模板名称
ACS-ECS-BulkyModifyUserPasswordBySecretParameter 通过加密参数批量修改ECS实例用户密码
模板描述
通过加密参数批量修改ECS实例用户密码
模板类型
自动化
所有者
Alibaba Cloud
输入参数
参数名称 | 描述 | 类型 | 是否必填 | 默认值 | 约束 |
targets | 目标实例 | Json | 是 | ||
username | 要修改密码的用户名 | String | 是 | ||
passwordParameter | 密码加密参数 | String | 是 | ||
regionId | 地域ID | String | 否 | {{ ACS::RegionId }} | |
whetherToDeleteSecretParameter | 是否删除加密参数 | Boolean | 否 | False | |
rateControl | 任务执行的并发比率 | Json | 否 | {‘Mode’: ‘Concurrency’, ‘MaxErrors’: 0, ‘Concurrency’: 10} | |
OOSAssumeRole | OOS扮演的RAM角色 | String | 否 | “” |
输出参数
无
执行此模板需要的权限策略
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:AttachInstanceRamRole",
"ecs:DescribeInstanceRamRole",
"ecs:DescribeInstances",
"ecs:DescribeInvocationResults",
"ecs:DescribeInvocations",
"ecs:DetachInstanceRamRole",
"ecs:RunCommand"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ros:CreateStack",
"ros:DeleteStack",
"ros:GetStack"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ram:PassRole"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"oos:DeleteSecretParameter"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
详情
ACS-ECS-BulkyModifyUserPasswordBySecretParameter详情
模板内容
FormatVersion: OOS-2019-06-01
Description:
en: Bulky modify ECS instance user password by secret parameter
zh-cn: 通过加密参数批量修改ECS实例用户密码
name-en: ACS-ECS-BulkyModifyUserPasswordBySecretParameter
name-zh-cn: 通过加密参数批量修改ECS实例用户密码
categories:
- run_command
Parameters:
regionId:
Type: String
Label:
en: RegionId
zh-cn: 地域ID
AssociationProperty: RegionId
Default: '{{ ACS::RegionId }}'
targets:
Type: Json
Label:
en: TargetInstance
zh-cn: 目标实例
AssociationProperty: Targets
AssociationPropertyMetadata:
ResourceType: 'ALIYUN::ECS::Instance'
RegionId: regionId
username:
Label:
en: Username
zh-cn: 要修改密码的用户名
Type: String
passwordParameter:
Label:
en: The password secret parameter
zh-cn: 密码加密参数
Type: String
whetherToDeleteSecretParameter:
Label:
en: WhetherToDeleteSecretParameter
zh-cn: 是否删除加密参数
Type: Boolean
Default: false
rateControl:
Label:
en: RateControl
zh-cn: 任务执行的并发比率
Type: Json
AssociationProperty: RateControl
Default:
Mode: Concurrency
MaxErrors: 0
Concurrency: 10
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: OOS扮演的RAM角色
Type: String
Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: getInstance
Description:
en: Views the ECS instances
zh-cn: 获取ECS实例
Action: ACS::SelectTargets
Properties:
ResourceType: ALIYUN::ECS::Instance
RegionId: '{{ regionId }}'
Filters:
- '{{ targets }}'
Outputs:
instanceIds:
Type: List
ValueSelector: Instances.Instance[].InstanceId
- Name: modifyUserPasswordBySecretParameter
Action: ACS::ECS::ModifyUserPasswordBySecretParameter
OnError: deleteSecretParameter
Description:
en: Use encrypted parameters to modify user password
zh-cn: 使用加密参数修改用户密码
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ ACS::TaskLoopItem }}'
username: '{{ username }}'
passwordParameter: '{{ passwordParameter }}'
Loop:
RateControl: '{{ rateControl }}'
Items: '{{ getInstance.instanceIds }}'
- Name: deleteSecretParameter
When:
'Fn::Equals':
- true
- '{{ whetherToDeleteSecretParameter }}'
Description:
en: Delete the secret parameter
zh-cn: 删除加密参数
Action: ACS::ExecuteAPI
Properties:
Service: OOS
API: DeleteSecretParameter
Parameters:
RegionId: '{{ regionId }}'
Name:
Fn::Select:
- 0
- Fn::Split:
- '}'
- Fn::Select:
- 1
- Fn::Split:
- ':'
- '{{passwordParameter}}'
Metadata:
ALIYUN::OOS::Interface:
ParameterGroups:
- Parameters:
- username
- passwordParameter
- whetherToDeleteSecretParameter
Label:
default:
zh-cn: 设置参数
en: Configure Parameters
- Parameters:
- regionId
- targets
Label:
default:
zh-cn: 选择实例
en: Select ECS Instances
- Parameters:
- rateControl
- OOSAssumeRole
Label:
default:
zh-cn: 高级选项
en: Control Options该文章对您有帮助吗?