diff --git a/.gitignore b/.gitignore
index fce1954e..d054830c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
.idea
.DS_Store
-.python-version
\ No newline at end of file
+.python-version
+tmp
\ No newline at end of file
diff --git a/README-CN.md b/README-CN.md
index 421db988..e8ad3271 100644
--- a/README-CN.md
+++ b/README-CN.md
@@ -349,7 +349,7 @@ ROS 模板的示例和最佳实践。模板分类如下:
| [internet-network/landing-zone-cen-tr.yml](./solutions/internet-network/landing-zone-cen-tr.yml) | 在账号1及账号2内使用CEN及TR进行跨地域网络互通,账号2数据互通VPC加入两个账号CEN实现双网络互通。 |
| [internet-network/multi-avaiable-areas-building-services.yml](./solutions/internet-network/multi-avaiable-areas-building-services.yml) | 适用于有本地IDC,需要搭建具有高稳定性业务架构的多地域多可用区混合云的用户。物理专线是打通IDC到云上内网通道的最高效稳定的方式。此模板完成多可用区单地域搭建服务。 |
| [internet-network/multi-region-multi-area-network-interworking.yml](./solutions/internet-network/multi-region-multi-area-network-interworking.yml) | 适用于有本地IDC,需要搭建具有高稳定性业务架构的多地域多可用区混合云的用户。物理专线是打通IDC到云上内网通道的最高效稳定的方式。此模板可配合多可用区单地域搭建服务完成组建多可用区多地域的混合云。 |
-| [iot-cloud/iot-platform-device-data-on-the-cloud.yaml](./solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml) | 本文以温湿度传感器设备为例,介绍了如何将该设备接入物联网平台,将设备所上报的数据转发至函数计算FC,并最终推送数据到钉钉群中。|
+| [iot-cloud/iot-platform-device-data-on-the-cloud.yaml](./solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yml) | 本文以温湿度传感器设备为例,介绍了如何将该设备接入物联网平台,将设备所上报的数据转发至函数计算FC,并最终推送数据到钉钉群中。|
| [machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml](./solutions/machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml) | 本文介绍了混合云场景中,自建Kubernetes服务,线下集群+云上弹性扩展阿里云GPU服务实例+飞天AI加速工具,并采用阿里云CPFS存储,运行AI训练+AI推理作业的操作步骤。 |
| [media-service/fpga-cloud-servers.yml](./solutions/media-service/fpga-cloud-servers.yml) | 解决提供高画质低码率的实施转码技术方案、提高图片和视频转码效率及降低传输带宽、转码和存储成本。 |
| [middleware/existing-vpc-cluster-kafka.yml](./solutions/middleware/existing-vpc-cluster-kafka.yml) | 在现有的VPC、VSwitch和安全组下,创建多台ECS(Kafka Middleware),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理,其中Java jdk版本采用1.8.0,Scala版本采用2.12,Kafka版本采用0.10.2.2;应用数据存放至挂载的数据盘(数据盘挂载目录:/home/software,Kafka bin目录:/home/software/kafka/bin);如需访问Kafka Manager管理界面,在已有的安全组下添加访问规则入方向TCP 9000端口。 |
@@ -447,7 +447,7 @@ ROS 模板的示例和最佳实践。模板分类如下:
| 模板 | 说明 |
|-----------------------------------------------------------------------------------------------------------------------|------------------------------------|
-| [flink-hologres-data-warehouse.yml](./documents/solution/data-analysis/flink-hologres-data-warehouse.yml) | 基于Flink+Hologres搭建实时数仓。 |
+| [flink-hologres-data-warehouse.yml](./documents/solution/data-analysis/flink-hologres-data-warehouse.yml) | 基于Flink+Hologres搭建实时数仓。| [解决方案](https://www.aliyun.com/solution/tech-solution/flink_hologres) |
| [flink-maxcompute-data-warehouse.yml](./documents/solution/data-analysis/flink-maxcompute-data-warehouse.yml) | 搭建实时数仓并实现查询加速。 |
| [leaderboard-gamer-points-app-deploy.yml](./documents/solution/data-analysis/leaderboard-gamer-points-app-deploy.yml) | 使用Centos7系统创建ECS实例安装部署游戏玩家积分排行榜应用。 |
| [user-operations-analytics.yml](./documents/solution/data-analysis/user-operations-analytics.yml) | 基于AnalyticDB MySQL湖仓版的用户运营分析实践。 |
@@ -464,6 +464,13 @@ ROS 模板的示例和最佳实践。模板分类如下:
| [one-stop-htap-service.yml](documents/solution/database/one-stop-htap-service.yml) | RDS+ClickHouse构建一站式HTAP。 | [解决方案](https://aliyun.com/solution/tech-solution/rdsclickhouse_htap) |
| [data-transmission-from-ECS-to-RDS.yml](documents/solution/database/data-transmission-from-ECS-to-RDS.yml) | 网站数据库平滑迁移上云。 | [解决方案](https://www.aliyun.com/solution/tech-solution/smowdttc) |
+- iot
+
+| Template | Description |
+|------------------------------------------------------------------------------------------------------------|----------------|
+| [iot-platform-device-data-on-the-cloud.yml](./documents/solution/iot/iot-platform-device-data-on-the-cloud.yml) | 物联网平台设备数据上云。| [解决方案](https://www.aliyun.com/solution/tech-solution/iot_cloud) |
+
+
- micro
| 模板 | 说明 |
@@ -520,7 +527,7 @@ ROS 模板的示例和最佳实践。模板分类如下:
| Template | 说明 |
|----------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------|
-| [multiple-accounts-support-configuration-auditing.yml](documents/solution/resource-directory/multiple-accounts-support-configuration-auditing.yml) | 多账号配置统一合规审计。 |
+| [multiple-accounts-support-configuration-auditing.yml](documents/solution/resource-directory/multiple-accounts-support-configuration-auditing.yml) | 多账号配置统一合规审计。 | [解决方案](https://www.aliyun.com/solution/tech-solution/ucafmac)|
- product-details-page
diff --git a/README.md b/README.md
index 751be19c..5d8eb714 100644
--- a/README.md
+++ b/README.md
@@ -348,7 +348,7 @@ Examples and best practices of ROS templates. The templates are categorized as f
| [internet-network/landing-zone-cen-tr.yml](./solutions/internet-network/landing-zone-cen-tr.yml) | This template is used to establish cross-region network connections between Account A and Account B by using Cloud Enterprise Network (CEN) instances and transit routers. This template is also used to add the virtual private cloud (VPC) of Account B to the CEN instances of Account A and Account B to enable mutual access between the networks. |
| [internet-network/multi-avaiable-areas-building-services.yml](./solutions/internet-network/multi-avaiable-areas-building-services.yml) | This template builds services across multiple zones in a region. It is ideal for users who have on-premises data centers and need to build a multi-region, multi-zone hybrid cloud with highly stable business architecture. Physical connection is the most efficient and stable method to connect an on-premises data center to a VPC. |
