ACS-RDS-ReleaseInstancePublicConnection - CloudOps Orchestration Service

Template name

ACS-RDS-ReleaseInstancePublicConnection - Releases the public endpoint of an RDS instance

Execute Now

Template description

Releases the public IP address of an ApsaraDB RDS instance.

Template type

Automated

Owner

Alibaba Cloud

Input parameters

Parameter	Description	Data type	Required	Default value	Limit
instanceId	The ID of the ApsaraDB RDS instance.	String	Yes
regionId	The region ID.	String	No	{{ ACS::RegionId }}
OOSAssumeRole	The RAM role that is assumed by CloudOps Orchestration Service (OOS).	String	No	""

Output parameters

N/A.

Permission policy that is required to execute the template

{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "rds:DescribeDBInstanceNetInfo",
                "rds:ReleaseInstancePublicConnection"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

Details

ACS-RDS-ReleaseInstancePublicConnection

Template content

FormatVersion: OOS-2019-06-01
Description:
  en: Release the public endpoint of the RDS instance.
  zh-cn: Release the public endpoint of the RDS instance.
  name-en: ACS-RDS-ReleaseInstancePublicConnection
  name-zh-cn: Release the public endpoint of the RDS instance.
  categories:
    - security
    - rds
Parameters:
  regionId:
    Label:
      en: RegionId
      zh-cn: Region ID
    Type: String
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  instanceId:
    Label:
      en: InstanceId
      zh-cn: RDS instance ID
    AssociationProperty: ALIYUN::RDS::Instance::InstanceId
    AssociationPropertyMetadata:
      RegionId: regionId
    Type: String
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
      zh-cn: The RAM role that OOS assumes.
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
  - Name: describeDBInstanceNetInfo
    Action: 'ACS::ExecuteAPI'
    Description:
      en: Query the connection type and endpoint of an RDS instance.
      zh-cn: Query the connection endpoint and type of an RDS instance.
    Properties:
      Service: RDS
      API: DescribeDBInstanceNetInfo
      Parameters:
        RegionId: '{{ regionId }}'
        DBInstanceId: '{{ instanceId }}'
    Outputs:
      connectionString:
        Type: String
        ValueSelector: '.DBInstanceNetInfos.DBInstanceNetInfo[] | select(.IPType=="Public") | .ConnectionString'
  - Name: checkPublicAddress
    Action: 'ACS::Choice'
    Description:
      en: Check whether to release the public endpoint of the instance.
      zh-cn: Check whether to release the public endpoint of the RDS instance.
    Properties:
      DefaultTask: releaseInstancePublicConnection
      Choices:
        - When:
            'Fn::Equals':
              - Null
              - '{{ describeDBInstanceNetInfo.connectionString }}'
          NextTask: 'ACS::END'
  - Name: releaseInstancePublicConnection
    Action: 'ACS::ExecuteAPI'
    Description:
      en: Release the public endpoint of the RDS instance.
      zh-cn: Release the public endpoint of the RDS instance.
    Properties:
      Service: RDS
      API: ReleaseInstancePublicConnection
      Parameters:
        RegionId: '{{ regionId }}'
        DBInstanceId: '{{ instanceId }}'
        CurrentConnectionString: '{{ describeDBInstanceNetInfo.connectionString }}'
Metadata:
  ALIYUN::OOS::Interface:
    ParameterGroups:
      - Parameters:
          - regionId
          - instanceId
        Label:
          default:
            zh-cn: Select instance
            en: Select instance
      - Parameters:
          - OOSAssumeRole
        Label:
          default:
            zh-cn: Advanced options
            en: Advanced options