Use ALIYUN::ECS::Instance to create an ECS instance - Resource Orchestration Service

ALIYUN::ECS::Instance is used to create an Elastic Compute Service (ECS) instance.

Important

This resource type is no longer iterated or updated. We recommend that you use ALIYUN::ECS::InstanceGroup.

Syntax

{
  "Type": "ALIYUN::ECS::Instance",
  "Properties": {
    "DedicatedHostId": String,
    "Period": Number,
    "AutoRenew": String,
    "RamRoleName": String,
    "IoOptimized": String,
    "InternetChargeType": String,
    "PrivateIpAddress": String,
    "KeyPairName": String,
    "SystemDiskDiskName": String,
    "PeriodUnit": String,
    "Description": String,
    "Tags": List,
    "HostName": String,
    "AutoRenewPeriod": Number,
    "ImageId": String,
    "ResourceGroupId": String,
    "InstanceChargeType": String,
    "VSwitchId": String,
    "Password": String,
    "PasswordInherit": Boolean,
    "InstanceType": String,
    "SystemDiskCategory": String,
    "UserData": String,
    "SystemDiskSize": Number,
    "ZoneId": String,
    "InternetMaxBandwidthOut": Integer,
    "VpcId": String,
    "SpotStrategy": String,
    "InstanceName": String,
    "DeletionProtection": Boolean,
    "DeploymentSetId": String,
    "SecurityGroupIds": List,
    "SecurityGroupId": String,
    "SecurityEnhancementStrategy": String,
    "SpotPriceLimit": String,
    "HpcClusterId": String,
    "AllocatePublicIP": Boolean,
    "SystemDiskDescription": String,
    "SystemDiskPerformanceLevel": String,
    "DiskMappings": List,
    "SpotInterruptionBehavior": String,
    "ZoneIds": List,
    "SpotDuration": Integer,
    "CreditSpecification": String,
    "PrivatePoolOptions": Map,
    "StorageSetId": String,
    "HttpTokens": String,
    "HttpEndpoint": String,
    "Tenancy": String,
    "StorageSetPartitionNumber": Integer,
    "DeploymentSetGroupNo": Integer,
    "Affinity": String,
    "UseAdditionalService": Boolean,
    "ImageFamily": String
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint
ResourceGroupId	String	No	Yes	The ID of the resource group.	None.
SpotInterruptionBehavior	String	No	No	The interruption mode of the preemptible instance.	Set the value to Terminate. A value of Terminate specifies that the system directly releases preemptible instances. Default value: Terminate.
ZoneIds	List	No	No	The zones.	None.
SpotDuration	Integer	No	No	The protection period of the preemptible instance.	Valid values: 0 to 6. Unit: hour. 0: If you set this property to 0, the preemptible instance does not have a protection period. 2 to 6: The retention periods of 2, 3, 4, 5, and 6 hours are in invitational preview. If you want to set this property to one of the values, submit a ticket. 1 (default).
SecurityGroupIds	List	No	No	The IDs of the security groups.	You must specify SecurityGroupId or SecurityGroupIds.
ImageId	String	No	Yes	The ID of the image. You can use a public image, a custom image, or an Alibaba Cloud Marketplace image.	To specify a public image, you can enter a partial image ID instead of the complete image ID. Public images support fuzzy search. Examples: If you enter ubuntu, the system matches it with the following image ID: ubuntu16_0402_64_20G_alibase_20170818.vhd. If you enter ubuntu_14, the system matches it with the following image ID: ubuntu_14_0405_64_20G_alibase_20170824.vhd. If you enter ubuntu1432, the system matches it with the following image ID: ubuntu_14_0405_32_40G_alibase_20170711.vhd. If you enter ubuntu_16_0402_32, the system matches it with the following image ID: ubuntu_16_0402_32_40G_alibase_20170711.vhd.
InstanceType	String	Yes	Yes	The ECS instance type.	For more information about ECS instance types, see Overview of instance families.
SecurityGroupId	String	No	No	The ID of the security group.	You must specify SecurityGroupId or SecurityGroupIds.
SecurityEnhancementStrategy	String	No	No	Specifies whether to enable security hardening.	Valid values: Active: enables security hardening. This value is valid only for public images. Deactive (default): disables security hardening. This value is valid for images of all types.