| [internet-network/multi-region-multi-area-network-interworking.yml](./solutions/internet-network/multi-region-multi-area-network-interworking.yml) | This template can be used with the template for building services across multiple zones in a region to build a multi-region, multi-zone hybrid cloud. It is ideal for users who have on-premises data centers and need to build a multi-region, multi-zone hybrid cloud with highly stable business architecture. Physical connection is the most efficient and stable method to connect an on-premises data center to a VPC. |
-| [iot-cloud/iot-platform-device-data-on-the-cloud.yaml](./solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml) | This template uses the temperature and humidity sensor device as an example to describe how to connect the device to the Internet of Things platform, forward the data reported by the device to the functional computing FC, and finally push the data to the Dingpin group. |
+| [iot-cloud/iot-platform-device-data-on-the-cloud.yaml](./solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yml) | This template uses the temperature and humidity sensor device as an example to describe how to connect the device to the Internet of Things platform, forward the data reported by the device to the functional computing FC, and finally push the data to the Dingpin group. |
| [machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml](./solutions/machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml) | This template is used to build Kubernetes services, create on-premises clusters, and create elastic Alibaba Cloud GPU instances in the cloud. This template uses AIACC and CPFS to run AI training and AI inference jobs. This template is suitable for hybrid cloud scenarios. |
| [media-service/fpga-cloud-servers.yml](./solutions/media-service/fpga-cloud-servers.yml) | This template is used to deploy a real-time transcoding solution that provides high-quality images at low bit rates. This solution accelerates image and video transcoding and reduces transmission bandwidth. This allows you to minimize your bandwidth, transcoding, and storage costs. |
| [middleware/existing-vpc-cluster-kafka.yml](./solutions/middleware/existing-vpc-cluster-kafka.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Scala version 2.12, and Kafka version 0.10.2.2 are used. Application data is stored in the mounted data disk (mount directory of the data disk: /home/software; directory of Kafka bin: /home/software/kafka/bin). To log on to the Kafka Manager console, you must configure the inbound rule that allows access over TCP port 9000. |
@@ -468,6 +468,13 @@ Examples and best practices of ROS templates. The templates are categorized as f
| [one-stop-htap-service.yml](documents/solution/database/one-stop-htap-service.yml) | Build a one-stop HTAP service based on RDS and ClickHouse. |
| [data-transmission-from-ECS-to-RDS.yml](documents/solution/database/data-transmission-from-ECS-to-RDS.yml) | Data transmission from ECS self-built database to RDS database. |
+- iot
+
+| Template | Description |
+|------------------------------------------------------------------------------------------------------------|-----------------|
+| [iot-platform-device-data-on-the-cloud.yml](./documents/solution/iot/iot-platform-device-data-on-the-cloud.yml) | Iot platform device data on the cloud. |
+
+
- micro
| Template | Description |
diff --git a/documents/help/ecs/wordpress-centos7.yml b/documents/help/ecs/wordpress-centos7.yml
index 0e68386c..32e17b81 100644
--- a/documents/help/ecs/wordpress-centos7.yml
+++ b/documents/help/ecs/wordpress-centos7.yml
@@ -5,8 +5,8 @@ Description:
Conditions:
CreateInstance:
Fn::Equals:
- - Ref: SelectInstance
- - false
+ - Ref: SelectInstance
+ - false
Parameters:
SelectInstance:
Type: Boolean
@@ -32,15 +32,14 @@ Parameters:
Fn::Equals:
- ${SelectInstance}
- true
- Default: null
+ Default: Null
ZoneId:
Type: String
Label:
en: VSwitch Availability Zone
zh-cn: 可用区ID
Description:
- en: Availability Zone ID,
note: Before selecting, please
- confirm that the Availability Zone supports the specification of creating ECS resources.
+ en: Availability Zone ID,
note: Before selecting, please confirm that the Availability Zone supports the specification of creating ECS resources.
zh-cn: 可用区ID。
注: 选择可用区前请确认该可用区是否支持创建ECS资源的规格。
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
AssociationPropertyMetadata:
@@ -50,20 +49,15 @@ Parameters:
Fn::Equals:
- ${SelectInstance}
- false
- Default: null
+ Default: Null
InstanceType:
Type: String
Label:
en: Instance Type
zh-cn: 实例类型
Description:
- en: 'Fill in the specifications that can be used under the VSwitch availability
- zone;
general specifications:ecs.c5.large
note:
- a few zones do not support general specifications
see detail: Instance Specification Family'
- zh-cn: 填写VSwitch可用区下可使用的规格;
通用规格:ecs.c5.large
注:可用区可能不支持通用规格
规格详见:实例规格族
+ en: 'Fill in the specifications that can be used under the VSwitch availability zone;
general specifications:ecs.c5.large
note: a few zones do not support general specifications
see detail: Instance Specification Family'
+ zh-cn: 填写VSwitch可用区下可使用的规格;
通用规格:ecs.c5.large
注:可用区可能不支持通用规格
规格详见:实例规格族
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
ZoneId: ZoneId
@@ -98,13 +92,10 @@ Parameters:
en: Instance Password
zh-cn: 实例密码
Description:
- en: Server login password, Length 8-30, must contain three(Capital letters,
- lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol
- in).
