模板名稱
ACS-ECS-ApproveROSCreateInstances 審批通過ROS建立ECS
模板描述
審批通過ROS建立ECS
模板類型
自動化
所有者
Alibaba Cloud
輸入參數
參數名稱 | 描述 | 類型 | 是否必填 | 預設值 | 約束 |
imageId | 將建立執行個體的鏡像ID | String | 是 | ||
instanceType | 將建立執行個體的規格 | String | 是 | ||
zoneId | 將建立交換器的目標可用性區域ID | String | 是 | ||
webHookUrl | DingTalk群助手的webhook地址 | String | 是 | ||
atMobiles | 審批通知中被@的群成員的DingTalk手機號 | List | 是 | ||
approvers | 可以審批任務的使用者 | List | 是 | ||
instancesCount | 將建立執行個體的數量 | Number | 是 | ||
regionId | 地區ID | String | 否 | {{ ACS::RegionId }} | |
atAll | 當群助手向DingTalk群中發送審批通知時是否@所有人 | String | 否 | false | |
minRequiredApprovals | 最低需要通過審批的數量 | Number | 否 | 1 | |
OOSAssumeRole | OOS扮演的RAM角色 | String | 否 | “” |
輸出參數
參數名稱 | 描述 | 類型 |
instanceIds | List |
執行此模板需要的權限原則
{
"Version": "1",
"Statement": [
{
"Action": [
"ros:CreateStack",
"ros:DeleteStack",
"ros:GetStack"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
詳情
ACS-ECS-ApproveROSCreateInstances詳情
模板內容
FormatVersion: OOS-2019-06-01
Description:
en: Create ECS instances by ROS with approval
zh-cn: 審批通過ROS建立ECS
name-en: ACS-ECS-ApproveROSCreateInstances
name-zh-cn: 審批通過ROS建立ECS
categories:
- cost_manage
Parameters:
regionId:
Type: String
Label:
en: RegionId
zh-cn: 地區ID
AssociationProperty: RegionId
Default: '{{ ACS::RegionId }}'
imageId:
Label:
en: ImageId
zh-cn: 將建立執行個體的鏡像ID
Type: String
AssociationProperty: 'ALIYUN::ECS::Image::ImageId'
AssociationPropertyMetadata:
RegionId: regionId
instanceType:
Label:
en: InstanceType
zh-cn: 將建立執行個體的規格
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
zoneId:
Label:
en: ZoneId
zh-cn: 將建立交換器的目標可用性區域ID
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
AssociationPropertyMetadata:
RegionId: regionId
webHookUrl:
Label:
en: WebHookUrl
zh-cn: DingTalk群助手的webhook地址
Description:
en: >-
e.g.https://oapi.dingtalk.com/robot/send?access_token=1234zxcvaksdq31414,acquiring DingTalk webhook please refer to second appendix in https://help.aliyun.com/document_detail/144679.html.
zh-cn: >-
形如https://oapi.dingtalk.com/robot/send?access_token=1234zxcvaksdq31414,具體DingTalkWebHook擷取請參考https://help.aliyun.com/document_detail/144679.html#h2--2-webhook-5。
Type: String
atMobiles:
Label:
en: AtMobiles
zh-cn: 審批通知中被@的群成員的DingTalk手機號
Type: List
atAll:
Label:
en: AtAll
zh-cn: 當群助手向DingTalk群中發送審批通知時是否@所有人
Type: String
Default: 'false'
approvers:
Label:
en: Approvers
zh-cn: 可以審批任務的使用者
Description:
en: the name to fill is the front part of @ in the RAM user name,if RAM user is user001@companyAlias.onaliyun.com, then fill user001 in list.
zh-cn: 使用者名稱是RAM子使用者名稱稱中@前面的部分,比如RAM子使用者為user001@companyAlias.onaliyun.com,那麼列表中填寫user001即可
Type: List
AssociationProperty: ALIYUN::RAM::User
minRequiredApprovals:
Label:
en: MinRequiredApprovals
zh-cn: 最低需要通過審批的數量
Type: Number
Default: 1
instancesCount:
Label:
en: InstancesCount
zh-cn: 將建立執行個體的數量
Type: Number
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: OOS扮演的RAM角色
Type: String
Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: approveCreateInstances
Action: 'ACS::Approve'
Description:
en: Approve task creating ECS instances
zh-cn: 審批後大量建立ECS執行個體
Properties:
Approvers: '{{approvers}}'
MinRequiredApprovals: '{{minRequiredApprovals}}'
NotifyType: WebHook
WebHook:
URI: '{{webhookUrl}}'
Headers:
Content-Type: application/json
Content:
msgtype: text
text:
content: >-
Notify: Please approve the task execution to create ECS instance sent by
{{ACS::RegionId}} oos {{ACS::ExecutionId}}.
