if  RAM user is user001@companyAlias.onaliyun.com, then fill  user001  in list.
      zh-cn: >-
        The username is the part of the RAM user's name that precedes the at sign (@). For example, if the RAM user is user001@companyAlias.onaliyun.com, enter user001 in the list.
    Type: List
    AssociationProperty: ALIYUN::RAM::User
  minRequiredApprovals:
    Label:
      en: MinRequiredApprovals
      zh-cn: The minimum number of required approvals
    Type: Number
    Default: 1
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
      zh-cn: The RAM role to be assumed by OOS
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
  - Name: approveBulkyRuncommand
    Action: 'ACS::Approve'
    Description:
      en: Approve operation task runcommand
      zh-cn: Approve the O&M task
    Properties:
      Approvers: '{{approvers}}'
      MinRequiredApprovals: '{{minRequiredApprovals}}'
      NotifyType: WebHook
      WebHook:
        URI: '{{webhookUrl}}'
        Headers:
          Content-Type: application/json
        Content:
          msgtype: text
          text:
            content: >-
              Notify: Please approve the task execution to create ECS instance sent by
              {{ACS::RegionId}} oos {{ACS::ExecutionId}} .
          at:
            atMobiles: '{{atMobiles}}'
            isAtAll: '{{atAll}}'

  - Name: bulkyRunCommand
    Action: ACS::Template
    Description:
      en: Execute cloud assistant command
      zh-cn: Execute the Cloud Assistant command
    Properties:
      TemplateName: ACS-ECS-BulkyRunCommand
      Parameters:
        regionId: '{{ regionId }}'
        commandContent: '{{ commandContent }}'
        commandType: '{{ commandType }}'
        targets: '{{ targets }}'
        rateControl: '{{ rateControl }}'
    Outputs:
      commandOutputs:
        Type: List
        ValueSelector: commandOutputs
Outputs:
  commandOutputs:
    Type: List
    Value: '{{ bulkyRunCommand.commandOutputs }}'
Metadata:
  ALIYUN::OOS::Interface:
    ParameterGroups:
      - Parameters:
          - webHookUrl
          - atMobiles
          - atAll
          - approvers
          - minRequiredApprovals
        Label:
          default:
            zh-cn: Configure Approval
            en: Configure Approval
      - Parameters:
          - commandType
          - commandContent
        Label:
          default:
            zh-cn: Configure Command
            en: Configure Command
      - Parameters:
          - regionId
          - targets
        Label:
          default:
            zh-cn: Select Instances
            en: Select Instances
      - Parameters:
          - rateControl
          - OOSAssumeRole
        Label:
          default:
            zh-cn: Advanced Options
            en: Control Options