Playbook component parameters support formats such as constants, variables, expressions, and functions. Parameter processing includes extraction, deduplication, loop execution, and other steps.
Parameter categories
By function, parameters are divided into playbook input parameters (start node input parameters), playbook output parameters (start node output parameters), component input parameters, and component output parameters.
By type, parameters are divided into system parameters and component parameters.
NoteDuring component execution, you can access system default parameters from any node, but not component parameters.
Input and output parameters
Component input parameters can be custom-defined or outputs from upstream nodes. If you choose upstream node outputs, the upstream node must be a preceding node that is reachable on the orchestration path.
In multi-path scenarios, you must ensure that node names are globally unique.
Taking Node B in the following diagram as an example: It can access the outputs of upstream Node A and the playbook input parameters. It cannot access the outputs of Node D because they are not on the same branch. It also cannot access the outputs of Node C because Node C is not a preceding node of Node B.
System parameter
System parameters in playbooks (default parameters of start nodes)
System default parameters can be accessed from any node using the expressions in the following table. "event" can be considered as the name of the start node. You can access playbook system parameters using the ${event.parameter_name} format.
Parameter | Data type | Expression | Description |
_tenant_id | String | ${event._tenant_id} | The Alibaba Cloud account ID that calls the playbook. |
_domain_id | String | ${event._domain_id} | The role status of the logged-on user.
|
_trigger_user | String | ${event._trigger_user} | The Alibaba Cloud account ID that triggers the playbook. If a RAM user is used, the RAM user ID is returned. |
_region_id | String | ${event._region_id} | The region ID. |
_req_uuid | String | ${event._req_uuid} | The unique identifier of the current playbook execution task. |
parentTaskUuid | String | ${event.parentTaskUuid} | The _req_uuid of the parent playbook. This parameter exists when a child playbook is called. |
parentTaskName | String | ${event.parentTaskName} | The UUID of the parent playbook. This parameter exists when a child playbook is called. |
System parameters in component output parameters
The output results of any component include the following system parameters. Custom parameters are encapsulated in datalist. You can use ${node_name.datalist.*} to obtain all output parameters.
Parameter | Data type | Description |
datalist | JSONArray | The output parameters after the component is executed. Important Custom output parameters from components are also stored in datalist. |
total_data_successful | Int | The amount of data successfully processed during component execution. |
total_data | Int | The amount of data processed during execution. |
total_data_with_dup | Int | The amount of data successfully processed after deduplication during execution. |
total_exe_successful | Int | The number of times the current component has been successfully executed. |
total_exe | Int | The number of times the current component has been executed. |
status | Boolean | The success status of the execution. Valid values: true and false. |
messageForUser | String | The error message that users need to focus on when execution fails. |
message | String | Error message returned by the system when the execution failed. |
failed_exe_detail | String | The detailed error information when execution fails. |
Parameter formats
Parameters support three basic formats: constants, variables, and expressions. They also support combinations of these three formats and more complex nesting.
Format | Description | Example |
Constant | A fixed string | Ali. |
Variable | Extracts values from playbook input parameters and output parameters of preceding nodes | ${event.aliuid}, which obtains aliuid from playbook input parameters. |
Expression | Uses embedded expressions and functions to generate values. The format is <%=expression|function%>. For supported functions, see Built-in functions in expressions. | Expression: Only Java syntax is supported, such as <%=2*60*60%>. Function: <%=currentTime()%>. |
Combination | Constant_Variable_Expression | Combination example: Ali_${event.aliuid}_<%=currentTime()%>_<%=2*60*60%>. When the component is executed, variables and expressions are parsed and replaced with their corresponding values: Ali_aliuid_current time_7200. Nesting example: (Expressions can embed variables) <%=formatTimeStamp(secondstamp_add(${DateTime:event.datalist.*.gmt_create},-600L),"yyyy-MM-dd'T'HH:mm:ss.SSSXXX")%>, which obtains the gmt_create value from ${DateTime:event.datalist.*.gmt_create}, subtracts 600, and finally formats it as a date. |
Built-in functions in expressions
Function | Description | Example | Example output |
currentTime | Returns the current timestamp. | <%=currentTime()%> | 2025-06-05 10:30:00 |
secondstamp_add | Adds seconds to the current timestamp. | <%=secondstamp_add(currentTime(),300L)%> | 2025-06-05 10:30:09 |
formatTimeStamp | Formats the input timestamp according to the specified format. | <%=formatTimeStamp(currentTime(),"yyyyMMdd")%> | 20250605 |
timestampToseconds | Adds seconds to the current timestamp and converts it to seconds for output. | <%=timestampToseconds(currentTime(),300L)%> | 1749099848 |
splitStr | Splits the input string into a list based on splitStr. | <%=splitStr("test,value",",")%> | [test, value] |
parseTimeMs | Converts a time format string to milliseconds. | <%=parseTimeMs("2025-06-05 10:30:32","yyyy-MM-ddHH:mm:ss")%> | 1749090632000 |
currentTimeToMs | Converts the current timestamp to milliseconds. | <%=currentTimeToMs()%> | 1749091369688 |
currentHourToMs | Converts the current hour's timestamp to milliseconds, calculated from 0 minutes and 0 seconds of the current hour. | <%=currentHourToMs()%> | 1749088800000 |
currentDayToMs | Converts the current day's timestamp to milliseconds, calculated from 0 hours, 0 minutes, and 0 seconds of the current day. | <%=currentDayToMs()%> | 1749052800000 |
parseTimeMsWDefault | Parses a timestamp into milliseconds with default value supported. If parameter 1 is empty, parameter 2 is used as the default value. | <%=parseTimeMsWDefault("2025-06-05 10:30:32",1749091369688L)%> | 1749090632000 |
splitStrToJsonArray | Splits the input string into a JSONArray based on splitStr. | <%=splitStrToJsonArray("test,value",",")%> | ["test","value"] |
concatListStr | Concatenates strings using a connector. Must be used with the splitStr function. | <%=concatListStr("|",splitStr("test,value",","))%> | test|value |
substring | Extracts a substring. Parameter 1: The string to extract from. Parameter 2: The starting index. Parameter 3: The ending index. | <%=substring("012345",0,3)%> | 012 |
remainStrStartEnd | Preserves characters outside the start and end indices. Specifically, it keeps beginSize characters from the beginning of inputStr and endSize characters from the end, connecting them with five underscores.
