Template name
ACS-ESS-ECILifeCycleModifyAnalyticDBIPWhitelist: ECI uses a lifecycle hook to set the IP address whitelist for an AnalyticDB instance.
Template description
Uses a lifecycle hook to add or remove the IP addresses of elastic container instances in the IP address whitelist of an AnalyticDB for MySQL cluster.
Template type
Automated
Owner
Alibaba Cloud
Input parameters
Parameter | Description | Type | Required | Default value | Limit |
dbClusterId | The ID of the AnalyticDB for MySQL cluster. | String | Yes | ||
modifyMode | The method used to modify the IP address whitelist. | String | Yes | ||
regionId | The region ID. | String | No | ${regionId} | |
instanceIds | The IDs of the elastic container instances. | List | No | ['${instanceIds}'] | |
lifecycleHookId | The lifecycle hook ID. | String | No | ${lifecycleHookId} | |
lifecycleActionToken | The token of a specific scaling activity that is associated with the instances. | String | No | ${lifecycleActionToken} | |
OOSAssumeRole | The Resource Access Management (RAM) role that is assumed by CloudOps Orchestration Service (OOS). | String | No | OOSServiceRole |
Output parameters
Parameter | Description | Type |
ipAddresses | List |
Policy that is required to execute the template
{
"Version": "1",
"Statement": [
{
"Action": [
"eci:DescribeContainerGroups"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"adb:ModifyDBClusterAccessWhiteList"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ess:CompleteLifecycleAction"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
Details
ACS-ESS-ECILifeCycleModifyAnalyticDBIPWhitelist
Template content
FormatVersion: OOS-2019-06-01
Description:
en: Uses a lifecycle hook to modify the IP whitelist of an AnalyticDB instance.
zh-cn: Uses a lifecycle hook to set the IP whitelist for an AnalyticDB instance.
name-en: ACS-ESS-ECILifeCycleModifyAnalyticDBIPWhitelist
name-zh-cn: Uses a lifecycle hook to set the IP whitelist for an AnalyticDB instance.
categories:
- elastic_manage
Parameters:
dbClusterId:
Label:
en: DBClusterId
zh-cn: AnalyticDB cluster ID
Type: String
modifyMode:
Label:
en: ModifyMode
zh-cn: Modification mode
Description:
en: The method used to modify the IP address whitelist. Use Append for scale-out activities and Delete for scale-in activities.
zh-cn: The method used to modify the IP address whitelist. Use Append for scale-out activities and Delete for scale-in activities.
Type: String
AllowedValues:
- Append
- Delete
regionId:
Label:
en: RegionId
zh-cn: Region ID
Description:
en: The ID of the region. Use the default value ${regionId} provided by Auto Scaling.
zh-cn: The ID of the region. Use the default value ${regionId} provided by Auto Scaling.
Type: String
Default: '${regionId}'
instanceIds:
Label:
en: InstanceIds
zh-cn: ECI instance ID list
Description:
en: The list of ECI instance IDs. Use the default value ["${instanceIds}"] provided by Auto Scaling.
zh-cn: The list of ECI instance IDs. Use the default value ["${instanceIds}"] provided by Auto Scaling.
Type: List
Default:
- '${instanceIds}'
lifecycleHookId:
Label:
en: LifecycleHookId
zh-cn: Lifecycle hook ID
Description:
en: The ID of the lifecycle hook. Use the default value ${lifecycleHookId} provided by Auto Scaling.
zh-cn: The ID of the lifecycle hook. Use the default value ${lifecycleHookId} provided by Auto Scaling.
Type: String
Default: '${lifecycleHookId}'
lifecycleActionToken:
Label:
en: LifecycleActionToken
zh-cn: Token for the specific scaling activity
Description:
en: The token for the specific scaling activity that is associated with an instance. Use the default value ${lifecycleActionToken} provided by Auto Scaling.
zh-cn: The token for the specific scaling activity that is associated with an instance. Use the default value ${lifecycleActionToken} provided by Auto Scaling.
Type: String
Default: '${lifecycleActionToken}'
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: RAM role assumed by OOS
Type: String
Default: OOSServiceRole
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: getInstanceIpAddress
Action: 'ACS::ExecuteAPI'
Description:
en: Gets the IP addresses of the ECI instances.
zh-cn: Gets the IP addresses of the ECI instances.
OnError: CompleteLifecycleActionForAbandon
Properties:
Service: ECI
API: DescribeContainerGroups
Parameters:
RegionId: '{{ regionId }}'
ContainerGroupIds: '{{ instanceIds }}'
Outputs:
Ips:
Type: List
ValueSelector: '.ContainerGroups[].IntranetIp'
- Name: modifySecurityIps
Action: 'ACS::ExecuteAPI'
Description:
en: Modifies the whitelist.
zh-cn: Modifies the whitelist.
OnError: CompleteLifecycleActionForAbandon
OnSuccess: CompleteLifecycleActionForContinue
Properties:
Service: ADB
API: ModifyDBClusterAccessWhiteList
Parameters:
RegionId: '{{ regionId }}'
ModifyMode: '{{ modifyMode }}'
DBClusterId: '{{ dbClusterId }}'
SecurityIps:
'Fn::Join':
- ','
- '{{ getInstanceIpAddress.Ips }}'
- Name: CompleteLifecycleActionForContinue
Action: 'ACS::ExecuteAPI'
Description:
en: Changes the state of the scaling activity to Continue.
zh-cn: Changes the state of the scaling activity to Continue.
OnSuccess: 'ACS::END'
Properties:
Service: ESS
API: CompleteLifecycleAction
Parameters:
RegionId: '{{ regionId }}'
LifecycleHookId: '{{ lifecycleHookId }}'
LifecycleActionToken: '{{ lifecycleActionToken }}'
LifecycleActionResult: CONTINUE
- Name: CompleteLifecycleActionForAbandon
Action: 'ACS::ExecuteAPI'
Description:
en: Changes the state of the scaling activity to Abandon.
zh-cn: Changes the state of the scaling activity to Abandon.
Properties:
Service: ESS
API: CompleteLifecycleAction
Parameters:
RegionId: '{{ regionId }}'
LifecycleHookId: '{{ lifecycleHookId }}'
LifecycleActionToken: '{{ lifecycleActionToken }}'
LifecycleActionResult: ABANDON
Outputs:
ipAddresses:
Type: List
Value: '{{ getInstanceIpAddress.Ips }}'