Nama template
ACS-ECS-JoinSecurityGroupToMultipleInstance: Menerapkan grup keamanan ke beberapa instance
Deskripsi template
Menambahkan beberapa instance Elastic Compute Service (ECS) ke dalam grup keamanan secara bersamaan.
Tipe template
Otomatis
Pemilik
Alibaba Cloud
Parameter input
Parameter | Deskripsi | Tipe | Diperlukan | Nilai default | Batasan |
targets | Target instance | Json | Ya | ||
securityGroupId | ID grup keamanan tempat instance ECS akan ditambahkan. | String | Ya | ||
regionId | ID wilayah. | String | Tidak | {{ ACS::RegionId }} | |
rateControl | Konkurensi eksekusi task | Json | Tidak | {'Mode': 'Concurrency', 'MaxErrors': 0, 'Concurrency': 10} | |
OOSAssumeRole | Peran Resource Access Management (RAM) yang diasumsikan oleh CloudOps Orchestration Service (OOS). | String | Tidak | "" |
Parameter Keluaran
Tidak ada
Kebijakan izin yang diperlukan untuk mengeksekusi template
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:DescribeInstances",
"ecs:JoinSecurityGroup"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"oos:GetApplicationGroup"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
Detail
ACS-ECS-JoinSecurityGroupToMultipleInstance: Detail
Konten Template
FormatVersion: OOS-2019-06-01
Description:
en: Join a security group to multiple instances
zh-cn: Join a security group to multiple instances
name-en: ACS-ECS-JoinSecurityGroupToMultipleInstance
name-zh-cn: Apply Security Group to Multiple Instances
categories:
- instance_manage
Parameters:
regionId:
Type: String
Label:
en: RegionId
zh-cn: Region ID
AssociationProperty: RegionId
Default: '{{ ACS::RegionId }}'
targets:
Type: Json
Label:
en: TargetInstance
zh-cn: Target Instance
AssociationProperty: Targets
AssociationPropertyMetadata:
ResourceType: 'ALIYUN::ECS::Instance'
RegionId: regionId
securityGroupId:
Label:
en: SecurityGroupId
zh-cn: ID of the security group to be applied
Type: String
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
RegionId: regionId
rateControl:
Label:
en: RateControl
zh-cn: Concurrency rate for task execution
Type: Json
AssociationProperty: RateControl
Default:
Mode: Concurrency
MaxErrors: 0
Concurrency: 10
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: The RAM role that OOS assumes
Type: String
Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: getInstance
Description:
en: Retrieves the ECS instances
zh-cn: Retrieves the ECS instances
Action: ACS::SelectTargets
Properties:
ResourceType: ALIYUN::ECS::Instance
RegionId: '{{ regionId }}'
Filters:
- '{{ targets }}'
Outputs:
instanceIds:
Type: List
ValueSelector: Instances.Instance[].InstanceId
- Name: checkInstanceReady
Action: ACS::CheckFor
Description:
en: Checks whether the ECS instance status is Running or Stopped
zh-cn: Checks whether the ECS instance status is Running or Stopped
Properties:
Service: ECS
API: DescribeInstances
Parameters:
RegionId: '{{ regionId }}'
InstanceIds:
- '{{ ACS::TaskLoopItem }}'
DesiredValues:
- Running
- Stopped
PropertySelector: Instances.Instance[].Status
Loop:
RateControl: '{{ rateControl }}'
Items: '{{ getInstance.instanceIds }}'
- Name: joinSecurityGroup
Action: 'ACS::ExecuteAPI'
Description:
en: Joins the security group to a specified ECS instance
zh-cn: Joins the security group to a specified ECS instance
Properties:
Service: ECS
API: JoinSecurityGroup
Parameters:
SecurityGroupId: '{{ securityGroupId }}'
InstanceId: '{{ ACS::TaskLoopItem }}'
RegionId: '{{ regionId }}'
Loop:
RateControl: '{{ rateControl }}'
Items: '{{ getInstance.instanceIds }}'
Metadata:
ALIYUN::OOS::Interface:
ParameterGroups:
- Parameters:
- securityGroupId
Label:
default:
zh-cn: Select Security Group
en: Select Security Group
- Parameters:
- regionId
- targets
Label:
default:
zh-cn: Select ECS Instances
en: Select ECS Instances
- Parameters:
- rateControl
- OOSAssumeRole
Label:
default:
zh-cn: Advanced Options
en: Advanced Options