全部产品
云市场

审批ACS::Approve

更新时间:2019-06-19 20:17:15

用途

在自动化运维的一些场景中,有些特殊的操作需要被特殊关注,例如删除重要资源,或使用费用较高的实例等。如果把这些操作也纳入自动化的范畴,您可能会担心失去控制,超过预算。若不纳入自动化的范畴,又会导致这些操作退化到手工执行或其他非自动化方式。审批动作能够让您在自动化和特殊关注之间寻找一个平衡。

当执行一个模板中包括审批动作并且执行到审批动作这一步时,OOS执行引擎会暂停执行,进入等待状态,并发送一个通知。用户在收到通知后,根据业务需求做出审批结果,同意或拒绝,同意后则OOS引擎继续执行,拒绝后引擎停止执行,状态为取消(Cancelled)。

语法

Webhook

对于钉钉一类的客户端,可以通过Webhook的方式支持。

  • YAML格式
  1. Tasks:
  2. - Name: approvalTask
  3. Type: ACS::Approve
  4. Properties:
  5. NotifyType: WebHook
  6. WebHook:
  7. URI: url # 必填,webhook地址,如https://oapi.dingtalk.com/robot/send?access_token=xxxxxx
  8. Headers: # 可选,Http请求的Headers,如Content-Type
  9. Content-Type: 'application/json; charset=utf-8'
  10. Content: # 必填,根据具体的Webhook要求提供,如钉钉webhook要求如下:https://open-doc.dingtalk.com/docs/doc.htm?treeId=257&articleId=105735&docType=1
  11. msgtype: text
  12. text:
  13. content: 'this is a dingtalk message with a parameter {{ p1 }}'
  • JSON格式(请参照YAML注释说明)
  1. {
  2. "Tasks": [
  3. {
  4. "Name": "approvalTask",
  5. "Type": "ACS::Approve",
  6. "Properties": {
  7. "NotifyType": "WebHook",
  8. "WebHook": {
  9. "URI": "url",
  10. "Headers": {
  11. "Content-Type": "application/json; charset=utf-8"
  12. },
  13. "Content": {
  14. "msgtype": "text",
  15. "text": {
  16. "content": "this is a dingtalk message with a parameter {{ p1 }}"
  17. }
  18. }
  19. }
  20. }
  21. }
  22. ]
  23. }

示例

以下模板:在删除实例前需要审批。

  • YAML格式:
  1. ---
  2. FormatVersion: OOS-2019-06-01
  3. Description: Delete the ECS instance with approval.
  4. Parameters:
  5. InstanceId:
  6. Description: The instance id of ECS Instance for deletion.
  7. Type: String
  8. AllowedPattern: "i-[A-Za-z0-9]*"
  9. MinLength: 1
  10. MaxLength: 30
  11. AccessToken:
  12. Description: Dingtalk access_token to be notified.
  13. Type: String
  14. AllowedPattern: "[A-Za-z0-9]*"
  15. OOSAssumeRole:
  16. Description: The RAM role to be assumed by OOS.
  17. Type: String
  18. Default: OOSServiceRole
  19. RamRole: "{{OOSAssumeRole}}"
  20. Tasks:
  21. - Name: approvalToDeleteInstance
  22. Action: ACS::Approve
  23. Description: approve to delete the instance.
  24. Properties:
  25. NotifyType: WebHook
  26. WebHook:
  27. URI: "https://oapi.dingtalk.com/robot/send?access_token={{ AccessToken }}"
  28. Headers:
  29. Content-Type: application/json
  30. Content:
  31. msgtype: text
  32. text:
  33. content: "The instance({{ InstanceId }}) will be deleted"
  34. - Name: deleteInstance
  35. Action: ACS::ECS::DeleteInstance
  36. Description: Delete the ECS Instance by the Instance ID.
  37. Properties:
  38. InstanceId: "{{ InstanceId }}"
  • JSON格式:
  1. {
  2. "FormatVersion": "OOS-2019-06-01",
  3. "Description": "Delete the ECS instance with approval.",
  4. "Parameters": {
  5. "InstanceId": {
  6. "Description": "The instance id of ECS Instance for deletion.",
  7. "Type": "String",
  8. "AllowedPattern": "i-[A-Za-z0-9]*",
  9. "MinLength": 1,
  10. "MaxLength": 30
  11. },
  12. "AccessToken": {
  13. "Description": "Dingtalk access_token to be notified.",
  14. "Type": "String",
  15. "AllowedPattern": "[A-Za-z0-9]*"
  16. },
  17. "OOSAssumeRole": {
  18. "Description": "The RAM role to be assumed by OOS.",
  19. "Type": "String",
  20. "Default": "OOSServiceRole"
  21. }
  22. },
  23. "RamRole": "{{OOSAssumeRole}}",
  24. "Tasks": [
  25. {
  26. "Name": "approvalToDeleteInstance",
  27. "Action": "ACS::Approve",
  28. "Description": "approve to delete the instance.",
  29. "Properties": {
  30. "NotifyType": "WebHook",
  31. "WebHook": {
  32. "URI": "https://oapi.dingtalk.com/robot/send?access_token={{ AccessToken }}",
  33. "Headers": {
  34. "Content-Type": "application/json"
  35. },
  36. "Content": {
  37. "msgtype": "text",
  38. "text": {
  39. "content": "The instance({{ InstanceId }}) will be deleted"
  40. }
  41. }
  42. }
  43. }
  44. },
  45. {
  46. "Name": "deleteInstance",
  47. "Action": "ACS::ECS::DeleteInstance",
  48. "Description": "Delete the ECS Instance by the Instance ID.",
  49. "Properties": {
  50. "InstanceId": "{{ InstanceId }}"
  51. }
  52. }
  53. ]
  54. }