+ en: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
zh-cn: 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
ConstraintDescription:
- en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers,
- ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
+ en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
AssociationPropertyMetadata:
@@ -116,20 +107,29 @@ Parameters:
MinLength: 8
MaxLength: 30
NoEcho: true
- Default: null
+ Default: Null
DbPassword:
Type: String
Label:
en: DB User Password
zh-cn: 数据库用户密码
Description:
- en: The MySQL user password, consisting of letters, numbers, and underline(_), 8 to 32 characters in length.
- zh-cn: MySQL用户密码,数据库访问大小写字母、数字和下划线(_),8-32个字符。
+ en: |-
+ The password must be 8 to 32 characters in length.
+ It must contain the following character types: uppercase letters, lowercase letters, digits, and special characters.
+ Special characters include !@#$%^&*()_+-=.
+ If you repeatedly provision in this tutorial on the same ECS instance, make sure that the MySQL database password is exactly the same as the password set when the template was executed for the first time. Otherwise, the result of provisioning is unavailable.
+ zh-cn: |-
+ 长度为8~32位,需包含大写字母、小写字母、特殊字符和数字,允许的特殊字符包括!@#$%^&*()_+-=。
+ 如果您在同一台ECS实例上重复执行本教程的一键配置模板,请确保MySQL数据库密码和第一次执行模板时设置的密码完全一致。否则一键配置结果不可用。
ConstraintDescription:
- en: Consisting of letters, numbers, and underline(_), 8 to 32 characters in length.
- zh-cn: 由字母、数字和下划线(_)组成,长度为8到32个字符。
- MinLength: 8
- MaxLength: 32
+ en: |-
+ The password must be 8 to 32 characters in length.
+ It must contain the following character types: uppercase letters, lowercase letters, digits, and special characters.
+ Special characters include !@#$%^&*()_+-=.
+ If you repeatedly provision in this tutorial on the same ECS instance, make sure that the MySQL database password is exactly the same as the password set when the template was executed for the first time. Otherwise, the result of provisioning is unavailable.
+ zh-cn: 长度为8~32位,需包含四项大写字母、小写字母、特殊字符和数字,允许的特殊字符包括!@#$%^&*()_+-=。
+ AllowedPattern: ^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])((?=.*[!@#\$%\^&\*\(\)\-\+])|(?=.*[_\.,:;\-\?]))[a-zA-Z0-9!@#\$%\^&\*\(\)\-\+_\.,:;\-\?]{8,32}$
NoEcho: true
Resources:
Vpc:
@@ -213,7 +213,7 @@ Resources:
- Fn::GetAtt:
- InstanceGroup
- InstanceIds
- - [Ref: InstanceId]
+ - - Ref: InstanceId
InstanceGroup:
Type: ALIYUN::ECS::InstanceGroup
Condition: CreateInstance
@@ -242,280 +242,279 @@ Resources:
- Fn::GetAtt:
- InstanceGroup
- InstanceIds
- - [ Ref: InstanceId ]
+ - - Ref: InstanceId
Type: RunShellScript
Sync: true
Timeout: 7200
CommandContent:
Fn::Sub:
- - |-
- #!/bin/bash
- if [ ! -f .ros.provision ]; then
- echo "Name: 手动搭建WordPress(CentOS 7)" > .ros.provision
- fi
-
- name=$(grep "^Name:" .ros.provision | awk -F':' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
- if [[ "$name" != "手动搭建WordPress(CentOS 7)" ]]; then
- echo "当前实例已使用过\"$name\"教程的一键配置,不能再使用本教程的一键配置"
- ${WaitConditionHandle.CurlCli} --data-binary "{\"status\": \"FAILURE\", \"reason\": \"The current instance has already applied the configuration of the \\\"$name\\\" tutorial, and the configuration of this tutorial can no longer be applied.\"}"
- exit 0
- fi
-
- echo "#########################"
- echo "# Check Network"
- echo "#########################"
- ping -c 2 -W 2 aliyun.com > /dev/null
- if [[ $? -ne 0 ]]; then
- echo "当前实例无法访问公网"
- ${WaitConditionHandle.CurlCli} --data-binary "{\"status\": \"FAILURE\", \"reason\": \"The current instance cannot access the public network.\"}"
- exit 0
- fi
-
- if ! grep -q "^Step1: Prepare Environment$" .ros.provision; then
- echo "#########################"
- echo "# Prepare Environment"
- echo "#########################"
- systemctl status firewalld
- systemctl stop firewalld
- echo "Step1: Prepare Environment" >> .ros.provision
- else
- echo "#########################"
- echo "# Environment has been ready"
- echo "#########################"
- fi
-
- if ! grep -q "^Step2: Install Nginx$" .ros.provision; then
- echo "#########################"
- echo "# Install Nginx"
- echo "#########################"
- yum -y install nginx
- nginx -v
- echo "Step2: Install Nginx" >> .ros.provision
- else
- echo "#########################"
- echo "# Nginx has been installed"
- echo "#########################"
- fi
-
- if ! grep -q "^Step3: Install MySQL$" .ros.provision; then
- echo "#########################"
- echo "# Install MySQL"
- echo "#########################"
- rpm -Uvh https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
- yum -y install mysql-community-server --nogpgcheck
- mysql -V
- systemctl start mysqld
- systemctl enable mysqld
- systemctl daemon-reload
- echo "Step3: Install MySQL" >> .ros.provision
- else
- echo "#########################"
- echo "# MySQL has been installed"
- echo "#########################"
- fi
-
- if ! grep -q "^Step4: Install PHP$" .ros.provision; then
- echo "#########################"
- echo "# Install PHP"
- echo "#########################"
- yum install -y \
- https://mirrors.aliyun.com/ius/ius-release-el7.rpm \
- https://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
- rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
- yum -y install php70w-devel php70w.x86_64 php70w-cli.x86_64 php70w-common.x86_64 php70w-gd.x86_64 php70w-ldap.x86_64 php70w-mbstring.x86_64 php70w-mcrypt.x86_64 php70w-pdo.x86_64 php70w-mysqlnd php70w-fpm php70w-opcache php70w-pecl-redis php70w-pecl-mongodb
- php -v
- echo "Step4: Install PHP" >> .ros.provision
- else
- echo "#########################"
- echo "# PHP has been installed"
- echo "#########################"
- fi
-
- if ! grep -q "^Step4: Config Nginx$" .ros.provision; then
- echo "#########################"
- echo "# Config Nginx"
- echo "#########################"
- cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
- cat > /etc/nginx/nginx.conf << \EOF
- # For more information on configuration, see:
- # * Official English Documentation: http://nginx.org/en/docs/
- # * Official Russian Documentation: http://nginx.org/ru/docs/
-
- user nginx;
- worker_processes auto;
- error_log /var/log/nginx/error.log;
- pid /run/nginx.pid;
-
- # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
- include /usr/share/nginx/modules/*.conf;
-
- events {
- worker_connections 1024;
- }
-
- http {
- log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';
-
- access_log /var/log/nginx/access.log main;
-
- sendfile on;
- tcp_nopush on;
- tcp_nodelay on;
- keepalive_timeout 65;
- types_hash_max_size 4096;
-
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
-
- # Load modular configuration files from the /etc/nginx/conf.d directory.