Description	String	No	Yes	The description.	The description must be 2 to 256 characters in length.
InstanceName	String	No	Yes	The name of the ECS instance.	The name must be 2 to 128 characters in length. It must start with a letter and cannot start with `http://` or `https://`. It can contain letters, digits, colons (:), underscores (_), and hyphens (-). If you leave this property empty, the instance ID is used by default.
Password	String	No	Yes	The logon password of the ECS instance.	The password must be 8 to 30 characters in length. It must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. The following special characters are supported: `( ) ' ~ ! @ # $ % ^ & * - + = \| { } [ ] : ; < > , . ? / -`. If you specify this property, we recommend that you call Resource Orchestration Service (ROS) API operations over HTTPS to prevent password leaks.
PasswordInherit	Boolean	No	No	Specifies whether to use the preset password of the image.	Valid values: true false (default) Note If you set this property to true, you must leave Password empty and make sure that the selected image has a preset password.
HostName	String	No	Yes	The hostname of the ECS instance.	The hostname must be at least two characters in length. It cannot start or end with a period (.) or hyphen (-). It cannot contain consecutive periods (.) or consecutive hyphens (-). Windows: The hostname can be up to 15 characters in length, and can contain letters, digits, and hyphens (-). It cannot contain periods (.) or only digits. Other operating systems such as Linux: The hostname can be up to 30 characters in length. Separate multiple segments in the hostname with periods (.). Each segment can contain letters, digits, and hyphens (-).
AllocatePublicIP	Boolean	No	No	Specifies whether to assign a public IP address.	Valid values: true (default) false Note If you set InternetMaxBandwidthOut to a value that is greater than 0, the system assigns a public IP address.
PrivateIpAddress	String	No	No	The private IP address of the ECS instance in a virtual private cloud (VPC).	The specified IP address must not be used by other instances in the VPC.
InternetChargeType	String	No	Yes	The metering method for Internet usage.	Valid values: PayByBandwidth: pay-by-bandwidth PayByTraffic (default): pay-by-data-transfer
InternetMaxBandwidthOut	Integer	No	Yes	The maximum outbound public bandwidth.	Valid values: 0 to 100. Default value: 0. Unit: Mbit/s.
IoOptimized	String	No	No	Specifies whether to create an I/O optimized instance.	Valid values: none: does not create an I/O optimized instance. optimized (default): creates an I/O optimized instance.
DiskMappings	List	No	Yes	The data disks that you want to attach to the ECS instance.	You can attach up to 16 data disks. For more information, see DiskMappings syntax and DiskMappings properties.
SystemDiskCategory	String	No	Yes	The category of the system disk.	Valid values: cloud: basic disk cloud_ssd: standard SSD cloud_efficiency: ultra disk cloud_essd: Enterprise SSD (ESSD) ephemeral_ssd: local SSD For non-I/O optimized instances of a retired instance type, the default value is cloud. For instances of other types, the default value is cloud_efficiency.
SystemDiskDescription	String	No	No	The description of the system disk.	None.
SystemDiskDiskName	String	No	No	The name of the system disk.	The name must be 2 to 128 characters in length. It must start with a letter and cannot start with `http://` or `https://`. It can contain letters, digits, colons (:), underscores (_), and hyphens (-).
SystemDiskSize	Number	No	Yes	The size of the system disk.	Valid values: 20 to 500. Unit: GB. If you use a custom image to create a system disk, make sure that the size of the system disk is larger than the size of the custom image.
Tags	List	No	Yes	The custom tags that you want to add to the ECS instance.	You can specify up to 20 tags in the following format: `[{"Key": "tagKey", "Value": "tagValue"},{"Key": "tagKey2", "Value": "tagValue2"}]`. For more information, see Tags syntax and Tags properties.
