-
Notifications
You must be signed in to change notification settings - Fork 35
/
polardb-postgresql-enterprise-performance-practice.yml
127 lines (127 loc) · 4.59 KB
/
polardb-postgresql-enterprise-performance-practice.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 该模板用于创建PolarDB数据库访问白名单、账号及ECS实例命令执行,含安全IP校验,支持多语言描述。
en: This template is designed for creating PolarDB database access whitelists, accounts,
and executing ECS instance commands, incorporating security IP verification, and
accommodating multilingual descriptions.
Conditions:
IsSecurityIpsEmpty:
Fn::Or:
- IsSecurityIpsEmpty1
- IsSecurityIpsEmpty2
IsSecurityIpsEmpty1:
Fn::Equals:
- Ref: SecurityIps
- ''
IsSecurityIpsEmpty2:
Fn::Equals:
- Ref: SecurityIps
- null
Parameters:
DBClusterId:
Type: String
Label:
en: PolarDB Cluster ID
zh-cn: PolarDB集群ID
AssociationProperty: ALIYUN::POLARDB::DBCluster::DBClusterId
AccountName:
Type: String
Label:
en: Account name
zh-cn: 数据库账号名称
Description:
en: 'Database account: Enter the database account name, for example: temp'
zh-cn: 数据库账号:输入数据库账号名称,例如:temp
Default: temp
AccountPassword:
Type: String
Label:
en: Account password
zh-cn: 数据库账号密码
Description:
en: "The password must be 8 to 32 characters in length. <br>\nIt must contain\
\ at least three of the following character types: uppercase letters, lowercase\
\ letters, digits, and special characters. <br> \nSpecial characters include\
\ <span style=\"background:#E7E9EB;\"><b>!@#$%^&*()_+-=</b></span>."
zh-cn: 长度为8~32位,需包含大写字母、小写字母、特殊字符和数字中的至少三种,允许的特殊字符包括<span style="background:#E7E9EB;"><b>!@#$%^&*()_+-=</b></span>。
AllowedPattern: ^(?=.*[a-zA-Z])(?=.*[a-z0-9])(?=.*[a-z!@#$%^&*()_+=-])(?=.*[A-Z0-9])(?=.*[A-Z!@#$%^&*()_+=-])(?=.*[0-9!@#$%^&*()_+=-])[a-zA-Z0-9!@#$%^&*()_+=-]{8,32}$
NoEcho: true
Confirm: true
SecurityIps:
Type: String
Label:
en: IP Whitelist
zh-cn: IP白名单
Description:
en: "Set up to 1000 IP addresses or network segments that are allowed to access\
\ the instance. <br> \nFor example: 0.0.0.0/0, 10.23.12.24, 10.23.12.24/24.\
\ <br>\nIf not specified, it is set to 0.0.0.0/0. <br>\nIf you want to set\
\ multiple IP addresses or network segments, please separate them with commas.\
\ \nUp to 1000 can be set. <br>\nYou can visit <a href=\"https://ip.taobao.com/ipSearch.html\"\
\ target=\"_blank\">Taobao IP address database</a> to obtain the public network\
\ address of the local device."
zh-cn: |-
设置允许访问实例的IP地址或网段。<br>
例如:0.0.0.0/0,10.23.12.24,10.23.12.24/24。<br>
如果未指定,则设置为0.0.0.0/0。<br>
如果要设置多个IP地址或网段,请使用英文逗号隔开,最多设置1000个。<br>
Default: 0.0.0.0/0
AllowedPattern: ^(((2(5[0-5]|[0-4]\d))|(1\d{2})|([1-9]\d)|\d)([.]((2(5[0-5]|[0-4]\d))|(1\d{2})|([1-9]\d)|\d)){3}([/]((3[0-2])|([1-2]\d)|\d))?)(,((2(5[0-5]|[0-4]\d))|(1\d{2})|([1-9]\d)|\d)([.]((2(5[0-5]|[0-4]\d))|(1\d{2})|([1-9]\d)|\d)){3}([/]((3[0-2])|([1-2]\d)|\d))?){0,999}$|^$
EcsInstanceId:
Type: String
Label:
en: Ecs Instance ID
zh-cn: Ecs实例ID
AssociationProperty: ALIYUN::ECS::Instance
Resources:
PolarDBWhiteList:
Type: ALIYUN::POLARDB::DBClusterAccessWhiteList
Properties:
SecurityIps:
Fn::If:
- IsSecurityIpsEmpty
- 0.0.0.0/0
- Ref: SecurityIps
DBClusterId:
Ref: DBClusterId
PolarDBAccount:
Type: ALIYUN::POLARDB::Account
Properties:
DBClusterId:
Ref: DBClusterId
AccountType: Super
AccountPassword:
Ref: AccountPassword
AccountName:
Ref: AccountName
Command:
Type: ALIYUN::ECS::RunCommand
Properties:
InstanceIds:
- Ref: EcsInstanceId
ContentEncoding: PlainText
CommandContent: yum install -y postgresql
Type: RunShellScript
Timeout: 3600
Sync: true
Outputs:
PolarDBUrl:
Description:
en: PolarDB Private network address.
zh-cn: PolarDB私网连接地址。
Value:
Fn::Sub:
- ${DBClusterId}.mysql.polardb.rds.aliyuncs.com
- DBClusterId:
Ref: DBClusterId
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- DBClusterId
- AccountName
- AccountPassword
- SecurityIps
- EcsInstanceId
TemplateTags:
- acs:document:试用教程:PolarDB PostgreSQL企业级性能实践