- # See http://nginx.org/en/docs/ngx_core_module.html#include
- # for more information.
- include /etc/nginx/conf.d/*.conf;
-
- server {
- listen 80;
- listen [::]:80;
- server_name _;
- root /usr/share/nginx/html/wordpress;
-
- # Load configuration files for the default server block.
- include /etc/nginx/default.d/*.conf;
-
- location / {
- index index.php index.html index.htm;
- }
-
- location ~ .php$ {
- root /usr/share/nginx/html/wordpress; # 将/usr/share/nginx/html替换为您的网站根目录,本文使用/usr/share/nginx/html作为网站根目录。
- fastcgi_pass 127.0.0.1:9000; # Nginx通过本机的9000端口将PHP请求转发给PHP-FPM进行处理。
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- include fastcgi_params; # Nginx调用fastcgi接口处理PHP请求。
- }
-
- error_page 404 /404.html;
- location = /404.html {
- }
-
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- }
- }
-
- # Settings for a TLS enabled server.
- #
- # server {
- # listen 443 ssl http2;
- # listen [::]:443 ssl http2;
- # server_name _;
- # root /usr/share/nginx/html;
- #
- # ssl_certificate "/etc/pki/nginx/server.crt";
- # ssl_certificate_key "/etc/pki/nginx/private/server.key";
- # ssl_session_cache shared:SSL:1m;
- # ssl_session_timeout 10m;
- # ssl_ciphers HIGH:!aNULL:!MD5;
- # ssl_prefer_server_ciphers on;
- #
- # # Load configuration files for the default server block.
- # include /etc/nginx/default.d/*.conf;
- #
- # error_page 404 /404.html;
- # location = /40x.html {
- # }
- #
- # error_page 500 502 503 504 /50x.html;
- # location = /50x.html {
- # }
- # }
-
- }
- EOF
- systemctl start nginx
- systemctl enable nginx
- echo "Step4: Config Nginx" >> .ros.provision
- else
- echo "#########################"
- echo "# Nginx has been configured"
- echo "#########################"
- fi
-
- if ! grep -q "^Step6: Config MySQL$" .ros.provision; then
- echo "#########################"
- echo "# Config MySQL"
- echo "#########################"
- export MYSQL_PWD=`grep "temporary password" /var/log/mysqld.log | awk '{print $NF}'`
- mysqladmin -uroot password '${DbPassword}'
- export MYSQL_PWD='${DbPassword}'
- mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${DbPassword}'"
- echo CREATE DATABASE wordpress\; >> /tmp/setup.mysql
- echo CREATE user "user"@"localhost" identified by \"${DbPassword}\"\; >> /tmp/setup.mysql
- echo GRANT ALL privileges ON wordpress.* TO "user"@"localhost" IDENTIFIED BY \"${DbPassword}\"\; >> /tmp/setup.mysql
- echo FLUSH privileges\;>> /tmp/setup.mysql
- chmod 400 /tmp/setup.mysql
- mysql -u root --password='${DbPassword}' < /tmp/setup.mysql
- echo "Step6: Config MySQL" >> .ros.provision
- else
- echo "#########################"
- echo "# MySQL has been configured"
- echo "#########################"
- fi
-
- if ! grep -q "^Step7: Config PHP$" .ros.provision; then
- echo "#########################"
- echo "# Config PHP"
- echo "#########################"
- echo "" > /usr/share/nginx/html/phpinfo.php
- systemctl start php-fpm
- systemctl enable php-fpm
- echo "Step7: Config PHP" >> .ros.provision
- else
- echo "#########################"
- echo "# PHP has been configured"
- echo "#########################"
- fi
-
- if ! grep -q "^Step8: Install wordpress$" .ros.provision; then
- echo "#########################"
- echo "# Install wordpress"
- echo "#########################"
- yum -y install wordpress
- echo "Step8: Install wordpress" >> .ros.provision
- else
- echo "#########################"
- echo "# wordpress has been installed"
- echo "#########################"
- fi
-
- if ! grep -q "^Step9: Config wordpress$" .ros.provision; then
- echo "#########################"
- echo "# Config wordpress"
- echo "#########################"
- mv /usr/share/wordpress /usr/share/nginx/html/wordpress
- cd /usr/share/nginx/html/wordpress
- ln -snf /etc/wordpress/wp-config.php wp-config.php
- sed -i "s/database_name_here/wordpress/" wp-config.php
- sed -i "s/username_here/user/" wp-config.php
- sed -i "s/password_here/${DbPassword}/" wp-config.php
- echo "Step8: Config wordpress" >> .ros.provision
- else
- echo "#########################"
- echo "# wordpress has been configured"
- echo "#########################"
- fi
-
- systemctl restart nginx
- ${WaitConditionHandle.CurlCli} --data-binary '{"status": "SUCCESS"}'
- - IP:
- Fn::Jq:
- - First
- - if .[0].PublicIpAddress != [] then .[0].PublicIpAddress[0] else .[0].EipAddress.IpAddress
- end
- - Fn::GetAtt:
- - DS_Instances
- - Instances
+ - |-
+ #!/bin/bash
+ if [ ! -f .ros.provision ]; then
+ echo "Name: 手动搭建WordPress(CentOS 7)" > .ros.provision
+ fi
+
+ name=$(grep "^Name:" .ros.provision | awk -F':' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
+ if [[ "$name" != "手动搭建WordPress(CentOS 7)" ]]; then
+ echo "当前实例已使用过\"$name\"教程的一键配置,不能再使用本教程的一键配置"