UserData	String	No	Yes	The user data that you want to specify when you create the ECS instance.	The user data can be up to 16 KB in size. You do not need to convert the data into Base64-encoded strings. If the user data contains special characters, you must add the escape character (\) before each special character.
ZoneId	String	No	No	The ID of the zone.	None.
HpcClusterId	String	No	No	The ID of the Elastic High Performance Computing (E-HPC) cluster to which the ECS instance belongs.	None.
VpcId	String	No	No	The ID of the VPC.	None.
VSwitchId	String	No	No	The ID of the vSwitch.	None.
InstanceChargeType	String	No	No	The billing method of the ECS instance.	Valid values: PrePaid: subscription. If you set this property to PrePaid, make sure that your account has sufficient balance. If your account does not have sufficient balance, the ECS instance fails to be created. PostPaid (default): pay-as-you-go.
Period	Number	No	No	The billing cycle.	Period is required if InstanceChargeType is set to PrePaid. Period is optional if InstanceChargeType is set to PostPaid.
KeyPairName	String	No	Yes	The name of the key pair that is used to log on to the ECS instance.	For ECS Windows instances, you can ignore KeyPairName. For ECS Linux instances, password-based logons are disabled during initialization. To improve the security of your instance, we recommend that you use key pairs for logons.
RamRoleName	String	No	No	The name of the Resource Access Management (RAM) role for the ECS instance.	For more information, see CreateRole and ListRoles.
SpotPriceLimit	String	No	No	The maximum hourly price of the ECS instance.	The value of this property can contain up to three decimal places. This property takes effect when SpotStrategy is set to SpotWithPriceLimit.
SpotStrategy	String	No	No	The bidding policy for a pay-as-you-go instance.	You must specify this property when InstanceChargeType is set to PostPaid. Valid values: NoSpot (default): The instance is created as a regular pay-as-you-go instance. SpotWithPriceLimit: The instance is created as a preemptible instance that has a user-defined maximum hourly price. SpotAsPriceGo: The instance is created as a preemptible instance whose bidding price is based on the market price at the time of purchase. The market price can be up to the pay-as-you-go price.
DedicatedHostId	String	No	No	The ID of the dedicated host on which you want to create the ECS instance.	You can call the DescribeDedicatedHosts operation to query the IDs of dedicated hosts. You cannot create preemptible instances on dedicated hosts. If you specify this property, the system ignores the values of SpotStrategy and SpotPriceLimit in the request.
PeriodUnit	String	No	No	The unit of the billing cycle of the ECS instance.	Valid values: Week Month (default)
AutoRenewPeriod	Number	No	No	The auto-renewal period.	You must specify this property when AutoRenew is set to True. Valid values when PeriodUnit is set to Week: 1, 2, and 3. Valid values when PeriodUnit is set to Month: 1, 2, 3, 6, and 12.
AutoRenew	String	No	No	Specifies whether to enable auto-renewal.	Valid values: True False (default) You must specify this property when InstanceChargeType is set to PrePaid.
DeletionProtection	Boolean	No	Yes	Specifies whether to enable deletion protection for the ECS instance. You can use this property to determine whether you can delete the instance by using the ECS console or DeleteInstance operation.	Valid values: true false (default) Note This property takes effect only for pay-as-you-go instances. This property can protect instances against manual deletion but cannot protect instances against automatic deletion.
DeploymentSetId	String	No	No	The ID of the deployment set.	None.
SystemDiskPerformanceLevel	String	No	Yes	The performance level (PL) of the ESSD that you want to use as the system disk.	Valid values: PL0: An ESSD can deliver up to 10,000 random read/write IOPS. PL1 (default): An ESSD can deliver up to 50,000 random read/write IOPS. PL2: An ESSD can deliver up to 100,000 random read/write IOPS. PL3: An ESSD can deliver up to 1,000,000 random read/write IOPS. For more information about how to select the PLs of ESSDs, see ESSDs.
