全部产品
Search

搜索本产品

    CloudOps Orchestration Service:ACS-RDS-BulkyModifySecurityIpsByInstanceIPArray

    文档中心

    CloudOps Orchestration Service:ACS-RDS-BulkyModifySecurityIpsByInstanceIPArray

    更新时间:Dec 21, 2025

    Nama template

    Template ACS-RDS-BulkyModifySecurityIpsByInstanceIPArray menghapus 0.0.0.0/0 dari grup daftar putih alamat IP instans RDS.

    Eksekusi Sekarang

    Deskripsi template

    Menghapus 0.0.0.0/0 dari daftar putih alamat IP instance ApsaraDB RDS.

    Tipe template

    Otomatis

    Pemilik

    Alibaba Cloud

    Parameter input

    Parameter

    Deskripsi

    Tipe data

    Diperlukan

    Nilai default

    Batasan

    instanceId

    ID dari instance ApsaraDB RDS.

    String

    Ya

    regionId

    ID wilayah.

    String

    Tidak

    {{ ACS::RegionId }}

    OOSAssumeRole

    Peran RAM yang diasumsikan oleh CloudOps Orchestration Service (OOS).

    String

    Tidak

    ""

    Parameter output

    Tidak ada.

    Kebijakan izin yang diperlukan untuk mengeksekusi template

    {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "rds:DescribeDBInstanceIPArrayList",
                "rds:ModifySecurityIps"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

    Detail

    ACS-RDS-BulkyModifySecurityIpsByInstanceIPArray

    Konten templat
    FormatVersion: OOS-2019-06-01
Description:
  en: Deletes 0.0.0.0/0 from the IP address whitelist groups of RDS instances.
  name-en: ACS-RDS-BulkyModifySecurityIpsByInstanceIPArray
  categories:
    - security
    - rds
Parameters:
  regionId:
    Type: String
    Label:
      en: RegionId
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  instanceId:
    Label:
      en: InstanceId
    AssociationProperty: ALIYUN::RDS::Instance::InstanceId
    AssociationPropertyMetadata:
      RegionId: regionId
    Type: String
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
  - Name: describeDBInstanceIPArray
    Action: 'ACS::ExecuteAPI'
    Description:
      en: Queries the IP address whitelist groups of an RDS instance.
    Properties:
      Service: RDS
      API: DescribeDBInstanceIPArrayList
      Parameters:
        RegionId: '{{ regionId }}'
        DBInstanceId: '{{ instanceId }}'
    Outputs:
      DBInstanceIPArray:
        Type: List
        ValueSelector: '.Items.DBInstanceIPArray[] | {"SecurityIPList": .SecurityIPList, "DBInstanceIPArrayName": .DBInstanceIPArrayName, "WhitelistNetworkType": .WhitelistNetworkType}'
  - Name: modifySecurityByDBInstanceIPArray
    Action: ACS::RDS::ModifySecurityIpsByInstanceIPArray
    Description:
      en: Modifies the IP address whitelist groups of the RDS instance.
    Properties:
      regionId: '{{ regionId }}'
      instanceId: '{{ instanceId }}'
      securityIps:
        'Fn::Select':
          - SecurityIPList
          - '{{ ACS::TaskLoopItem }}'
      instanceIPArrayName:
        'Fn::Select':
          - DBInstanceIPArrayName
          - '{{ ACS::TaskLoopItem }}'
      whitelistNetworkType:
        'Fn::Select':
          - WhitelistNetworkType
          - '{{ ACS::TaskLoopItem }}'
    Loop:
      Items: '{{ describeDBInstanceIPArray.DBInstanceIPArray }}'
      RateControl:
        Mode: Concurrency
        MaxErrors: 0
        Concurrency: 1