ACS-RDS-BulkyMigrateSecurityIPMode - CloudOps Orchestration Service

Nama template

ACS-RDS-BulkyMigrateSecurityIPMode – Mengalihkan daftar putih RDS ke mode keamanan tinggi

Eksekusi Sekarang

Deskripsi template

Mengubah mode daftar putih instance ApsaraDB RDS ke mode daftar putih yang ditingkatkan.

Tipe template

Otomatis

Pemilik

Alibaba Cloud

Parameter input

Parameter	Deskripsi	Tipe data	Diperlukan	Nilai default	Batasan
regionId	ID wilayah.	String	Tidak	{{ ACS::RegionId }}
targets	Instans target.	Json	Tidak	{'Type': 'ResourceIds', 'ResourceIds': [], 'RegionId': '{{ regionId }}'}
instanceIds	Daftar ID instans RDS.	List	Tidak	[]
rateControl	Laju konkurensi untuk eksekusi task.	Json	Tidak	{'Mode': 'Concurrency', 'MaxErrors': 0, 'Concurrency': 10}
OOSAssumeRole	Peran RAM yang diasumsikan oleh Operation Orchestration Service (OOS).	String	Tidak	""

Parameter output

Tidak tersedia.

Kebijakan izin yang diperlukan untuk mengeksekusi template

{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "rds:DescribeDBInstances",
                "rds:MigrateSecurityIPMode"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": [
                "oos:GetApplicationGroup"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

Rincian

ACS-RDS-BulkyMigrateSecurityIPMode

Isi Template

FormatVersion: OOS-2019-06-01
Description:
  en: Migrate security ip mode
  name-en: ACS-RDS-BulkyMigrateSecurityIPMode
  categories:
    - security
    - rds
Parameters:
  regionId:
    Type: String
    Label:
      en: RegionId
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  targets:
    Type: Json
    Label:
      en: TargetInstance
    AssociationProperty: Targets
    AssociationPropertyMetadata:
      ResourceType: ALIYUN::RDS::Instance
      RegionId: regionId
    Default:
      Type: ResourceIds
      ResourceIds: []
      RegionId: '{{ regionId }}'
  instanceIds:
    Label:
      en: InstanceIds
    AssociationProperty: ALIYUN::RDS::Instance::InstanceId
    Type: List
    Default: []
    AssociationPropertyMetadata:
      RegionId: regionId
      Visible:
        Condition:
          Fn::Equals:
            - ${targets}
            - {}
  rateControl:
    Label:
      en: RateControl
    Type: Json
    AssociationProperty: RateControl
    Default:
      Mode: Concurrency
      MaxErrors: 0
      Concurrency: 10
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Conditions:
  instanceId:
    Fn::Equals:
      - '{{ instanceIds }}'
      - []
Tasks:
  - Name: getInstance
    When: instanceId
    Description:
      en: Get the RDS instances
    Action: ACS::SelectTargets
    Properties:
      ResourceType: ALIYUN::RDS::Instance
      RegionId: '{{regionId}}'
      Filters:
        - '{{ targets }}'
    Outputs:
      instanceIds:
        Type: List
        ValueSelector: Instances.Instance[].InstanceId
  - Name: migrateSecurityIPMode
    When: instanceId
    Action: 'ACS::ExecuteAPI'
    Description:
      en: Migrate security ip mode
    Properties:
      Service: RDS
      API: MigrateSecurityIPMode
      Parameters:
        RegionId: '{{ regionId }}'
        DBInstanceId: '{{ ACS::TaskLoopItem }}'
    Loop:
      RateControl: '{{ rateControl }}'
      Items:
        Fn::If:
          - Fn::Equals:
              - '{{instanceIds}}'
              - []
          - '{{ getInstance.instanceIds }}'
          - '{{ instanceIds}}'