Template name
ACS-ESS-LifeCycleModifyAnalyticDBIPWhitelist - Modifies the IP address whitelist for an AnalyticDB instance using a lifecycle hook
Template description
Uses a lifecycle hook to configure an IP address whitelist for an AnalyticDB for MySQL cluster.
Template type
Automated
Owner
Alibaba Cloud
Input parameters
Parameter | Description | Type | Required | Default value | Limit |
dbClusterId | The ID of the AnalyticDB for MySQL cluster. | String | Yes | ||
modifyMode | The method used to modify the IP address whitelist. | String | Yes | ||
regionId | The region ID. | String | No | ${regionId} | |
instanceIds | The IDs of the Elastic Compute Service (ECS) instances. | List | No | ['${instanceIds}'] | |
lifecycleHookId | The lifecycle hook ID. | String | No | ${lifecycleHookId} | |
lifecycleActionToken | The token of a specific scaling activity that is associated with the instances. | String | No | ${lifecycleActionToken} | |
OOSAssumeRole | The Resource Access Management (RAM) role that is assumed by CloudOps Orchestration Service (OOS). | String | No | OOSServiceRole |
Output parameters
Parameter | Description | Type |
ipAddresses | List |
Policy that is required to execute the template
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:DescribeInstances"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"adb:ModifyDBClusterAccessWhiteList"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ess:CompleteLifecycleAction"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
Details
ACS-ESS-LifeCycleModifyAnalyticDBIPWhitelist
Template content
FormatVersion: OOS-2019-06-01
Description:
en: Uses a lifecycle hook to set the IP whitelist for an AnalyticDB instance.
zh-cn: Uses a lifecycle hook to set the IP whitelist for an AnalyticDB instance.
name-en: ACS-ESS-LifeCycleModifyAnalyticDBIPWhitelist
name-zh-cn: Sets the IP whitelist for an AnalyticDB instance using a lifecycle hook.
categories:
- elastic_manage
Parameters:
dbClusterId:
Label:
en: DBClusterId
zh-cn: AnalyticDB Cluster ID
Type: String
modifyMode:
Label:
en: ModifyMode
zh-cn: IP Whitelist Modification Method
Description:
en: The method to modify the IP whitelist. `Append` is for scale-out activities, and `Delete` is for scale-in activities.
zh-cn: The method to modify the IP whitelist. `Append` is for scale-out activities, and `Delete` is for scale-in activities.
Type: String
AllowedValues:
- Append
- Delete
regionId:
Label:
en: RegionId
zh-cn: Region ID
Description:
en: The ID of the region. Use the default value `${regionId}` from Auto Scaling.
zh-cn: The ID of the region. Use the default value `${regionId}` from Auto Scaling.
Type: String
Default: '${regionId}'
instanceIds:
Label:
en: InstanceIds
zh-cn: ECS Instance ID List
Description:
en: The list of ECS instance IDs. Use the default value `['${instanceIds}']` from Auto Scaling.
zh-cn: The list of ECS instance IDs. Use the default value `['${instanceIds}']` from Auto Scaling.
Type: List
Default:
- '${instanceIds}'
lifecycleHookId:
Label:
en: LifecycleHookId
zh-cn: Lifecycle Hook ID
Description:
en: The ID of the lifecycle hook. Use the default value `${lifecycleHookId}` from Auto Scaling.
zh-cn: The ID of the lifecycle hook. Use the default value `${lifecycleHookId}` from Auto Scaling.
Type: String
Default: '${lifecycleHookId}'
lifecycleActionToken:
Label:
en: LifecycleActionToken
zh-cn: Scaling Activity Token
Description:
en: The token for the scaling activity associated with the instance. Use the default value `${lifecycleActionToken}` from Auto Scaling.
zh-cn: The token for the scaling activity associated with the instance. Use the default value `${lifecycleActionToken}` from Auto Scaling.
Type: String
Default: '${lifecycleActionToken}'
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: RAM Role for OOS
Type: String
Default: OOSServiceRole
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: getInstanceIpAddress
Action: 'ACS::ExecuteAPI'
Description:
en: Gets the network type and IP address of the ECS instance.
zh-cn: Gets the network type and IP address of the ECS instance.
OnError: CompleteLifecycleActionForAbandon
Properties:
Service: ECS
API: DescribeInstances
Parameters:
RegionId: '{{ regionId }}'
InstanceIds: '{{ instanceIds }}'
Outputs:
Ips:
Type: List
ValueSelector: >-
.Instances.Instance[]|.VpcAttributes.PrivateIpAddress.IpAddress+.InnerIpAddress.IpAddress|.[
]
- Name: modifySecurityIps
Action: 'ACS::ExecuteAPI'
Description:
en: Modifies the IP whitelist.
zh-cn: Modifies the IP whitelist.
OnError: CompleteLifecycleActionForAbandon
OnSuccess: CompleteLifecycleActionForContinue
Properties:
Service: ADB
API: ModifyDBClusterAccessWhiteList
Parameters:
RegionId: '{{ regionId }}'
ModifyMode: '{{ modifyMode }}'
DBClusterId: '{{ dbClusterId }}'
DBClusterIPArrayName: default
SecurityIps:
'Fn::Join':
- ','
- '{{ getInstanceIpAddress.Ips }}'
- Name: CompleteLifecycleActionForContinue
Action: 'ACS::ExecuteAPI'
Description:
en: Completes the lifecycle action to continue the scaling activity.
zh-cn: Completes the lifecycle action to continue the scaling activity.
OnSuccess: 'ACS::END'
Properties:
Service: ESS
API: CompleteLifecycleAction
Parameters:
RegionId: '{{ regionId }}'
LifecycleHookId: '{{ lifecycleHookId }}'
LifecycleActionToken: '{{ lifecycleActionToken }}'
LifecycleActionResult: CONTINUE
- Name: CompleteLifecycleActionForAbandon
Action: 'ACS::ExecuteAPI'
Description:
en: Completes the lifecycle action to abandon the scaling activity.
zh-cn: Completes the lifecycle action to abandon the scaling activity.
Properties:
Service: ESS
API: CompleteLifecycleAction
Parameters:
RegionId: '{{ regionId }}'
LifecycleHookId: '{{ lifecycleHookId }}'
LifecycleActionToken: '{{ lifecycleActionToken }}'
LifecycleActionResult: ABANDON
Outputs:
ipAddresses:
Type: List
Value: '{{ getInstanceIpAddress.Ips }}'