All Products
Search

This Product

    CloudOps Orchestration Service:ACS-ECS-JoinSecurityGroupToMultipleInstance

    Document Center

    CloudOps Orchestration Service:ACS-ECS-JoinSecurityGroupToMultipleInstance

    Last Updated:Nov 25, 2024

    Template name

    ACS-ECS-JoinSecurityGroupToMultipleInstance

    Execute Now

    Template description

    Adds multiple Elastic Compute Service (ECS) instances to a security group at a time.

    Template type

    Automated

    Owner

    Alibaba Cloud

    Input parameters

    Parameter

    Description

    Type

    Required

    Default value

    Limit

    targets

    The ECS instances to be added to a security group.

    Json

    Yes

    securityGroupId

    The ID of the security group to which the ECS instances are to be added.

    String

    Yes

    regionId

    The region ID.

    String

    No

    {{ ACS::RegionId }}

    rateControl

    The rate control settings.

    Json

    No

    {'Mode': 'Concurrency', 'MaxErrors': 0, 'Concurrency': 10}

    OOSAssumeRole

    The Resource Access Management (RAM) role that is assumed by CloudOps Orchestration Service (OOS).

    String

    No

    ""

    Output parameters

    None

    Permission policy that is required to execute the template

    {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "ecs:DescribeInstances",
                "ecs:JoinSecurityGroup"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

    References

    For more information, see ACS-ECS-JoinSecurityGroupToMultipleInstance.yml at GitHub.

    Template content

    FormatVersion: OOS-2019-06-01
Description:
  en: Join a security group to multiple instances
  zh-cn: the description in Chinese
  name-en: ACS-ECS-JoinSecurityGroupToMultipleInstance
  name-zh-cn: the description in Chinese
  categories:
    - instance_manage
Parameters:
  regionId:
    Type: String
    Label:
      en: RegionId
      zh-cn: the description in Chinese
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  targets:
    Type: Json
    Label:
      en: TargetInstance
      zh-cn: the description in Chinese
    AssociationProperty: Targets
    AssociationPropertyMetadata:
      ResourceType: 'ALIYUN::ECS::Instance'
      RegionId: regionId
  securityGroupId:
    Label:
      en: SecurityGroupId
      zh-cn: the description in Chinese
    Type: String
    AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
    AssociationPropertyMetadata:
      RegionId: regionId
  rateControl:
    Label:
      en: RateControl
      zh-cn: the description in Chinese
    Type: Json
    AssociationProperty: RateControl
    Default:
      Mode: Concurrency
      MaxErrors: 0
      Concurrency: 10
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
      zh-cn: the description in Chinese
    Type: String
    Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
  - Name: getInstance
    Description:
      en: Views the ECS instances
      zh-cn: the description in Chinese
    Action: ACS::SelectTargets
    Properties:
      ResourceType: ALIYUN::ECS::Instance
      RegionId: '{{ regionId }}'
      Filters:
        - '{{ targets }}'
    Outputs:
      instanceIds:
        Type: List
        ValueSelector: Instances.Instance[].InstanceId
  - Name: checkInstanceReady
    Action: ACS::CheckFor
    Description:
      en: Checks whether the ECS instance status is running or stopped
      zh-cn: the description in Chinese
    Properties:
      Service: ECS
      API: DescribeInstances
      Parameters:
        RegionId: '{{ regionId }}'
        InstanceIds:
          - '{{ ACS::TaskLoopItem }}'
      DesiredValues:
        - Running
        - Stopped
      PropertySelector: Instances.Instance[].Status
    Loop:
      RateControl: '{{ rateControl }}'
      Items: '{{ getInstance.instanceIds }}'
  - Name: joinSecurityGroup
    Action: 'ACS::ExecuteAPI'
    Description:
      en: Deliver a security group to a specified ECS instance
      zh-cn: the description in Chinese
    Properties:
      Service: ECS
      API: JoinSecurityGroup
      Parameters:
        SecurityGroupId: '{{ securityGroupId }}'
        InstanceId: '{{ ACS::TaskLoopItem }}'
        RegionId: '{{ regionId }}'
    Loop:
      RateControl: '{{ rateControl }}'
      Items: '{{ getInstance.instanceIds }}'
Metadata:
  ALIYUN::OOS::Interface:
    ParameterGroups:
      - Parameters:
          - securityGroupId
        Label:
          default:
            zh-cn: the description in Chinese
            en: Select Security Group
      - Parameters:
          - regionId
          - targets
        Label:
          default:
            zh-cn: the description in Chinese
            en: Select Ecs Instances
      - Parameters:
          - rateControl
          - OOSAssumeRole
        Label:
          default:
            zh-cn: the description in Chinese
            en: Control Options