CreditSpecification	String	No	Yes	The performance mode of the burstable instance.	Valid values: Standard: standard mode. For more information, see the "Standard mode" section of the Overview topic. Unlimited: unlimited mode. For more information, see the "Unlimited mode" section of the Overview topic.
PrivatePoolOptions	Map	No	No	The options of the private pool that is used to start the ECS instance.	For more information, see PrivatePoolOptions properties.
StorageSetId	String	No	No	The ID of the storage set.	None.
HttpTokens	String	No	Yes	Specifies whether to forcefully use the security hardening mode (IMDSv2) to access the instance metadata.	Valid values: optional (default): does not forcefully use the security hardening mode (IMDSv2) to access the instance metadata. required: forcefully uses the security hardening mode (IMDSv2) to access the instance metadata. After you set this property to required, you cannot access the instance metadata in normal mode. Note For more information about the access modes of instance metadata, see Access modes of instance metadata.
HttpEndpoint	String	No	Yes	Specifies whether to enable the access channel for the instance metadata.	Valid values: enabled (default) disabled Note For more information about instance metadata, see Overview of ECS instance metadata.
Tenancy	String	No	No	Specifies whether to create the ECS instance on a dedicated host.	Valid values: default (default): does not create the ECS instance on a dedicated host. host: creates the ECS instance on a dedicated host. If you do not specify `DedicatedHostId`, Alibaba Cloud selects a dedicated host for the instance.
StorageSetPartitionNumber	Integer	No	No	The maximum number of partitions in the storage set.	Valid values: integers greater than or equal to 2.
DeploymentSetGroupNo	Integer	No	No	The group number of the deployment set group to which you want to deploy the instance. If the deployment set specified by DeploymentSetId uses the high availability group strategy (AvailabilityGroup), you can use DeploymentSetGroupNo to specify a deployment set group in the deployment set.	Valid values: 1 to 7.
Affinity	String	No	No	Specifies whether to associate the ECS instance on a dedicated host with the dedicated host.	Valid values: default (default): does not associate the ECS instance on a dedicated host with the dedicated host. When you restart an instance that was stopped in economical mode and the original dedicated host of the instance has insufficient resources, the instance is deployed to another dedicated host in the automatic deployment resource pool. host: associates the ECS instance on a dedicated host with the dedicated host. When you restart an instance that was stopped in economical mode, the instance remains on the original dedicated host. If the original dedicated host has insufficient resources, the instance fails to be restarted.
UseAdditionalService	Boolean	No	No	Specifies whether to use the system configurations for virtual machines. Alibaba Cloud provides the Network Time Protocol (NTP) and Key Management Service (KMS) system configurations for Windows and the NTP and Yellowdog Updater, Modified (YUM) system configurations for Linux.	Valid values: true false
ImageFamily	String	No	No	The name of the image family.	You can specify this property to query the most recent available image that belongs to the specified image family and use the image to create an instance. If you specify `ImageId`, you cannot specify ImageFamily. If you do not specify `ImageId` but use `LaunchTemplateId` or `LaunchTemplateName` to specify a launch template for which `ImageId` is defined, you cannot specify ImageFamily. If you do not specify `ImageId` but use `LaunchTemplateId` or `LaunchTemplateName` to specify a launch template for which `ImageId` is not defined, you can specify ImageFamily. If you do not specify `ImageId`, `LaunchTemplateId`, or `LaunchTemplateName`, you can specify ImageFamily. Note For more information about the image families that are associated with Alibaba Cloud official images, see Overview.

