使用资源编排服务ROS调用DCDN。本文为您介绍如何编写一个资源编排的模板,自动化添加DCDN一个域名。
资源编排ROS
资源编排服务ROS(Resource Orchestration Service)是阿里云提供的一项简化云计算资源管理的服务。开发者和管理员可以编写模板,在模板中定义所需的阿里云资源(例如:ECS 实例、RDS 数据库实例)、资源间的依赖关系等。ROS 的编排引擎将根据模板自动完成所有资源的创建和配置,实现自动化部署及运维。更多详情,请参见什么是资源编排服务。
支持使用资源编排服务ROS调用DCDN。编排的资源只包括普通资源。
普通资源:
ALIYUN::DCDN::Domain:用于添加全站加速域名。
权限说明
在本案例中,需要自动化添加DCDN。默认情况下资源编排直接使用当前登录控制台的用户凭证,要求当前用户必须具备以下权限:
AliyunDCDNFullAccess:管理DCDN资源的权限。
阿里云账号拥有所有API的访问权限,风险很高。强烈建议您创建并使用RAM用户进行API访问或日常运维。请根据业务的实际情况按需分配权限后进行接口调用。RAM用户需具备操作DCDN资源的权限。具体操作,请参见全站加速系统权限策略参考。
操作步骤
登录资源编排ROS控制台,单击顶部导航栏地域下拉框,选择您需要的地域。
单击左侧菜单栏中的资源栈,选择创建资源栈 > 使用ROS。
指定模板:选中选择已有模板。
模板录入方式:选中输入模板。
模板内容选择ROS,并输入代码。
创建DCDN实例的语法、说明及示例,请参见ALIYUN::DCDN::Domain。该示例中,添加一个全站加速域名。
YAML
格式ROSTemplateFormatVersion: '2015-09-01' Parameters: CheckUrl: Description: '' Type: String DomainName: Description: 'The name of the accelerated domain. You can specify only one domain name. Wildcard domain names are supported. Wildcard domain names must start with a period (.). Example: .a.com.' Type: String ResourceGroupId: Description: The ID of the resource group. If you do not specify this parameter, the system automatically uses the ID of the default resource group. Type: String SSLPub: Description: Indicates the public key of the certificate if the HTTPS protocol is enabled. Type: String Scope: Description: 'The region where your accelerated service is deployed. Valid values: domestic (default): mainland China. overseas: outside mainland China. global: all countries in the world.' Type: String Sources: Description: The origin information. Type: Json TopLevelDomain: Description: '' Type: String Resources: DCDNDomain: Properties: CheckUrl: Ref: CheckUrl DomainName: Ref: DomainName ResourceGroupId: Ref: ResourceGroupId Scope: Ref: Scope Sources: Ref: Sources TopLevelDomain: Ref: TopLevelDomain Type: ALIYUN::DCDN::Domain Outputs: CertName: Description: The name of the certificate. Value: Fn::GetAtt: - DCDNDomain - CertName Cname: Description: The canonical name (CNAME) of the accelerated domain. Value: Fn::GetAtt: - DCDNDomain - Cname Description: Description: The reason that causes the review failure. Value: Fn::GetAtt: - DCDNDomain - Description DomainName: Description: 'The name of the accelerated domain. You can specify only one domain name. Wildcard domain names are supported. Wildcard domain names must start with a period (.). Example: .a.com.' Value: Fn::GetAtt: - DCDNDomain - DomainName ResourceGroupId: Description: The ID of the resource group. If you do not specify this parameter, the system automatically uses the ID of the default resource group. Value: Fn::GetAtt: - DCDNDomain - ResourceGroupId SSLProtocol: Description: 'Indicates whether the SSL certificate is enabled. Valid values: on: enabled off: disabled' Value: Fn::GetAtt: - DCDNDomain - SSLProtocol SSLPub: Description: Indicates the public key of the certificate if the HTTPS protocol is enabled. Value: Fn::GetAtt: - DCDNDomain - SSLPub Scope: Description: 'The region where your accelerated service is deployed. Valid values: domestic (default): mainland China. overseas: outside mainland China. global: all countries in the world.' Value: Fn::GetAtt: - DCDNDomain - Scope Sources: Description: The origin information. Value: Fn::GetAtt: - DCDNDomain - Sources
JSON
格式{ "ROSTemplateFormatVersion": "2015-09-01", "Parameters": { "Status": { "Type": "String", "Description": "The status of the accelerated domain. online: The domain is enabled. offline: The domain is disabled. configuring: The domain is being configured. configure_failed: The domain configuration failed. checking: The domain is under review. check_failed: The domain failed the review." }, "SecurityToken": { "Type": "String", "Description": "" }, "CheckUrl": { "Type": "String", "Description": "" }, "ResourceGroupId": { "Type": "String", "Description": "The ID of the resource group. If you do not specify this parameter, the system automatically uses the ID of the default resource group." }, "Scope": { "Type": "String", "Description": "The region where your accelerated service is deployed. Valid values: domestic (default): mainland China. overseas: outside mainland China. global: all countries in the world." }, "DomainName": { "Type": "String", "Description": "The name of the accelerated domain. You can specify only one domain name. Wildcard domain names are supported. Wildcard domain names must start with a period (.). Example: .a.com." }, "TopLevelDomain": { "Type": "String", "Description": "" }, "Sources": { "Type": "Json", "Description": "The origin information." } }, "Resources": { "DCDNDomain": { "Type": "ALIYUN::DCDN::Domain", "Properties": { "SecurityToken": { "Ref": "SecurityToken" }, "CheckUrl": { "Ref": "CheckUrl" }, "ResourceGroupId": { "Ref": "ResourceGroupId" }, "Scope": { "Ref": "Scope" }, "DomainName": { "Ref": "DomainName" }, "SSLPub": { "Ref": "SSLPub" }, "CertName": { "Ref": "CertName" }, "TopLevelDomain": { "Ref": "TopLevelDomain" }, "Sources": { "Ref": "Sources" } } } }, "Outputs": { "Description": { "Description": "The reason that causes the review failure.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "Description" ] } }, "ResourceGroupId": { "Description": "The ID of the resource group. If you do not specify this parameter, the system automatically uses the ID of the default resource group.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "ResourceGroupId" ] } }, "Scope": { "Description": "The region where your accelerated service is deployed. Valid values: domestic (default): mainland China. overseas: outside mainland China. global: all countries in the world.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "Scope" ] } }, "DomainName": { "Description": "The name of the accelerated domain. You can specify only one domain name. Wildcard domain names are supported. Wildcard domain names must start with a period (.). Example: .a.com.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "DomainName" ] } }, "SSLPub": { "Description": "Indicates the public key of the certificate if the HTTPS protocol is enabled.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "SSLPub" ] } }, "CertName": { "Description": "The name of the certificate.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "CertName" ] } }, "Cname": { "Description": "The canonical name (CNAME) of the accelerated domain.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "Cname" ] } }, "Sources": { "Description": "The origin information.", "Value": { "Fn::GetAtt": [ "DCDNDomain", "Sources" ] } }, "SSLProtocol": { "Description": "Indicates whether the SSL certificate is enabled. Valid values: on: enabled off: disabled", "Value": { "Fn::GetAtt": [ "DCDNDomain", "SSLProtocol" ] } } } }
单击创建,执行资源栈。
创建成功后,您可以通过OpenAPI、SDK或者在DCDN控制台,查看到所添加的域名。