Nama template
ACS-ESS-LifeCycleModifyRedisIPWhitelist
Deskripsi template
Gunakan panggilan balik siklus hidup untuk mengonfigurasi daftar putih alamat IP pada instance Tair (kompatibel dengan Redis OSS).
Tipe template
Otomatis
Pemilik
Alibaba Cloud
Parameter input
Parameter | Deskripsi | Tipe | Diperlukan | Nilai default | Batasan |
dbInstanceId | ID dari instance Tair (kompatibel dengan Redis OSS). | String | Ya | ||
modifyMode | Metode yang digunakan untuk memodifikasi daftar putih alamat IP. | String | Ya | ||
regionId | ID wilayah. | String | Tidak | ${regionId} | |
instanceIds | ID dari instance Elastic Compute Service (ECS). | List | Tidak | ['${instanceIds}'] | |
lifecycleHookId | ID panggilan balik siklus hidup. | String | Tidak | ${lifecycleHookId} | |
lifecycleActionToken | Token aktivitas penskalaan tertentu yang terkait dengan instance. | String | Tidak | ${lifecycleActionToken} | |
OOSAssumeRole | Peran Resource Access Management (RAM) yang diasumsikan oleh CloudOps Orchestration Service (OOS). | String | Tidak | OOSServiceRole |
Parameter output
Parameter | Deskripsi | Tipe |
ipAddresses | List |
Kebijakan yang diperlukan untuk mengeksekusi template
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:DescribeInstances"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"kvstore:ModifySecurityIps"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ess:CompleteLifecycleAction"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
Referensi
ACS-ESS-LifeCycleModifyRedisIPWhitelist
Konten Template
FormatVersion: OOS-2019-06-01
Description:
en: Use lifecycleHook to modify the IP whitelist of the redis instance
zh-cn: 使用生命周期挂钩设置Redis实例的IP白名单
name-en: ACS-ESS-LifeCycleModifyRedisIPWhitelist
name-zh-cn: 使用生命周期挂钩设置Redis实例的IP白名单
categories:
- elastic_manage
Parameters:
dbInstanceId:
Label:
en: DBInstanceId
zh-cn: Redis实例ID
Type: String
modifyMode:
Label:
en: ModifyMode
zh-cn: 修改IP白名单的方式
Description:
en: The method of modifying the IP whitelist, Append and AppendDup are used for elastic expansion activities, and Delete is used for elastic contraction activities
zh-cn: 修改IP白名单的方式,Append和AppendDup用于弹性扩张活动,Delete用于弹性收缩活动
Type: String
AllowedValues:
- Append
- Delete
- AppendDup
regionId:
Label:
en: RegionId
zh-cn: 地域ID
Description:
en: The ID of region
zh-cn: '地域ID,请使用弹性伸缩系统默认值 ${regionId}'
Type: String
Default: '${regionId}'
instanceIds:
Label:
en: InstanceIds
zh-cn: ECS实例ID列表
Description:
en: The ID list of the ECS instance
zh-cn: 'ECS实例ID列表,请使用弹性伸缩系统默认值 ["${instanceId}"]'
Type: List
Default:
- '${instanceIds}'
lifecycleHookId:
Label:
en: LifecycleHookId
zh-cn: 生命周期挂钩ID
Description:
en: The ID of the lifecycle hook
zh-cn: '生命周期挂钩ID,请使用弹性伸缩系统默认值 ${lifecycleHookId}'
Type: String
Default: '${lifecycleHookId}'
lifecycleActionToken:
Label:
en: LifecycleActionToken
zh-cn: 实例关联的特定伸缩活动的令牌
Description:
en: The token that indicates a specific scaling activity associated with an instance
zh-cn: '实例关联的特定伸缩活动的令牌,请使用弹性伸缩系统默认值 ${lifecycleActionToken}'
Type: String
Default: '${lifecycleActionToken}'
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: OOS扮演的RAM角色
Type: String
Default: OOSServiceRole
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: getInstanceIpAddress
Action: 'ACS::ExecuteAPI'
Description:
en: Gets ECS instance network type and ip address
zh-cn: 获取ECS实例的网络类型和Ip地址
OnError: CompleteLifecycleActionForAbandon
Properties:
Service: ECS
API: DescribeInstances
Parameters:
RegionId: '{{ regionId }}'
InstanceIds: '{{ instanceIds }}'
Outputs:
Ips:
Type: List
ValueSelector: >-
.Instances.Instance[]|.VpcAttributes.PrivateIpAddress.IpAddress+.InnerIpAddress.IpAddress|.[]
- Name: modifySecurityIps
Action: 'ACS::ExecuteAPI'
Description:
en: Modifies the whitelist
zh-cn: 修改白名单
OnError: CompleteLifecycleActionForAbandon
OnSuccess: CompleteLifecycleActionForContinue
Properties:
Service: R-KVSTORE
API: ModifySecurityIps
Parameters:
RegionId: '{{ regionId }}'
ModifyMode: '{{ modifyMode }}'
InstanceId: '{{ dBInstanceId }}'
SecurityIps:
'Fn::Join':
- ','
- '{{ getInstanceIpAddress.Ips }}'
- Name: CompleteLifecycleActionForContinue
Action: 'ACS::ExecuteAPI'
Description:
en: Modify lifecycle action for continue
zh-cn: 修改伸缩活动的等待状态为继续完成
OnSuccess: 'ACS::END'
Properties:
Service: ESS
API: CompleteLifecycleAction
Parameters:
RegionId: '{{ regionId }}'
LifecycleHookId: '{{ lifecycleHookId }}'
LifecycleActionToken: '{{ lifecycleActionToken }}'
LifecycleActionResult: CONTINUE
- Name: CompleteLifecycleActionForAbandon
Action: 'ACS::ExecuteAPI'
Description:
en: Complete lifecycle action for Abandon
zh-cn: 修改伸缩活动的等待状态为弃用
Properties:
Service: ESS
API: CompleteLifecycleAction
Parameters:
RegionId: '{{ regionId }}'
LifecycleHookId: '{{ lifecycleHookId }}'
LifecycleActionToken: '{{ lifecycleActionToken }}'
LifecycleActionResult: ABANDON
Outputs:
ipAddresses:
Type: List
Value: '{{ getInstanceIpAddress.Ips }}'