DiskMappings syntax

"DiskMappings": [
  {
    "Category": String,
    "DiskName": String,
    "Description": String,
    "Device": String,
    "SnapshotId": String,
    "PerformanceLevel": String,
    "Size": String
  }
]

DiskMappings properties

Property	Type	Required	Editable	Description	Constraint
Size	String	Yes	No	The size of the data disk.	Valid values: 20 to 500. Unit: GB.
Category	String	No	No	The category of the data disk.	Valid values: cloud: basic disk cloud_ssd: standard SSD cloud_essd: ESSD cloud_efficiency: ultra disk ephemeral_ssd: local SSD For I/O optimized instances, the default value is cloud_efficiency. For non-I/O optimized instances, the default value is cloud. If a custom image contains a data disk, you can change the disk category by setting Category to a desired data disk category in a ROS template when you create an ECS instance. Sample template: { "ROSTemplateFormatVersion": "2015-09-01", "Resources": { "Instance": { "Type": "ALIYUN::ECS::Instance", "Properties": { "InstanceName": "rostest", "ImageId": "m-2ze5ysugu8ss7nxr**", "InstanceType": "ecs.g6e.large", "Password": "Ros1", "IoOptimized": "optimized", "VSwitchId": "vsw-2zej7phc6euuelo8l", "VpcId": "vpc-2zebbi27bn7w42n30", "SecurityGroupId": "sg-2ze5bdyyg7sfrcv6**", "SystemDiskCategory": "cloud_essd", "DiskMappings": [ { "Category": "cloud_essd", "Size": 40, "Device": "/dev/xvdb" } ] } } } }
DiskName	String	No	No	The name of the data disk.	The name must be 2 to 128 characters in length. It must start with a letter and cannot start with `http://` or `https://`. It can contain letters, digits, underscores (_), colons (:), and hyphens (-).
Description	String	No	No	The description.	The description must be 2 to 256 characters in length, and cannot start with `http://` or `https://`.
Device	String	No	No	The mount target.	None.
PerformanceLevel	String	No	No	The PL of the ESSD that you want to use as the data disk.	Valid values: PL1 (default): An ESSD can deliver up to 50,000 random read/write IOPS. PL2: An ESSD can deliver up to 100,000 random read/write IOPS. PL3: An ESSD can deliver up to 1,000,000 random read/write IOPS. For more information about how to select the PLs of ESSDs, see ESSDs.
SnapshotId	String	No	No	The ID of the snapshot that you want to use for the data disk.	None.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property	Type	Required	Editable	Description	Constraint
Key	String	Yes	No	The key of the tag.	The key must be 1 to 128 characters in length, and cannot contain `http://` or `https://`. It cannot start with `aliyun` or `acs:`.
Value	String	No	No	The value of the tag.	The value can be up to 128 characters in length, and cannot contain `http://` or `https://`. It cannot start with `aliyun` or `acs:`.

PrivatePoolOptions syntax

"PrivatePoolOptions": [
  {
    "Id": String,
    "MatchCriteria": String
  }
]

PrivatePoolOptions properties

Property

Type

Required

Editable

Description

Constraint

String

The ID of the private pool. The ID of a private pool is the same as the ID of the elasticity assurance or capacity reservation for which the private pool is generated.

None.

MatchCriteria

String

The type of the private pool that is used to start the ECS instance. A private pool is generated after an elasticity assurance or a capacity reservation takes effect.

Valid values:

Open: open private pool. The system uses the capacity in a matching open private pool. If no matching open private pool exists, the system uses the capacity in public pools. If you set this property to Open, you do not need to specify PrivatePoolOptions.Id.
Target: specified private pool. The system uses the capacity in a specified private pool. If no capacity is available in the specified private pool, the instance fails to be started. If you set this property to Target, you must specify PrivatePoolOptions.Id.
None (default): no private pool. The system does not use the capacity in private pools.

PrivatePoolOptions.MatchCriteria must be set to None or left empty in the following scenarios:

Create a preemptible instance.
Create an ECS instance in the classic network.
Create an ECS instance on a dedicated host.

Return values

Fn::GetAtt

InstanceId: the ID of the ECS instance. The instance ID is a GUID that is generated by the system for an instance.
PrivateIp: the private IP address of the ECS instance in a VPC.
InnerIp: the private IP address of the ECS instance in the classic network.
PublicIp: the public IP address of the ECS instance in the classic network.
ZoneId: the ID of the zone.
HostName: the hostname of the ECS instance.
PrimaryNetworkInterfaceId: the ID of the primary elastic network interface (ENI).
SecurityGroupIds: the IDs of the security groups to which the ECS instance belongs.

Examples

The following sample code provides examples on how to create the OpsEcsInstance and ProdEcsInstance ECS instances and configure the password-free logon of the OpsEcsInstance instance for the ProdEcsInstance instance.

If you want to receive signals of the execution results of user-data scripts of the ECS instances, you can configure ALIYUN::ROS::WaitCondition and ALIYUN::ROS::WaitConditionHandle. For more information, see ALIYUN::ROS::WaitConditionHandle and ALIYUN::ROS::WaitCondition.

