使用ACS-RDS-BulkyModifyDBInstanceDeletionProtection批量开启RDS实例删除保护-系统运维管理-阿里云

模板名称

ACS-RDS-BulkyModifyDBInstanceDeletionProtection 批量开启RDS实例保护

立即执行

模板描述

批量开启RDS实例保护

模板类型

自动化

所有者

Alibaba Cloud

输入参数

参数名称	描述	类型	是否必填	默认值	约束
OOSAssumeRole	OOS扮演的RAM角色	String	是
regionId	地域ID	String	否	{{ ACS::RegionId }}
targets	目标实例	Json	否	{"Type": "ResourceIds", "ResourceIds": [], "RegionId": "{{ regionId }}"}
instanceIds	RDS实例Id列表	List	否	[]
rateControl	任务执行的并发比率	Json	否	{"Mode": "Concurrency", "MaxErrors": 0, "Concurrency": 10}

输出参数

无

执行此模板需要的权限策略

{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "rds:DescribeDBInstances",
                "rds:ModifyDBInstanceDeletionProtection"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": [
                "oos:GetApplicationGroup"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

详情

ACS-RDS-BulkyModifyDBInstanceDeletionProtection详情

模板内容

FormatVersion: OOS-2019-06-01
Description:
  en: Bulky enable deletion protection for instances
  zh-cn: 批量开启RDS实例保护
  name-en: ACS-RDS-BulkyModifyDBInstanceDeletionProtection
  name-zh-cn: 批量开启RDS实例保护
  categories:
    - security
    - rds
Parameters:
  regionId:
    Type: String
    Label:
      en: RegionId
      zh-cn: 地域ID
    AssociationProperty: RegionId
    Default: '{{ ACS::RegionId }}'
  targets:
    Type: Json
    Label:
      en: TargetInstance
      zh-cn: 目标实例
    AssociationProperty: Targets
    AssociationPropertyMetadata:
      ResourceType: ALIYUN::RDS::Instance
      RegionId: regionId
    Default:
      Type: ResourceIds
      ResourceIds: []
      RegionId: '{{ regionId }}'
  instanceIds:
    Label:
      en: InstanceIds
      zh-cn: RDS实例Id列表
    Type: List
    Default: []
    AssociationPropertyMetadata:
      Visible:
        Condition:
          Fn::Equals:
            - ${targets}
            - {}
  rateControl:
    Label:
      en: RateControl
      zh-cn: 任务执行的并发比率
    Type: Json
    AssociationProperty: RateControl
    Default:
      Mode: Concurrency
      MaxErrors: 0
      Concurrency: 10
  OOSAssumeRole:
    Label:
      en: OOSAssumeRole
      zh-cn: OOS扮演的RAM角色
    Type: String
RamRole: '{{ OOSAssumeRole }}'
Conditions:
  instanceId:
    Fn::Equals:
      - '{{ instanceIds }}'
      - []
Tasks:
  - Name: getInstance
    When: instanceId
    Description:
      en: Get the RDS instances
      zh-cn: 获取RDS实例
    Action: ACS::SelectTargets
    Properties:
      ResourceType: ALIYUN::RDS::Instance
      RegionId: '{{regionId}}'
      Filters:
        - '{{ targets }}'
    Outputs:
      instanceIds:
        Type: List
        ValueSelector: Instances.Instance[].InstanceId
  - Name: enableDBInstanceDeletionProtection
    Action: ACS::ExecuteApi
    Description: '{"en":"Enables deletion protection for rds instance","zh-cn":"开启实例释放保护"}'
    Properties:
      Service: RDS
      API: ModifyDBInstanceDeletionProtection
      Parameters:
        DBInstanceId: '{{ ACS::TaskLoopItem }}'
        DeletionProtection: true
        RegionId: '{{ regionId }}'
    Loop:
      Items:
        Fn::If:
          - Fn::Equals:
              - '{{instanceIds}}'
              - []
          - '{{ getInstance.instanceIds }}'
          - '{{ instanceIds}}'
      RateControl: '{{ rateControl }}'
    OnError: ACS::END
    OnSuccess: ACS::NEXT
Metadata:
  ALIYUN::OOS::Interface:
    ParameterGroups:
      - Parameters:
          - regionId
          - instanceIds
          - targets
        Label:
          default:
            zh-cn: 选择实例
            en: Select RDS Instances
      - Parameters:
          - rateControl
          - OOSAssumeRole
        Label:
          default:
            zh-cn: 高级选项
            en: Control Options