+ ${WaitConditionHandle.CurlCli} --data-binary "{\"status\": \"FAILURE\", \"reason\": \"The current instance has already applied the configuration of the \\\"$name\\\" tutorial, and the configuration of this tutorial can no longer be applied.\"}"
+ exit 0
+ fi
+
+ echo "#########################"
+ echo "# Check Network"
+ echo "#########################"
+ ping -c 2 -W 2 aliyun.com > /dev/null
+ if [[ $? -ne 0 ]]; then
+ echo "当前实例无法访问公网"
+ ${WaitConditionHandle.CurlCli} --data-binary "{\"status\": \"FAILURE\", \"reason\": \"The current instance cannot access the public network.\"}"
+ exit 0
+ fi
+
+ if ! grep -q "^Step1: Prepare Environment$" .ros.provision; then
+ echo "#########################"
+ echo "# Prepare Environment"
+ echo "#########################"
+ systemctl status firewalld
+ systemctl stop firewalld
+ echo "Step1: Prepare Environment" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# Environment has been ready"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step2: Install Nginx$" .ros.provision; then
+ echo "#########################"
+ echo "# Install Nginx"
+ echo "#########################"
+ yum -y install nginx
+ nginx -v
+ echo "Step2: Install Nginx" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# Nginx has been installed"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step3: Install MySQL$" .ros.provision; then
+ echo "#########################"
+ echo "# Install MySQL"
+ echo "#########################"
+ rpm -Uvh https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
+ yum -y install mysql-community-server --nogpgcheck
+ mysql -V
+ systemctl start mysqld
+ systemctl enable mysqld
+ systemctl daemon-reload
+ echo "Step3: Install MySQL" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# MySQL has been installed"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step4: Install PHP$" .ros.provision; then
+ echo "#########################"
+ echo "# Install PHP"
+ echo "#########################"
+ yum install -y \
+ https://mirrors.aliyun.com/ius/ius-release-el7.rpm \
+ https://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
+ rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
+ yum -y install php70w-devel php70w.x86_64 php70w-cli.x86_64 php70w-common.x86_64 php70w-gd.x86_64 php70w-ldap.x86_64 php70w-mbstring.x86_64 php70w-mcrypt.x86_64 php70w-pdo.x86_64 php70w-mysqlnd php70w-fpm php70w-opcache php70w-pecl-redis php70w-pecl-mongodb
+ php -v
+ echo "Step4: Install PHP" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# PHP has been installed"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step4: Config Nginx$" .ros.provision; then
+ echo "#########################"
+ echo "# Config Nginx"
+ echo "#########################"
+ cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
+ cat > /etc/nginx/nginx.conf << \EOF
+ # For more information on configuration, see:
+ # * Official English Documentation: http://nginx.org/en/docs/
+ # * Official Russian Documentation: http://nginx.org/ru/docs/
+
+ user nginx;
+ worker_processes auto;
+ error_log /var/log/nginx/error.log;
+ pid /run/nginx.pid;
+
+ # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
+ include /usr/share/nginx/modules/*.conf;
+
+ events {
+ worker_connections 1024;
+ }
+
+ http {
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ access_log /var/log/nginx/access.log main;
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 4096;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ # Load modular configuration files from the /etc/nginx/conf.d directory.
+ # See http://nginx.org/en/docs/ngx_core_module.html#include
+ # for more information.
+ include /etc/nginx/conf.d/*.conf;
+
+ server {
+ listen 80;
+ listen [::]:80;
+ server_name _;
+ root /usr/share/nginx/html/wordpress;
+
+ # Load configuration files for the default server block.
+ include /etc/nginx/default.d/*.conf;
+
+ location / {
+ index index.php index.html index.htm;
+ }
+
+ location ~ .php$ {
+ root /usr/share/nginx/html/wordpress; # 将/usr/share/nginx/html替换为您的网站根目录,本文使用/usr/share/nginx/html作为网站根目录。
+ fastcgi_pass 127.0.0.1:9000; # Nginx通过本机的9000端口将PHP请求转发给PHP-FPM进行处理。
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include fastcgi_params; # Nginx调用fastcgi接口处理PHP请求。
+ }
+
+ error_page 404 /404.html;
+ location = /404.html {
+ }
+
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ }
+ }
+
+ # Settings for a TLS enabled server.
+ #
+ # server {
+ # listen 443 ssl http2;
+ # listen [::]:443 ssl http2;
+ # server_name _;
+ # root /usr/share/nginx/html;
+ #
+ # ssl_certificate "/etc/pki/nginx/server.crt";
+ # ssl_certificate_key "/etc/pki/nginx/private/server.key";
+ # ssl_session_cache shared:SSL:1m;
+ # ssl_session_timeout 10m;
+ # ssl_ciphers HIGH:!aNULL:!MD5;
+ # ssl_prefer_server_ciphers on;
+ #
+ # # Load configuration files for the default server block.