YAML

ROSTemplateFormatVersion: '2015-09-01'
Description: Creates VPC ECS instance
Metadata: {}
Parameters:
  VpcId:
    AssociationProperty: ALIYUN::ECS::VPC::VPCId
    Type: String
    Description:
      en: Please search the ID starting with (vpc-xxx) from console-Virtual Private Cloud
       
    Label:
      en: VPC ID
       
  VSwitchZoneId:
    AssociationProperty: ALIYUN::ECS::Instance:ZoneId
    Type: String
    Description:
        
      en: Zone ID.<br><b>Note:<font color='blue'>Before you specify a zone ID, check whether the specifications of the ECS instance are available in the zone. We recommend that you select a zone in which the specified vSwitch does not reside.</font></b>
    Label:
       
      en: VSwitch Availability Zone
  VSwitchId:
    AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
    AssociationPropertyMetadata:
      VpcId: ${VpcId}
      ZoneId: ${VSwitchZoneId}
    Type: String
    Description:
      en: Instance ID of existing business network switches, console-Virtual Private Cloud-VSwitches under query
       
    Label:
      en: VSwitch ID
       
  SecurityGroupId:
    Type: String
    AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
    AssociationPropertyMetadata:
      VpcId: ${VpcId}
    Description:
      en: Please search the business security group ID starting with(sg-xxx)from console-ECS-Network & Security
       
    Label:
      en: Business Security Group ID
       
  InstanceType:
    Type: String
    Description:
       
      en: Fill in the specifications that can be used under the VSwitch availability zone.
    Label:
       
      en: Instance Type
    AssociationProperty: ALIYUN::ECS::Instance::InstanceType
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
  SystemDiskCategory:
    Type: String
    AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
      InstanceType: ${InstanceType}
    Label:
      en: System Disk Type
       
    Description:
      en: '<font color=''blue''><b>Optional values:</b></font><br>[cloud_efficiency: <font color=''green''>Efficient Cloud Disk</font>]<br>[cloud_ssd: <font color=''green''>SSD Cloud Disk</font>]<br>[cloud_essd: <font color=''green''>ESSD Cloud Disk</font>]<br>[cloud: <font color=''green''>Cloud Disk</font>]<br>[ephemeral_ssd: <font color=''green''>Local SSD Cloud Disk</font>]'
       
  SystemDiskSize:
    Default: 40
    Type: Number
    Description:
       
      en: 'System disk size, range of values: 40-500, units: GB.'
    Label:
       
