All Products
Search
Document Center

Resource Management:Query ECS instances with a specific tag and add the ECS instances to security groups with the same tag

Last Updated:Jan 12, 2024

You can create an execution to query Elastic Compute Service (ECS) instances with a specific tag and add the ECS instances to security groups with the same tag by using a public template provided by CloudOps Orchestration Service (OOS). This ensures that ECS instances can be added to correct security groups.

Background information

In this example, an OOS public template is used to query ECS instances with the tag Team:Dev and add the ECS instances to security groups with the tag.

Procedure

  1. Log on to the OOS console.

  2. In the left-side navigation pane, choose Automated Task > Public Template.

  3. In the top navigation bar, select the desired region.

    Note

    By default, OOS deployed in a region can be used to manage resources only in this region. For example, OOS deployed in the China (Hangzhou) region can be used to manage ECS instances only in this region. However, OOS provides a method to manage resources deployed in other regions. If you want to call API operations in other regions, specify the region ID in the ACS::ExecuteAPI action. We recommend that you do not use this method. Therefore, in this example, you must make sure that the region in which OOS is deployed is the same as the region in which the ECS instances you want to manage reside. For more information about the limits on OOS, see Limits.

  4. On the Public Template page, find ACS-ECS-CorrectSecurityGroupInstancesByTags and click Create Execution.

  5. In the Basic Information step, configure the parameters and click Next Step: Parameter Settings.

    In this example, default values are retained for the parameters in the Basic Information step.

    Note

    The default value of Execution Mode is Automatic, which indicates that all tasks defined in the template are automatically run in sequence.

  6. In the Parameter Settings step, configure the parameters and click Next Step: OK.

    1. In the Select Tags section of the step, select the region in which the desired ECS instances reside.

    2. Enter or select a tag key and a tag value in the Tags drop-down lists.

      The system queries the ECS instances to which the specified tag is added and adds the ECS instances to the security groups to which the tag is added.

      Important

      The ECS instances and security groups must reside in the same virtual private cloud (VPC). Otherwise, the ECS instances fail to be added to the security groups.

  7. In the OK step, confirm the settings and click Create.

View the result

If the execution status that is displayed for the execution on the Task Execution Management page is Success, the ECS instances with the tag Team:Dev are added to the security groups with the same tag. You can also check whether a specific ECS instance with the tag is added to the security group with the same tag on the Instances page in the ECS console.