+ # include /etc/nginx/default.d/*.conf;
+ #
+ # error_page 404 /404.html;
+ # location = /40x.html {
+ # }
+ #
+ # error_page 500 502 503 504 /50x.html;
+ # location = /50x.html {
+ # }
+ # }
+
+ }
+ EOF
+ systemctl start nginx
+ systemctl enable nginx
+ echo "Step4: Config Nginx" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# Nginx has been configured"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step6: Config MySQL$" .ros.provision; then
+ echo "#########################"
+ echo "# Config MySQL"
+ echo "#########################"
+ export MYSQL_PWD=`grep "temporary password" /var/log/mysqld.log | awk '{print $NF}'`
+ mysqladmin -uroot password '${DbPassword}'
+ export MYSQL_PWD='${DbPassword}'
+ mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${DbPassword}'"
+ echo CREATE DATABASE wordpress\; >> /tmp/setup.mysql
+ echo CREATE user "user"@"localhost" identified by \"${DbPassword}\"\; >> /tmp/setup.mysql
+ echo GRANT ALL privileges ON wordpress.* TO "user"@"localhost" IDENTIFIED BY \"${DbPassword}\"\; >> /tmp/setup.mysql
+ echo FLUSH privileges\;>> /tmp/setup.mysql
+ chmod 400 /tmp/setup.mysql
+ mysql -u root --password='${DbPassword}' < /tmp/setup.mysql
+ echo "Step6: Config MySQL" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# MySQL has been configured"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step7: Config PHP$" .ros.provision; then
+ echo "#########################"
+ echo "# Config PHP"
+ echo "#########################"
+ echo "" > /usr/share/nginx/html/phpinfo.php
+ systemctl start php-fpm
+ systemctl enable php-fpm
+ echo "Step7: Config PHP" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# PHP has been configured"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step8: Install wordpress$" .ros.provision; then
+ echo "#########################"
+ echo "# Install wordpress"
+ echo "#########################"
+ yum -y install wordpress
+ echo "Step8: Install wordpress" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# wordpress has been installed"
+ echo "#########################"
+ fi
+
+ if ! grep -q "^Step9: Config wordpress$" .ros.provision; then
+ echo "#########################"
+ echo "# Config wordpress"
+ echo "#########################"
+ mv /usr/share/wordpress /usr/share/nginx/html/wordpress
+ cd /usr/share/nginx/html/wordpress
+ ln -snf /etc/wordpress/wp-config.php wp-config.php
+ sed -i "s/database_name_here/wordpress/" wp-config.php
+ sed -i "s/username_here/user/" wp-config.php
+ sed -i "s/password_here/${DbPassword}/" wp-config.php
+ echo "Step8: Config wordpress" >> .ros.provision
+ else
+ echo "#########################"
+ echo "# wordpress has been configured"
+ echo "#########################"
+ fi
+
+ systemctl restart nginx
+ ${WaitConditionHandle.CurlCli} --data-binary '{"status": "SUCCESS"}'
+ - IP:
+ Fn::Jq:
+ - First
+ - if .[0].PublicIpAddress != [] then .[0].PublicIpAddress[0] else .[0].EipAddress.IpAddress end
+ - Fn::GetAtt:
+ - DS_Instances
+ - Instances
DependsOn:
- SecurityGroupIngress_22
- SecurityGroupIngress_443
@@ -529,23 +528,22 @@ Outputs:
- IP:
Fn::Jq:
- First
- - if .[0].PublicIpAddress != [] then .[0].PublicIpAddress[0] else .[0].EipAddress.IpAddress
- end
+ - if .[0].PublicIpAddress != [] then .[0].PublicIpAddress[0] else .[0].EipAddress.IpAddress end
- Fn::GetAtt:
- DS_Instances
- Instances
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- - Parameters:
- - SelectExistECS
- - ECSInstanceId
- - ZoneId
- - InstanceType
- - SystemDiskCategory
- - InstancePassword
- - DbPassword
- Label:
- default: ECS
+ - Parameters:
+ - SelectExistECS
+ - ECSInstanceId
+ - ZoneId
+ - InstanceType
+ - SystemDiskCategory
+ - InstancePassword
+ - DbPassword
+ Label:
+ default: ECS
TemplateTags:
- - acs:document-help:ecs:手动搭建WordPress(CentOS 7)
\ No newline at end of file
+ - acs:document-help:ecs:手动搭建WordPress(CentOS 7)
diff --git a/documents/solution/data-analysis/flink-hologres-data-warehouse.yml b/documents/solution/data-analysis/flink-hologres-data-warehouse.yml
index 633ac950..29735162 100644
--- a/documents/solution/data-analysis/flink-hologres-data-warehouse.yml
+++ b/documents/solution/data-analysis/flink-hologres-data-warehouse.yml
@@ -152,8 +152,7 @@ Parameters:
ConstraintDescription:
zh-cn: 8-32个字符,可包含大小字母、数字及特殊符号(包含:!@#$%^&*-+=_)。
en: '8-32 characters, can contain size letters, Numbers and special symbols (including:!@ # $% ^ & * - + = _).'
- MinLength: '8'
- MaxLength: '32'
+ AllowedPattern: '^(?=.*[A-Z])(?=.*[a-z])(?=.*\d)(?=.*[!@#$%^&*\-+=_]).{8,32}$'
NoEcho: true
Resources:
diff --git a/documents/solution/iot/iot-platform-device-data-on-the-cloud.yml b/documents/solution/iot/iot-platform-device-data-on-the-cloud.yml
new file mode 100644
index 00000000..e80aee2f
--- /dev/null
+++ b/documents/solution/iot/iot-platform-device-data-on-the-cloud.yml
@@ -0,0 +1,565 @@
+ROSTemplateFormatVersion: '2015-09-01'
+Description:
+ en: Iot platform device data on the cloud.
+ zh-cn: 物联网平台设备数据上云。
+Parameters:
+ ZoneId:
+ Type: String
+ Label:
+ en: VSwitch Availability Zone
+ zh-cn: 可用区ID
+ Description:
+ en: Availability Zone ID,
note: Before selecting, please confirm that the Availability Zone supports the specification of creating ECS resources.
