This topic describes how to use the whitelist template feature to apply the same IP addresses to a large number of ApsaraDB RDS for PostgreSQL instances at a time. This feature allows you to add IP addresses to a whitelist template and associate the template with multiple RDS instances in an efficient manner.
Prerequisites
The public endpoints of the RDS instances are enabled.
For more information about how to apply for a public endpoint, see Apply for or release a public endpoint on an ApsaraDB RDS for PostgreSQL instance.
Limits
You can add up to 1,000 IP addresses to the IP address whitelists of an RDS instance. If the number of whitelist IP addresses exceeds the upper limit, the IP addresses fail to be added or the whitelist template fails to be associated with the RDS instances.
NoteThe maximum number of whitelist IP addresses that is allowed by an RDS instance is the total number of the IP addresses that are added to the whitelists and the IP addresses that are added to the whitelist template.
A whitelist IP address can be an IP address or a CIDR block.
A whitelist template can be associated with up to 500 RDS instances.
Usage notes
Operations on a whitelist template immediately take effect. The operations take effect on the RDS instances with which the whitelist template is associated within about 1 minute.
If a whitelist template is associated with multiple RDS instances and is modified, all associated RDS instances are affected. You must evaluate the impacts before you modify a whitelist template.
If you delete a whitelist template, the connections from the IP addresses in the whitelist template are disconnected from the RDS instances with which the whitelist template is associated. If a whitelist template is associated with a small number of RDS instances, we recommend that you disassociate the whitelist template from the RDS instances one by one before you delete the whitelist template.
Billing rules
This feature is provided free of charge.
Procedure
Configure a whitelist template
Log on to the ApsaraDB RDS console. In the left-side navigation pane, click Whitelist Template.
Manage a whitelist template.
Create a whitelist template: Click Create Whitelist Template. In the panel that appears, enter a template name and IP addresses. Then, click OK.
NoteThe names of whitelist templates within the same account must be unique.
If you specify 0.0.0.0/0, all IP addresses are allowed to access the RDS instance over the Internet. Proceed with caution. If you specify this IP address to test connectivity, we recommend that you change the configuration after the test is complete.
If you specify only the 127.0.0.1 entry, all IP addresses are not allowed to access the associated RDS instances. If you specify the 127.0.0.1 entry and other IP addresses or CIDR blocks, the 127.0.0.1 entry is invalid.
The IP addresses in the new whitelist template take effect 1 minute later.
Modify a whitelist template: Find the whitelist template and click Modify in the Actions column. In the panel that appears, perform the following operations and click OK.
ImportantAfter a whitelist template is created, the template name cannot be modified.
Associate the whitelist template with one or more RDS instances by using instance IDs or instance names.
In the left-side All Instances section, select multiple RDS instances or search for a specific instance.
Select the RDS instances and click the
icon to move the RDS instances to the Selected Instances section. Click the 
icon to remove the RDS instances that you want to disassociate with the whitelist template.
NoteYou can associate a whitelist template with up to 20 RDS instances at a time.
Modify the whitelist: Modify or add IP addresses to the whitelist based on your business requirements.
NoteAfter a whitelist template is modified, the modification takes effect on all RDS instances with which the whitelist template is associated.
Delete a whitelist template: Find the whitelist template and click Delete in the Actions column. In the dialog box that appears, click OK.
NoteIf you delete a whitelist template, the IP address whitelists of the RDS instances with which the whitelist template is associated are also deleted.
Manage the association of a whitelist template
Log on to the ApsaraDB RDS console. In the left-side navigation pane, click Instances.
On the page that appears, click the ID of the RDS instance with which you want to associate the whitelist template. In the left-side navigation pane of the page that appears, click Whitelist and SecGroup.
Manage the association.
Associate a whitelist template: Click Associate Whitelist Template. In the panel that appears, select the whitelist template that you want to associate and click OK.
NoteAfter the association is complete, the IP addresses in the whitelist template are displayed on the Whitelist Settings tab.
Disassociate a whitelist template: Find the whitelist template and click Unassociate in the Actions column. In the message that appears, click OK.
References
For more information about how to configure an IP address whitelist for a single RDS instance, see Configure an IP address whitelist.
For more information about the frequently asked questions about IP address whitelist settings, see Errors and FAQ about IP address whitelist settings in ApsaraDB RDS for PostgreSQL.
You can also call the following API operations to configure and manage a whitelist template.
Operation
Description and required parameter
Creates a whitelist template.
IpWhitelist
TemplateName
Modifies a whitelist template.
IpWhitelist
TemplateId
Deletes a whitelist template.
IpWhitelist: Set the value to an empty string.
TemplateId
TemplateId
Fuzzy search
TemplateName: Set the value to the ID of the whitelist template or the keyword in the name of the whitelist template.
FuzzySearch: Set the value to true.
MaxRecordsPerPage.
PageNumbers.
Batch query
FuzzySearch: Set the value to false.
MaxRecordsPerPage.
PageNumbers.
TemplateId
InsName
TemplateId
InsName
TemplateId
InsName