All Products
Search

This Product

    CloudOps Orchestration Service:ACS-ECS-CorrectSecurityGroupInstancesByTags

    Document Center

    CloudOps Orchestration Service:ACS-ECS-CorrectSecurityGroupInstancesByTags

    Last Updated:Nov 25, 2024

    Template name

    ACS-ECS-CorrectSecurityGroupInstancesByTags

    Execute Now

    Template description

    Queries Elastic Compute Service (ECS) instances by tags and adds the queried ECS instances to security groups with the specified tags.

    Template type

    Automated

    Owner

    Alibaba Cloud

    Input parameters

    Parameter

    Description

    Type

    Required

    Default value

    Limit

    tags

    The tags to be added to ECS instances.

    Json

    Yes

    regionId

    The region ID.

    String

    No

    {{ ACS::RegionId }}

    Output parameters

    None

    Permission policy that is required to execute the template

    {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "ecs:DescribeInstances",
                "ecs:DescribeSecurityGroups",
                "ecs:JoinSecurityGroup"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

    References

    For more information, see ACS-ECS-CorrectSecurityGroupInstancesByTags.yml at GitHub.

    Template content

    FormatVersion: OOS-2019-06-01
Description:
  name-en: ACS-ECS-CorrectSecurityGroupInstancesByTags
  name-zh-cn: the description in Chinese
  en: Gets an instance from a label and adds the acquired instance to the security group under the specified label
  zh-cn: the description in Chinese
Parameters:
  regionId:
    Label:
      en: RegionId
      zh-cn: region ID
    AssociationProperty: RegionId
    Type: String
    Default: '{{ ACS::RegionId }}'
  tags:
    Label:
      en: Tags
      zh-cn: the description in Chinese
    Type: Json
    AssociationProperty: Tags
Tasks:
  - Name: describeInstances
    Action: ACS::ExecuteAPI
    Description:
      en: Queries the ECS instances by specifying tag
      zh-cn: the description in Chinese
    Properties:
      Service: ECS
      API: DescribeInstances
      Parameters:
        RegionId: '{{ regionId }}'
        Tags: '{{ tags }}'
    Outputs:
      instanceIds:
        Type: List
        ValueSelector: Instances.Instance[].InstanceId
  - Action: ACS::ExecuteApi
    Name: getSecurityGrpup
    Properties:
      Service: ECS
      API: DescribeSecurityGroups
      Parameters:
        RegionId: '{{regionId}}'
        Tags: '{{ tags }}'
    Outputs:
      securityGroupId:
        Type: String
        ValueSelector: .SecurityGroups.SecurityGroup[].SecurityGroupId
    OnError: ACS::END
    OnSuccess: ACS::NEXT
  - Action: ACS::ExecuteApi
    Name: addInstancesToSecurityGrpup
    Properties:
      Service: ECS
      API: JoinSecurityGroup
      Parameters:
        RegionId: '{{regionId}}'
        InstanceId: '{{ ACS::TaskLoopItem }}'
        SecurityGroupId: '{{ getSecurityGrpup.securityGroupId }}'
    Outputs: {}
    OnError: ACS::END
    OnSuccess: ACS::NEXT
    Loop:
      Items: '{{ describeInstances.instanceIds }}'
      RateControl:
        MaxErrors: 0
        Mode: Concurrency
        Concurrency: 1
Metadata:
  ALIYUN::OOS::Interface:
    ParameterGroups:
      - Parameters:
          - regionId
          - tags
        Label:
          default:
            zh-cn: the description in Chinese
            en: Select Tags