+ zh-cn: 可用区ID。
注: 选择可用区前请确认该可用区是否支持创建ECS资源的规格。
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ InstanceType:
+ Type: String
+ Label:
+ en: Instance Type
+ zh-cn: 实例类型
+ Description:
+ en: 'Fill in the specifications that can be used under the VSwitch availability zone;
general specifications:ecs.c5.large
note: a few zones do not support general specifications
see detail: Instance Specification Family'
+ zh-cn: 填写VSwitch可用区下可使用的规格;
通用规格:ecs.c5.large
注:可用区可能不支持通用规格
规格详见:实例规格族
+ AssociationProperty: ALIYUN::ECS::Instance::InstanceType
+ AssociationPropertyMetadata:
+ ZoneId: ZoneId
+ SystemDiskCategory:
+ Type: String
+ Label:
+ en: System Disk Type
+ zh-cn: 系统盘类型
+ Description:
+ en: 'Optional values:
[cloud_efficiency: Efficient Cloud Disk]
[cloud_ssd: SSD Cloud Disk]
[cloud_essd: ESSD Cloud Disk]
[cloud: Cloud Disk]
[ephemeral_ssd: Local SSD Cloud Disk]'
+ zh-cn: '可选值:
[cloud_efficiency: 高效云盘]
[cloud_ssd: SSD云盘]
[cloud_essd: ESSD云盘]
[cloud: 普通云盘]
[ephemeral_ssd: 本地SSD盘]'
+ AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
+ AssociationPropertyMetadata:
+ LocaleKey: DiskCategory
+ InstanceType: ${InstanceType}
+ ZoneId: ZoneId
+ InstancePassword:
+ Type: String
+ Label:
+ en: Instance Password
+ zh-cn: 实例密码
+ Description:
+ en: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
+ zh-cn: 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ ConstraintDescription:
+ en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
+ zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
+ MinLength: 8
+ MaxLength: 30
+ NoEcho: true
+ CommonName:
+ Type: String
+ Default: iot_cloud
+ DeviceName:
+ Type: String
+ Label:
+ en: Device Name
+ zh-cn: 设备名称
+ ProductKey:
+ Type: String
+ Label:
+ en: Product Key
+ zh-cn: 产品密钥
+ DeviceSecret:
+ Type: String
+ Label:
+ en: Device Secret
+ zh-cn: 设备密钥
+ Host:
+ Type: String
+ Label:
+ en: The MQTT device Host
+ zh-cn: MQTT设备接入域名(VPC内地址)
+ Description:
+ en: How to get access to a domain name, Please see manage instances terminal node .
+ zh-cn: 获取接入域名的方法,请参见管理实例终端节点。
+ AccessToken:
+ Type: String
+ Label:
+ en: Access Token
+ zh-cn: Access Token
+ Description:
+ en: The value of AccessToken from the Webhook address of the internal enterprise application robot.
+ zh-cn: 企业内部应用机器人Webhook地址中AccessToken的值。
+Resources:
+ ResourceManagerResourceGroup:
+ Type: ALIYUN::ResourceManager::ResourceGroup
+ Properties:
+ DisplayName: IoT-Resource-Group
+ Name:
+ Fn::Join:
+ - '-'
+ - - IoT
+ - Fn::Select:
+ - 0
+ - Fn::Split:
+ - '-'
+ - Ref: ALIYUN::StackId
+ Vpc:
+ Type: ALIYUN::ECS::VPC
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ VpcName:
+ Fn::Sub: ${CommonName}_VPC_IOT
+ CidrBlock: 192.168.0.0/16
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ VSwitch:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ ZoneId:
+ Ref: ZoneId
+ VpcId:
+ Ref: Vpc
+ VSwitchName:
+ Fn::Sub: ${CommonName}_vsw_001
+ CidrBlock: 192.168.1.0/24
+ SecurityGroup:
+ Type: ALIYUN::ECS::SecurityGroup
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ VpcId:
+ Ref: Vpc
+ SecurityGroupName:
+ Fn::Sub: ${CommonName}_SecurityGroup_1
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ InstanceGroup:
+ Type: ALIYUN::ECS::InstanceGroup
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ VpcId:
+ Ref: Vpc
+ InstanceName:
+ Fn::Sub: ${CommonName}_APP001
+ VSwitchId:
+ Ref: VSwitch
+ SecurityGroupId:
+ Ref: SecurityGroup
+ ImageId: aliyun_3_x64_20G_alibase_20230727.vhd
+ SystemDiskSize: 20
+ InstanceType:
+ Ref: InstanceType
+ SystemDiskCategory:
+ Ref: SystemDiskCategory
+ Password:
+ Ref: InstancePassword
+ IoOptimized: optimized
+ MaxAmount: 1
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ InstanceRunCommand:
+ Type: 'ALIYUN::ECS::RunCommand'
+ Properties:
+ InstanceIds:
+ - Ref: InstanceGroup
+ Sync: true
+ Type: RunShellScript
+ Timeout: '300'
+ CommandContent:
+ 'Fn::Sub': >-
+ #!/bin/bash
+
+ sudo yum install -y nodejs
+
+ cat >/root/iot_device.js << 'EOF'
+
+ const mqtt = require("aliyun-iot-mqtt");
+
+ // 1. 设备身份信息
+
+ var options = {
+ productKey: "${ProductKey}",
+ deviceName: "${DeviceName}",
+ deviceSecret: "${DeviceSecret}",
+ host: "${Host}",
+ };
+
+ // 2. 建立MQTT连接
+
+ const client = mqtt.getAliyunIotMqttClient(options);
+ //订阅云端指令Topic
+
+ client.subscribe("/${ProductKey}/${DeviceName}/c");
+ client.on("message", function (topic, message) {
+ console.log("topic " + topic);
+ console.log("message " + message);
+ });
+
+ setInterval(function () {
+ // 3.定时上报温湿度数据
+
+ client.publish(
