ALIYUN::ECS::SSHKeyPair is used to create an SSH key pair or import an existing SSH key pair to access an Elastic Compute Service (ECS) instance.
Syntax
{
"Type": "ALIYUN::ECS::SSHKeyPair",
"Properties": {
"ResourceGroupId": String,
"KeyPairName": String,
"PublicKeyBody": String,
"Tags": List
}
}Properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| ResourceGroupId | String | No | Yes | The ID of the resource group to which the ECS instance belongs. | None |
| KeyPairName | String | Yes | No | The name of the key pair. | The name must be 2 to 128 characters in length and can contain letters, digits, colons (:), underscores (_), and hyphens (-). It must start with a letter and cannot start with http:// or https://. |
| PublicKeyBody | String | No | No | The public key of the key pair. | This parameter is required only when you import an SSH key pair. |
| Tags | List | No | Yes | The tags of the key pair. | A maximum of 20 tags can be specified. For more information, see Tags properties. |
Tags syntax
"Tags": [
{
"Key": String,
"Value": String
}
] Tags properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Key | String | Yes | No | The tag key. | The tag key must be 1 to 128 characters in length and cannot contain http:// or https://. It cannot start with acs: or aliyun. |
| Value | String | No | No | The tag value. | The tag value must be 0 to 128 characters in length and cannot contain http:// or https://. It cannot start with acs: or aliyun. |
Response parameters
Fn::GetAtt
- KeyPairFingerPrint: the fingerprint of the key pair. The fingerprint uses the message-digest algorithm 5 (MD5) based on the public key fingerprint format defined in RFC 4716.
- PrivateKeyBody: the private key of the key pair. An unencrypted RSA private key must be encoded in the PKCS#8 format by using PEM. The private key of a key pair can be obtained only when the key pair is first created. If you import an existing public key, no private key information is available.
- KeyPairName: the name of the key pair.
Examples
JSONformat{ "ROSTemplateFormatVersion": "2015-09-01", "Parameters": { }, "Resources": { "SSHKeyPair": { "Type": "ALIYUN::ECS::SSHKeyPair", "Properties": { "KeyPairName": { "Fn::Sub": "ess-${ALIYUN::StackId}" } } } }, "Outputs": { "KeyPairFingerPrint": { "Description": "The fingerprint of the key pair. The public key fingerprint format defined in RFC4716: MD5 message digest algorithm. ", "Value": { "Fn::GetAtt": [ "SSHKeyPair", "KeyPairFingerPrint" ] } }, "KeyPairName": { "Description": "SSH Key pair name.", "Value": { "Fn::GetAtt": [ "SSHKeyPair", "KeyPairName" ] } }, "PrivateKeyBody": { "Description": "The private key of the key pair. Content of the RSA private key in the PKCS#8 format of the unencrypted PEM encoding. Refer to: https://www.openssl.org/docs/apps/pkcs8.html.User only can get the private key one time when and only when SSH key pair is created.", "Value": { "Fn::GetAtt": [ "SSHKeyPair", "PrivateKeyBody" ] } } } }
For more examples, visit Instance.json and Instance.yml. In the examples, the ALIYUN::ECS::Instance, ALIYUN::ECS::SSHKeyPair, and ALIYUN::ECS::SSHKeyPairAttachment resource types are involved.