All Products
Search

This Product

    CloudOps Orchestration Service:ACS-Redis-BulkyDeleteSecurityIpByInstanceIPArray

    Document Center

    CloudOps Orchestration Service:ACS-Redis-BulkyDeleteSecurityIpByInstanceIPArray

    Last Updated:Nov 26, 2024

    Template name

    ACS-Redis-BulkyDeleteSecurityIpByInstanceIPArray

    Execute Now

    Template description

    Removes an IP address from the IP address whitelist of a Tair (Redis OSS-compatible) instance.

    Template type

    Automated

    Owner

    Alibaba Cloud

    Input parameters

    Parameter

    Description

    Data type

    Required

    Default value

    Limit

    instanceId

    The ID of the Tair (Redis OSS-compatible) instance.

    String

    Yes

    regionId

    The region ID.

    String

    No

    {{ ACS::RegionId }}

    securityIp

    The IP address that you want to delete.

    String

    No

    0.0.0.0/0

    OOSAssumeRole

    The RAM role that is assumed by CloudOps Orchestration Service (OOS).

    String

    No

    ""

    Output parameters

    N/A.

    Permission policy that is required to execute the template

    {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "kvstore:DescribeSecurityIps",
                "kvstore:ModifySecurityIps"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

    References

    ACS-Redis-BulkyDeleteSecurityIpByInstanceIPArray

    Template content

    FormatVersion: OOS-2019-06-01
Description:
  en: Bulky del specified ip from the ip white list array of redis instances
  name-en: ACS-Redis-BulkyDeleteSecurityIpByInstanceIPArray
  categories:
    - security
Parameters:
  regionId:
    Label:
      en: RegionId
    Type: String
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  instanceId:
    Label:
      en: The id of Redis instances
    Type: String
  securityIp:
    Label:
      en: The security ip to delete
    Type: String
    Default: 0.0.0.0/0
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
  - Name: describeSecurityIps
    Action: ACS::ExecuteAPI
    Description:
      en: Query SecurityIPList of a redis instance
    Properties:
      Service: R-KVSTORE
      API: DescribeSecurityIps
      Parameters:
        RegionId: '{{ regionId }}'
        InstanceId: '{{ instanceId }}'
    Outputs:
      SecurityIpGroupName:
        Type: List
        ValueSelector: '.SecurityIpGroups.SecurityIpGroup[] | {"SecurityIpList": .SecurityIpList, "SecurityIpGroupName": .SecurityIpGroupName}'
  - Name: modifySecurityIps
    Action: ACS::Redis::DeleteSecurityIpByInstanceIPArray
    Description:
      en: Query SecurityIPList of a redis instance
    Properties:
      regionId: '{{ regionId }}'
      instanceId: '{{ instanceId }}'
      securityIpList:
        Fn::Select:
          - SecurityIpList
          - '{{ ACS::TaskLoopItem }}'
      securityIpGroupName:
        Fn::Select:
          - SecurityIpGroupName
          - '{{ ACS::TaskLoopItem }}'
      securityIp: '{{ securityIp }}'
    Loop:
      Items: '{{ describeSecurityIps.SecurityIpGroupName }}'
      RateControl:
        Mode: Concurrency
        MaxErrors: 0
        Concurrency: 1
Metadata:
  ALIYUN::OOS::Interface:
    ParameterGroups:
      - Parameters:
          - securityIp
        Label:
          default:
            en: Configure Parameters
      - Parameters:
          - regionId
          - instanceId
        Label:
          default:
            en: Select Instances
      - Parameters:
          - OOSAssumeRole
        Label:
          default:
            en: Control Options