| <%=remainStrStartEnd("012345",2,2)%> | 01_____45 |
toLong | Converts an object to long type. Parameter 1: The input value. Parameter 2: The default value if conversion fails. | <%=toLong("1234",12L)%> | 1234.0 |
toLowerCase | Converts English letters in a string to lowercase. | <%=toLowerCase("TEST")%> | test |
toUpperCase | Converts English letters in a string to uppercase. | <%=toUpperCase("test")%> | TEST |
toJSONObject | Converts a JSON string to a JSON object. | <%=toJSONObject("{\"name\":\"test\",\"age\":12}")%> | {"name":"test","age":12} |
base64encode | Performs Base64 encoding on a string. | <%=base64encode("abc")%> | YWJj |
base64decode | Performs Base64 decoding on a string. | <%=base64decode("YWJj")%> | abc |
replace | Replaces strings.
| <%=replace("abc123","abc","aaa")%> | aaa123 |
isNull | Determines whether an object is empty. | <%=isNull("")%> | true |
Variable parameters
During playbook component execution, if you want to obtain parameters from preceding nodes in the flow, you can use the variable parameter in the component. For playbook input parameters, use event as the node name. You can understand it as the output parameters of the start node. Therefore, do not set a component name to "event" during playbook orchestration.
Currently, only data retrieval based on node output parameters is supported.
Playbook input parameters = Start node output parameters.
Current node input parameters = Previous node output parameters.
Syntax format
The syntax for obtaining node output parameters is ${node_name.parameter_path}, where the path uses the jsonpath method and supports JSON formats with any number of layers.
For JSONObject format, use "." to directly obtain data from lower-level nodes. For JSONArray format, * represents obtaining all data, and numeric indices are also supported to obtain a single piece of data. The following examples show how to obtain output parameters after execution:
Type
Syntax
Description
Obtain parameters in JSON
${node_name.datalist.*.parameter1.parameter2}
NoteStart node output parameter syntax: ${event.parameter1.parameter2}.
Obtains parameter2 data under parameter1.
NoteThe value of parameter1 must be in JSONObject format.
Obtain all data in a JSON array
${node_name.datalist.*.parameter1.*.parameter2}
NoteStart node output parameter syntax: ${event.parameter1.*.parameter2}.
Obtains parameter2 data from all JSONObjects under parameter1.
NoteThe value of parameter1 must be in JSONArray format.
Obtain a single piece of data in a JSON array
${node_name.datalist.*.parameter1.[0].parameter2}
NoteStart node output parameter syntax: ${event.parameter1.[0].parameter2}.
Obtains parameter2 data from the first JSONObject under parameter1
NoteThe value of parameter1 must be in JSONArray format.
In addition to manually writing syntax rules, the system also supports generating corresponding syntax by selecting parameters from a dropdown list in the input box, which is recommended after debugging is complete. As shown in the following figure:
Obtain variable parameters
Using node1 as an example, its output parameters are as follows:
{
"datalist": [
{
"person": {
"weight": "120",
"age": "12"
}
},
{
"person": {
"weight": "121",
"age": "13"
}
}
],
"total_data_successful": 2,
"total_data": 2,
"total_exe_successful": 2,
"total_exe": 2,
"total_data_with_dup": 2,
"status": true
}Syntax | Description |
${event._req_uuid} | Obtains the value of the system parameter _req_uuid from the start node (input parameters). |
${event.parentTaskUuid} | Obtains the _req_uuid of the parent playbook in a child playbook (if a parent playbook is called). |
${node1.total_data_successful} | Obtains the number of successfully executed data items from node1. Output value: 2. |
${node1.datalist.*.person.age} | Obtains all age data of person under datalist from node1. Output value: {12,13}. |
${node1.datalist.[0].person.age} | Obtains the age data of person from the first item under datalist from node1. Output value: 12. |
Parameter data type conversion
During playbook execution, data is processed as strings in most scenarios. When the data type does not meet requirements during playbook execution, you can convert the data type from the source type to the target type.
