文档

资源编排示例

更新时间:

本文为您介绍RAM用户如何使用资源编排(ROS)为AnalyticDB for MySQL集群创建数据库高权限账号。

前提条件

RAM用户需具有权限:

  • 具备管理资源编排服务所有操作的权限AliyunROSFullAccess

  • 具备管理AnalyticDB for MySQL所有操作的权限AliyunADBFullAccess

    说明

    为了便于演示,本示例使用AliyunADBFullAccess权限策略,在实际项目中,请根据业务的实际情况按需分配权限后进行接口调用。AnalyticDB for MySQL的权限策略,请参见云原生数据仓库AnalyticDB MySQL版系统权限策略参考

操作步骤

  1. 登录资源编排ROS控制台,单击顶部导航栏地域下拉框,选择您需要的地域。

  2. 单击左侧菜单栏中的资源栈,选择创建资源栈 > 使用ROS

    • 指定模板:选中选择已有模板

    • 模板录入方式:选中输入模板

  3. 模板内容选择ROS,输入模板代码,单击下一步

    以下是用于创建数据库高权限账号的ROS模板示例,更多详情,请参见ALIYUN::ADB::Account

    YAML格式

    ROSTemplateFormatVersion: '2015-09-01'
    Parameters:
      DBClusterId:
        Type: String
        Description: The ID of the cluster.
      AccountPassword:
        Type: String
        Description: |-
          The password of the account.
          The password must contain uppercase letters, lowercase letters, digits, and special
          characters.
          Special characters include ! @ # $ % ^ * ()  _ + - and =
          The password must be 8 to 32 characters in length.
      AccountName:
        Type: String
        Description: The name of the account.
    Resources:
      Account:
        Type: ALIYUN::ADB::Account
        Properties:
          DBClusterId:
            Ref: DBClusterId
          AccountPassword:
            Ref: AccountPassword
          AccountName:
            Ref: AccountName
    Outputs:
      DBClusterId:
        Description: The ID of the cluster.
        Value:
          Fn::GetAtt:
            - Account
            - DBClusterId
      AccountType:
        Description: The type of the account.
        Value:
          Fn::GetAtt:
            - Account
            - AccountType
      AccountName:
        Description: The name of the account.
        Value:
          Fn::GetAtt:
            - Account
            - AccountName

    JSON格式

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Parameters": {
        "DBClusterId": {
          "Type": "String",
          "Description": "The ID of the cluster."
        },
        "AccountPassword": {
          "Type": "String",
          "Description": "The password of the account.\nThe password must contain uppercase letters, lowercase letters, digits, and special\ncharacters.\nSpecial characters include ! @ # $ % ^ * ()  _ + - and =\nThe password must be 8 to 32 characters in length."
        },
        "AccountName": {
          "Type": "String",
          "Description": "The name of the account."
        }
      },
      "Resources": {
        "Account": {
          "Type": "ALIYUN::ADB::Account",
          "Properties": {
            "DBClusterId": {
              "Ref": "DBClusterId"
            },
            "AccountPassword": {
              "Ref": "AccountPassword"
            },
            "AccountName": {
              "Ref": "AccountName"
            }
          }
        }
      },
      "Outputs": {
        "DBClusterId": {
          "Description": "The ID of the cluster.",
          "Value": {
            "Fn::GetAtt": [
              "Account",
              "DBClusterId"
            ]
          }
        },
        "AccountType": {
          "Description": "The type of the account.",
          "Value": {
            "Fn::GetAtt": [
              "Account",
              "AccountType"
            ]
          }
        },
        "AccountName": {
          "Description": "The name of the account.",
          "Value": {
            "Fn::GetAtt": [
              "Account",
              "AccountName"
            ]
          }
        }
      }
    }
  4. 创建资源栈页面,配置以下参数。

    参数名称

    是否必填

    参数说明

    示例

    资源栈名称

    资源栈的名称。

    ADB_test_account

    DBClusterId

    集群ID。

    amv-bp12vj6gwa2j****

    AccountPassword

    数据库账号的密码。

    Password****

    AccountName

    数据库账号。

    test

  5. 单击创建状态显示创建成功代表资源栈已创建完成。image

  6. 创建资源栈成功后,单击输出页签,查看数据库账号的详情信息。您也可以在AnalyticDB for MySQL控制台上查看该数据库账号的详细信息,步骤如下:

    1. 登录云原生数据仓库AnalyticDB MySQL控制台,在左上角选择集群所在地域。在左侧导航栏,单击集群列表。在集群列表上方,选择产品系列,然后单击目标集群ID。

    2. 在左侧导航栏,单击账号管理,查看创建的数据库账号信息。