at:
atMobiles: '{{atMobiles}}'
isAtAll: '{{atAll}}'
- Name: createStack
Action: 'ACS::ExecuteAPI'
Description:
en: Create a resource stack
zh-cn: 建立資源棧
Properties:
Service: ROS
API: CreateStack
Parameters:
RegionId: '{{ regionId }}'
StackName: 'OOS-{{ACS::ExecutionId}}'
TimeoutInMinutes: 10
DisableRollback: false
Parameters:
- ParameterKey: instanceType
ParameterValue: '{{ instanceType }}'
- ParameterKey: zoneId
ParameterValue: '{{ zoneId }}'
- ParameterKey: regionId
ParameterValue: '{{ regionId }}'
- ParameterKey: imageId
ParameterValue: '{{imageId}}'
- ParameterKey: executionId
ParameterValue: '{{ ACS::ExecutionId }}'
- ParameterKey: instancesCount
ParameterValue: '{{ instancesCount }}'
TemplateBody: |
{
"Description": "Create VPC ECS instance",
"Parameters": {
"imageId": {
"Type": "String"
},
"instanceType": {
"Type": "String"
},
"executionId": {
"Type": "String"
},
"instancesCount": {
"Type": "String"
},
"zoneId": {
"Type": "String"
},
"regionId": {
"Type": "String"
},
"resourcePrefix": {
"Type": "String",
"Default": "oos-generated"
}
},
"ROSTemplateFormatVersion": "2015-09-01",
"Outputs": {
"ecs_instance_id": {
"Value": {
"Fn::GetAtt": [
"ecs",
"InstanceIds"
]
}
}
},
"Resources": {
"vswitch": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VpcId": {
"Ref": "vpc"
},
"Description": {
"Fn::Join": [
" ",
[
"OOS execution id is",
{
"Ref": "executionId"
}
]
]
},
"ZoneId": {
"Ref": "zoneId"
},
"CidrBlock": "192.168.0.0/16"
}
},
"sg": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"Tags": [
{
"Key": "oos-generated",
"Value": {
"Ref": "executionId"
}
},
{
"Key": "region",
"Value": {
"Ref": "regionId"
}
}
],
"VpcId": {
"Ref": "vpc"
},
"SecurityGroupName": {
"Fn::Join": [
"-",
[
{
"Ref": "resourcePrefix"
},
"sg"
]
]
},
"SecurityGroupEgress": [
{
"PortRange": "-1/-1",
"Priority": 1,
"IpProtocol": "all",
"DestCidrIp": "0.0.0.0/0",
"NicType": "intranet"
}
]
}
},
"vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"CidrBlock": "192.168.0.0/16",
"Description": {
"Fn::Join": [
" ",
[
"OOS execution id is",
{
"Ref": "executionId"
}
]
]
},
"VpcName": {
"Fn::Join": [
"-",
[
{
"Ref": "resourcePrefix"
},
"vpc"
]
]
}
}
},
"ecs": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"ImageId": {
"Ref": "imageId"
},
"SecurityGroupId": {
"Ref": "sg"
},
"VpcId": {
"Ref": "vpc"
},
"VSwitchId": {
"Ref": "vswitch"
},
"InstanceType": {
"Ref": "instanceType"
},
"MinAmount": {
"Ref": "instancesCount"
},
"MaxAmount": {
"Ref": "instancesCount"
},
"Tags": [
{
"Key": "oos-generated",
"Value": {
"Ref": "executionId"
}
},
{
"Key": "region",
"Value": {
"Ref": "regionId"
}
}
]
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"TemplateTags": [
"acs:integrate:oos:ecs_approve_ros_create_instances"
]
}
}
}
Outputs:
StackId:
Type: String
ValueSelector: StackId
- Name: untilStackReady
OnSuccess: ACS::END
OnError: queryStackStatusReason
Action: 'ACS::WaitFor'
Description:
en: Wait for the stack status CREATE_COMPLETE
zh-cn: 等待資源棧至建立成功狀態
Properties:
Service: ROS
API: GetStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{createStack.StackId}}'
DesiredValues:
- CREATE_COMPLETE
StopRetryValues:
- CREATE_FAILED
- CHECK_FAILED
- ROLLBACK_FAILED
- ROLLBACK_COMPLETE
- CREATE_ROLLBACK_COMPLETE
PropertySelector: Status
Outputs:
instanceIds:
Type: String
ValueSelector: 'Outputs[0].OutputValue'
- Name: queryStackStatusReason
Action: ACS::ExecuteAPI
OnError: deleteStack
OnSuccess: deleteStack
Description:
en: Query the reson of failed created stack
zh-cn: 查詢資源棧未建立成功的原因
Properties:
Service: ROS
API: GetStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{createStack.StackId}}'
Outputs:
statusReason:
Type: String
ValueSelector: 'StatusReason'
- Name: deleteStack
Action: 'ACS::ExecuteApi'
Description:
en: Delete the stack
zh-cn: 刪除資源棧
Properties:
Service: ROS
API: DeleteStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{createStack.StackId}}'
Outputs:
instanceIds:
Type: List
Value: '{{ untilStackReady.instanceIds }}'
Metadata:
ALIYUN::OOS::Interface:
ParameterGroups:
- Parameters:
- webHookUrl
- atMobiles
- atAll
- approvers
- minRequiredApprovals
Label:
default:
zh-cn: 配置審批
en: Configure Approval
- Parameters:
- regionId
- zoneId
- imageId
- instanceType
- instancesCount
Label:
default:
zh-cn: 配置執行個體
en: Configure ECS Instance
- Parameters:
- OOSAssumeRole
Label:
default:
zh-cn: 進階選項
en: Control Options