      en: System Disk Space
Resources:
  OpsEcsInstance:
    Type: ALIYUN::ECS::Instance
    Properties:
      HostName: OpsEcsInstance
      UserData:
        Fn::Sub:
          - |
            #!/bin/bash
            RootPassword=${RootPassword}
            ProdIP=${ProdIP}
            SSHConfig() {
            echo '[ !  -f /root/.ssh/id_rsa.pub ] && ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa &>/dev/null' >> /tmp/auto_ssh.sh
            echo 'while read line;do' >> /tmp/auto_ssh.sh
            echo '        ip=`echo $line | cut -d " " -f1`' >> /tmp/auto_ssh.sh
            echo '        user_name=`echo $line | cut -d " " -f2`' >> /tmp/auto_ssh.sh
            echo '        pass_word=`echo $line | cut -d " " -f3`' >> /tmp/auto_ssh.sh
            echo 'expect <<EOF' >> /tmp/auto_ssh.sh
            echo '        spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user_name@$ip' >> /tmp/auto_ssh.sh
            echo '        expect {' >> /tmp/auto_ssh.sh
            echo '                  "yes/no" { send "yes\n";exp_continue}' >> /tmp/auto_ssh.sh
            echo '                  "password" { send "$pass_word\n"}' >> /tmp/auto_ssh.sh
            echo '        }' >> /tmp/auto_ssh.sh
            echo '        expect eof' >> /tmp/auto_ssh.sh
            echo 'EOF' >> /tmp/auto_ssh.sh
            echo 'done < /tmp/host_ip.txt' >> /tmp/auto_ssh.sh
            }
            SetHostsConfig() {
            echo "`ifconfig eth0 | awk '/inet /{print $2}'` root ${RootPassword}" >> /tmp/host_ip.txt
            echo "${ProdIP} root ${RootPassword}" >> /tmp/host_ip.txt
            sh /tmp/auto_ssh.sh
            }
            main() {
            yum install -y expect
            SSHConfig
            SetHostsConfig
            rm -rf /tmp/host_ip.txt
            }
            main
          - ProdIP:
              Fn::GetAtt:
                - ProdEcsInstance
                - PrivateIp
            RootPassword: Admin@123!
      VpcId:
        Ref: VpcId
      SecurityGroupId:
        Ref: SecurityGroupId
      VSwitchId:
        Ref: VSwitchId
      ImageId: centos_7
      AllocatePublicIP: false
      InstanceType:
        Ref: InstanceType
      SystemDiskSize: 40
      SystemDiskCategory:
        Ref: SystemDiskCategory
      Password: Admin@123!
  ProdEcsInstance:
    Type: ALIYUN::ECS::Instance
    Properties:
      HostName: ProdEcsInstance
      SystemDiskCategory:
        Ref: SystemDiskCategory
      VpcId:
        Ref: VpcId
      SecurityGroupId:
        Ref: SecurityGroupId
      SystemDiskSize: 40
      ImageId: centos_7
      VSwitchId:
        Ref: VSwitchId
      Password: Admin@123!
      InstanceType:
        Ref: InstanceType
      AllocatePublicIP: false
Outputs: {}

JSON

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Creates VPC ECS instance",
  "Metadata": {},
  "Parameters": {
    "VpcId": {
      "AssociationProperty": "ALIYUN::ECS::VPC::VPCId",
      "Type": "String",
      "Description": {
        "en": "Please search the ID starting with (vpc-xxx) from console-Virtual Private Cloud",
         
      },
      "Label": {
        "en": "VPC ID",
         
      }
    },
    "VSwitchZoneId": {
      "AssociationProperty": "ALIYUN::ECS::Instance:ZoneId",
      "Type": "String",
      "Description": {
          
        "en": "Zone ID.<br><b>Note:<font color='blue'>Before you specify a zone ID, check whether the specifications of the ECS instance are available in the zone. We recommend that you select a zone in which the specified vSwitch does not reside.</font></b>"
      },
      "Label": {
         
        "en": "VSwitch Availability Zone"
      }
    },
    "VSwitchId": {
      "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
      "AssociationPropertyMetadata": {
        "VpcId": "${VpcId}",
        "ZoneId": "${VSwitchZoneId}"
      },
      "Type": "String",
      "Description": {
        "en": "Instance ID of existing business network switches, console-Virtual Private Cloud-VSwitches under query",
         
      },
      "Label": {
        "en": "VSwitch ID",
         
      }
    },
    "SecurityGroupId": {
      "Type": "String",
      "AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
      "AssociationPropertyMetadata": {
        "VpcId": "${VpcId}"
      },
      "Description": {
        "en": "Please search the business security group ID starting with(sg-xxx)from console-ECS-Network & Security",
         
      },
      "Label": {
        "en": "Business Security Group ID",
         
      }
    },
    "InstanceType": {
      "Type": "String",
      "Description": {
         
        "en": "Fill in the specifications that can be used under the VSwitch availability zone."
      },
      "Label": {
         
        "en": "Instance Type"
      },
      "AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}"
      }
    },
    "SystemDiskCategory": {
      "Type": "String",
      "AssociationProperty": "ALIYUN::ECS::Disk::SystemDiskCategory",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}",
        "InstanceType": "${InstanceType}"
      },
      "Label": {
        "en": "System Disk Type",
         
      },
      "Description": {
        "en": "<font color='blue'><b>Optional values:</b></font><br>[cloud_efficiency: <font color='green'>Efficient Cloud Disk</font>]<br>[cloud_ssd: <font color='green'>SSD Cloud Disk</font>]<br>[cloud_essd: <font color='green'>ESSD Cloud Disk</font>]<br>[cloud: <font color='green'>Cloud Disk</font>]<br>[ephemeral_ssd: <font color='green'>Local SSD Cloud Disk</font>]",
         
