-
Notifications
You must be signed in to change notification settings - Fork 17
/
ACS::ESS::ModifyPolarDBIPWhitelist.json
146 lines (146 loc) · 3.9 KB
/
ACS::ESS::ModifyPolarDBIPWhitelist.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
{
"FormatVersion": "OOS-2019-06-01",
"Description": {
"en": "Modify polarDB cluseter ip whitelist",
"zh-cn": "修改PolarDB集群的IP白名单",
"name-en": "ACS::ESS::ModifyPolarDBIPWhitelist",
"name-zh-cn": "修改PolarDB集群的IP白名单"
},
"Parameters": {
"regionId": {
"Label": {
"en": "RegionId",
"zh-cn": "地域ID"
},
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::RegionId",
"Default": "{{ ACS::RegionId }}"
},
"dbClusterId": {
"Label": {
"en": "PolarDBClusterId",
"zh-cn": "PolarDB集群ID"
},
"Type": "String"
},
"modifyMode": {
"Label": {
"en": "ModifyMode",
"zh-cn": "修改白名单的方式"
},
"Description": {
"en": "The method to modify the IP whitelist, Delete is used for elastic contraction activities, and Append is used for elastic expansion activities.",
"zh-cn": "修改IP白名单的方式,Append用于弹性扩张活动,Delete用于弹性收缩活动。"
},
"Type": "String",
"AllowedValues": [
"Append",
"Delete"
]
},
"securityIp": {
"Label": {
"en": "SecurityIp",
"zh-cn": "ip地址"
},
"Type": "String"
}
},
"Tasks": [
{
"Name": "describeDBClusterAccessWhitelist",
"Action": "ACS::ExecuteAPI",
"Description": {
"en": "Describes the whitelist",
"zh-cn": "获取白名单信息"
},
"Properties": {
"Service": "POLARDB",
"API": "DescribeDBClusterAccessWhitelist",
"Parameters": {
"RegionId": "{{ regionId }}",
"DBClusterId": "{{ dbClusterId }}"
}
},
"Outputs": {
"whetherIncludeIP": {
"Type": "String",
"ValueSelector": ".Items.DBClusterIPArray[] | select(.DBClusterIPArrayName == \"default\") | .SecurityIps | test(\"{{securityIp}}\")"
}
}
},
{
"Name": "whetherToAppendIpToWhitelist",
"Action": "ACS::Choice",
"Description": {
"en": "Choose next task by modify mode",
"zh-cn": "根据修改白名单方式选择下一个任务"
},
"Properties": {
"DefaultTask": "appendIpToWhitelist",
"Choices": [
{
"When": {
"Fn::Equals": [
"Delete",
"{{ modifyMode }}"
]
},
"NextTask": "deleteIpFromWhitelist"
}
]
}
},
{
"Name": "appendIpToWhitelist",
"Action": "ACS::ExecuteAPI",
"When": {
"Fn::Equals": [
"{{ describeDBClusterAccessWhitelist.whetherIncludeIP }}",
false
]
},
"Description": {
"en": "Append ipaddress to the whitelist",
"zh-cn": "添加IP到白名单"
},
"OnSuccess": "ACS::END",
"Properties": {
"Service": "POLARDB",
"API": "ModifyDBClusterAccessWhitelist",
"Parameters": {
"RegionId": "{{ regionId }}",
"DBClusterId": "{{ dbClusterId }}",
"WhiteListType": "IP",
"ModifyMode": "Append",
"SecurityIps": "{{ securityIp }}"
}
}
},
{
"Name": "deleteIpFromWhitelist",
"Action": "ACS::ExecuteAPI",
"When": {
"Fn::Equals": [
"{{ describeDBClusterAccessWhitelist.whetherIncludeIP }}",
true
]
},
"Description": {
"en": "Delete ipaddress from whitelist",
"zh-cn": "从白名单删除IP"
},
"Properties": {
"Service": "POLARDB",
"API": "ModifyDBClusterAccessWhitelist",
"Parameters": {
"RegionId": "{{ regionId }}",
"DBClusterId": "{{ dbClusterId }}",
"WhiteListType": "IP",
"ModifyMode": "Delete",
"SecurityIps": "{{ securityIp }}"
}
}
}
]
}