You can use the stack group feature of Resource Orchestration Service (ROS) to create a virtual private cloud (VPC) that is configured with the same settings in multiple regions around the world within an Alibaba Cloud account.
Prerequisites
If you want to use the self-managed permission model to create a stack group, make sure that you have completed the following operations: Create administrator and execution accounts, create Resource Access Management (RAM) roles within the accounts, and then establish a trust relationship between the accounts. For more information, see Step 1: Grant self-managed permissions.
If you want to use the service-managed permission model to create a stack group, make sure that you have created a delegated administrator account. For more information, see Step 1: (Optional) Create a delegated administrator account.
Step 1: Create a template
ROSTemplateFormatVersion: '2015-09-01'
Description: Creates One VPC instance
Parameters:
CidrBlock:
Type: String
AllowedValues:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
Label: VPC CIDR Block
Default: 192.168.0.0/16
VpcName:
Type: String
Label: VPC Name
ConstraintDescription: '[2, 128] English or Chinese characters'
MinLength: 2
MaxLength: 128
Default: MyVPC
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock:
Ref: CidrBlock
VpcName:
Ref: VpcName
Outputs:
VpcId:
Value:
Fn::GetAtt:
- Vpc
- VpcId
The template contains the following sections:
Parameters
: The system creates stack instances based on the name and the CIDR block that you specify for the VPC in the section.Resources
: The system creates the VPC based on the resource settings that you configure in the section.Outputs
: The system returns the VPC ID based onVpcId
that you specify in the section.
Step 2: Create a stack group
Log on to the ROS console.
In the left-side navigation pane, click Stack Groups.
In the top navigation bar, select the region where you want to create a stack group from the region drop-down list.
On the Stack Groups page, click Create Stack Group.
In the Select Template step, select Select an Existing Template, set Template Import Method to Enter Template Content, and then enter the YAML template that you created in Step 1: Create a template.
In the Configure Parameters step, configure Stack Group Name, Stack Group Description, and the VPC parameters, and then click Next.
In the Configure Stack Group step, set the permission model to Self-managed Permissions or Service-managed Permissions based on your business requirements, and click Next.
For more information about service-managed permissions and self-managed permissions, see the "Permission models" section of the Overview topic.
In the Set Deployment Options step, configure the parameters that are required to deploy the stack group and click Next.
If you selected the service-managed permission model to create the stack group, select a member in the resource directory in the Deployment Destinations section and select multiple regions.
Configure other parameters based on your business requirements. For more information, see Step 3: Create a stack group.
If you selected the self-managed permission model to create the stack group, set Deployment Locations to Deploy Stacks Within Accounts, enter an Alibaba Cloud account, and then select multiple regions.
Configure other parameters based on your business requirements. For more information, see Step 2: Create a stack group.
NoteYou can select up to 20 regions.
In the Check and Confirm step, confirm the information about the stack group and click Create Stack Group.
Step 3: View the stack group
In the left-side navigation pane, click Stack Groups.
On the Stack Groups page, find the stack group that you want to view and click the value in the Stack Group Name column.
Click the Instances tab to view the stack instances that are created in the stack group and the relevant stack IDs.
In the Stack ID column, click the ID of the stack that you want to manage. On the Resources tab of the stack, view the details of the VPC.
If Created appears in the Resource Status column of the VPC, the VPC is created.