      }
    },
    "SystemDiskSize": {
      "Default": 40,
      "Type": "Number",
      "Description": {
         
        "en": "System disk size, range of values: 40-500, units: GB."
      },
      "Label": {
         
        "en": "System Disk Space"
      }
    }
  },
  "Resources": {
    "OpsEcsInstance": {
      "Type": "ALIYUN::ECS::Instance",
      "Properties": {
        "HostName": "OpsEcsInstance",
        "UserData": {
          "Fn::Sub": [
            "#!/bin/bash\nRootPassword=${RootPassword}\nProdIP=${ProdIP}\nSSHConfig() {\necho '[ !  -f /root/.ssh/id_rsa.pub ] && ssh-keygen -t rsa -P \"\" -f ~/.ssh/id_rsa &>/dev/null' >> /tmp/auto_ssh.sh\necho 'while read line;do' >> /tmp/auto_ssh.sh\necho '        ip=`echo $line | cut -d \" \" -f1`' >> /tmp/auto_ssh.sh\necho '        user_name=`echo $line | cut -d \" \" -f2`' >> /tmp/auto_ssh.sh\necho '        pass_word=`echo $line | cut -d \" \" -f3`' >> /tmp/auto_ssh.sh\necho 'expect <<EOF' >> /tmp/auto_ssh.sh\necho '        spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user_name@$ip' >> /tmp/auto_ssh.sh\necho '        expect {' >> /tmp/auto_ssh.sh\necho '                  \"yes/no\" { send \"yes\\n\";exp_continue}' >> /tmp/auto_ssh.sh\necho '                  \"password\" { send \"$pass_word\\n\"}' >> /tmp/auto_ssh.sh\necho '        }' >> /tmp/auto_ssh.sh\necho '        expect eof' >> /tmp/auto_ssh.sh\necho 'EOF' >> /tmp/auto_ssh.sh\necho 'done < /tmp/host_ip.txt' >> /tmp/auto_ssh.sh\n}\nSetHostsConfig() {\necho \"`ifconfig eth0 | awk '/inet /{print $2}'` root ${RootPassword}\" >> /tmp/host_ip.txt\necho \"${ProdIP} root ${RootPassword}\" >> /tmp/host_ip.txt\nsh /tmp/auto_ssh.sh\n}\nmain() {\nyum install -y expect\nSSHConfig\nSetHostsConfig\nrm -rf /tmp/host_ip.txt\n}\nmain\n",
            {
              "ProdIP": {
                "Fn::GetAtt": [
                  "ProdEcsInstance",
                  "PrivateIp"
                ]
              },
              "RootPassword": "Admin@123!"
            }
          ]
        },
        "VpcId": {
          "Ref": "VpcId"
        },
        "SecurityGroupId": {
          "Ref": "SecurityGroupId"
        },
        "VSwitchId": {
          "Ref": "VSwitchId"
        },
        "ImageId": "centos_7",
        "AllocatePublicIP": false,
        "InstanceType": {
          "Ref": "InstanceType"
        },
        "SystemDiskSize": 40,
        "SystemDiskCategory": {
          "Ref": "SystemDiskCategory"
        },
        "Password": "Admin@123!"
      }
    },
    "ProdEcsInstance": {
      "Type": "ALIYUN::ECS::Instance",
      "Properties": {
        "HostName": "ProdEcsInstance",
        "SystemDiskCategory": {
          "Ref": "SystemDiskCategory"
        },
        "VpcId": {
          "Ref": "VpcId"
        },
        "SecurityGroupId": {
          "Ref": "SecurityGroupId"
        },
        "SystemDiskSize": 40,
        "ImageId": "centos_7",
        "VSwitchId": {
          "Ref": "VSwitchId"
        },
        "Password": "Admin@123!",
        "InstanceType": {
          "Ref": "InstanceType"
        },
        "AllocatePublicIP": false
      }
    }
  },
  "Outputs": {}
}