The format is ${data_type:data}. The following table lists the supported data type conversions:
Data type | Description | Supported source types |
Boolean | Converts to Boolean type. Valid values: true and false. |
|
Long | Converts to Long type. |
|
Int | Converts to Int type. | |
Double | Converts to Double type. | |
String | Converts to String type. | All types are supported for conversion. |
DateTime | Converts to date type. |
|
JSONObject | Extracts keys and values from a JSONObject to form a new JSONObject. Used to package multi-column data in {} format. Output format: {"fieldname":"fieldValue",...}. | Only JSONObject type is supported. |
JSONArray | Extracts keys and values from a JSONObject to form a JSONArray. Packages multi-row and multi-column data in [{}] format. Data is output as single-row and single-column data. | Only JSONObject type is supported |
JSONObjectStr | Converts a JSONObject to a string. | JSONObject type. |
JSONArrayStr | Converts a JSONArray to a string. | JSONArray type. |
Examples:
JSONObject example: Playbook input parameter: {"src_ip":"127.0.0.1","dst_ip":"127.0.0.2","msg":"hello"}.
${JSONObject:event}: Outputs the entire event as a complete JSON string.
${JSONObject:event.src_ip}: Creates a single-row, single-column JSON from the src_ip in the event. Result: {"src_ip":"127.0.0.1"}.
${JSONObject:event.src_ip|msg}: Creates a single-row, single-column JSON string from the src_ip and msg fields in the event. Result: {"src_ip":"127.0.0.1","msg":"hello"}.
${JSONArray:event}: Outputs the entire event as a complete JSONArray.
${JSONArray:event.src_ip}: Creates a single-row, single-column JSONArray from the src_ip in the event. Result: [{"src_ip":"127.22.22.1"}].
${JSONArray:event.src_ip|msg}: Creates a single-row, single-column JSONArray from the src_ip and msg fields in the event. Result: [{"src_ip":"127.0.0.1","msg":"hello"}].
JSONArray example: Playbook input parameter: {"datalist":[{"src_ip":"127.0.0.1","dst_ip":"127.1.0.1","msg":"hello"},{"src_ip":"127.1.0.1","dst_ip":"127.1.0.1","msg":"hello"}]}.
${JSONObject:event.datalist.*.src_ip}: Expands to multiple rows, with each row resulting in: {"src_ip":"127.x.0.1"}.
${JSONObject:event.datalist.*.src_ip|msg}: Expands to multiple rows, with each row being a JSON string: {"src_ip":"127.x.0.1","msg":"hello"}.
${JSONArray:event.datalist.*.src_ip}: Expands to a single row. Result: [{"src_ip":"127.0.0.1"},{"src_ip":"127.1.0.1"}].
${JSONArray:event.datalist.*.src_ip|msg}: Expands to a single row. Result: [{"src_ip":"127.0.0.1","msg":"hello"},{"src_ip":"127.1.0.1","msg":"hello"}]
Workflow
Extract node parameter: After all upstream nodes have completed execution, the input data for the current node is extracted based on the input configuration of the current node. The extraction process is described in detail below.
Execute node component: After the input parameters for the node are formed, when all fields are the same, the node component is executed after automatic deduplication.
NoteWhen an action accepts multiple sets of values as parameters, to simplify operations, the action will be executed multiple times.
For example: To find all servers (multiple) of a compromised application and execute the "Malicious File Purge" action on each of these servers. Users only need to select "Server IP" (${node1.datalist.*.ip}) in the parameters, and the system will automatically execute the "Malicious File Purge" action on all IPs. There is no need to write a loop to execute the purge action one by one.
Output result aggregation and deduplication: After multiple executions of a node, the results are aggregated and automatically deduplicated. For deduplication, entries are considered as duplicates when all fields are identical. For example:
Before deduplication
After deduplication
[ { "a": "11", "b": "22" }, { "a": "11", "b": "22" }, { "a": "11", "b": "33" } ][ { "a": "11", "b": "22" }, { "a": "11", "b": "33" } ]
Extract parameters
Process one data source
Complex JSON formats of any depth can be viewed as a tree structure. The principles for extracting parameters from JSON are: sibling relationships at the same depth remain unchanged, ancestor nodes are expanded, and nodes that are neither siblings nor ancestors undergo a Cartesian product.
Automatically extract data of any depth. Example:
Sibling relationships at the same depth remain unchanged. Example:
Ancestor expansion. Example:
For nodes that are neither siblings nor ancestors, perform a Cartesian product. Example:
Process multiple data sources
Perform a Cartesian product on the processing results from each individual data source.