+ "/sys/${ProductKey}/${DeviceName}/thing/event/property/post",
+ getPostData(),
+ { qos: 0 }
+ );
+ }, 5 * 1000);
+
+ function getPostData() {
+ const payloadJson = {
+ id: Date.now(),
+ version: "1.0",
+ params: {
+ temperature: Math.floor(Math.random() * 20 + 10),
+ humidity: Math.floor(Math.random() * 20 + 10),
+ },
+ method: "thing.event.property.post",
+ };
+ console.log("payloadJson " + JSON.stringify(payloadJson));
+ return JSON.stringify(payloadJson);
+ }
+
+ EOF
+
+ cd /root
+
+ npm config set registry https://registry.npm.taobao.org
+
+ npm install aliyun-iot-mqtt -S
+
+ nohup node iot_device.js &
+ RamUser:
+ Type: ALIYUN::RAM::User
+ Properties:
+ UserName:
+ Fn::Join:
+ - '-'
+ - - IoT-Test
+ - Ref: ALIYUN::StackId
+ CustomPolicy:
+ Type: ALIYUN::RAM::ManagedPolicy
+ Properties:
+ PolicyName:
+ Fn::Join:
+ - '-'
+ - - IoT-FC
+ - Ref: ALIYUN::StackId
+ PolicyDocument:
+ Version: '1'
+ Statement:
+ - Effect: Allow
+ Action:
+ - fc:ListServices
+ - fc:ListFunctions
+ - fc:GetService
+ - fc:GetFunction
+ - fc:CreateFunction
+ - fc:CreateService
+ - fc:DeleteFunction
+ - fc:DeleteService
+ - fc:GetFunctionCode
+ - fc:InvokeFunction
+ Resource:
+ - '*'
+ AliyunIOTAccessingFCRolePolicy:
+ Type: ALIYUN::RAM::ManagedPolicy
+ Properties:
+ PolicyName:
+ Fn::Join:
+ - '-'
+ - - AliyunIOTAccessingFCRole
+ - Ref: ALIYUN::StackId
+ PolicyDocument:
+ Version: '1'
+ Statement:
+ - Action:
+ - ram:AttachPolicyToRole
+ - ram:CreateRole
+ Resource:
+ - acs:ram:*:system:policy/AliyunIOTAccessingFCRolePolicy
+ - acs:ram:*:*:role/AliyunIOTAccessingFCRole
+ Effect: Allow
+ AttachCustomPolicyToUser:
+ DependsOn:
+ - CustomPolicy
+ - RamUser
+ Type: ALIYUN::RAM::AttachPolicyToUser
+ Properties:
+ PolicyType: Custom
+ UserName:
+ Fn::GetAtt:
+ - RamUser
+ - UserName
+ PolicyName:
+ Fn::GetAtt:
+ - CustomPolicy
+ - PolicyName
+ AttachAliyunIOTAccessingFCRolePolicyToUser:
+ DependsOn:
+ - AliyunIOTAccessingFCRolePolicy
+ - RamUser
+ Type: ALIYUN::RAM::AttachPolicyToUser
+ Properties:
+ PolicyType: Custom
+ UserName:
+ Fn::GetAtt:
+ - RamUser
+ - UserName
+ PolicyName:
+ Fn::GetAtt:
+ - AliyunIOTAccessingFCRolePolicy
+ - PolicyName
+ AliyunBSSOrderAccessPolicyAttachment:
+ Type: ALIYUN::ResourceManager::PolicyAttachment
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ PolicyType: System
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ PolicyName: AliyunBSSOrderAccess
+ PrincipalName:
+ Fn::Join:
+ - ''
+ - - Ref: RamUser
+ - '@'
+ - Fn::GetAtt:
+ - ResourceManagerResourceGroup
+ - AccountId
+ - .onaliyun.com
+ PrincipalType: IMSUser
+ AliyunVPCReadOnlyAccessPolicyAttachment:
+ Type: ALIYUN::ResourceManager::PolicyAttachment
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ PolicyType: System
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ PolicyName: AliyunVPCReadOnlyAccess
+ PrincipalName:
+ Fn::Join:
+ - ''
+ - - Ref: RamUser
+ - '@'
+ - Fn::GetAtt:
+ - ResourceManagerResourceGroup
+ - AccountId
+ - .onaliyun.com
+ PrincipalType: IMSUser
+ AliyunECSFullAccessPolicyAttachment:
+ Type: ALIYUN::ResourceManager::PolicyAttachment
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ PolicyType: System
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ PolicyName: AliyunECSFullAccess
+ PrincipalName:
+ Fn::Join:
+ - ''
+ - - Ref: RamUser
+ - '@'
+ - Fn::GetAtt:
+ - ResourceManagerResourceGroup
+ - AccountId
+ - .onaliyun.com
+ PrincipalType: IMSUser
+ AliyunVPCFullAccessPolicyAttachment:
+ Type: ALIYUN::ResourceManager::PolicyAttachment
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ PolicyType: System
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ PolicyName: AliyunVPCFullAccess
+ PrincipalName:
+ Fn::Join:
+ - ''
+ - - Ref: RamUser
+ - '@'
+ - Fn::GetAtt:
+ - ResourceManagerResourceGroup
+ - AccountId
+ - .onaliyun.com
+ PrincipalType: IMSUser
+ AliyunIOTFullAccessPolicyAttachment:
+ Type: ALIYUN::ResourceManager::PolicyAttachment
+ DependsOn:
+ - ResourceManagerResourceGroup
+ Properties:
+ PolicyType: System
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ PolicyName: AliyunIOTFullAccess
+ PrincipalName:
+ Fn::Join:
+ - ''
+ - - Ref: RamUser
+ - '@'
+ - Fn::GetAtt:
+ - ResourceManagerResourceGroup
+ - AccountId
+ - .onaliyun.com
+ PrincipalType: IMSUser
+ CustomPolicyAttachment:
+ Type: ALIYUN::ResourceManager::PolicyAttachment
+ DependsOn:
+ - CustomPolicy
+ - ResourceManagerResourceGroup
+ - RamUser
+ Properties:
+ PolicyType: Custom
+ ResourceGroupId:
+ Ref: ResourceManagerResourceGroup
+ PolicyName:
+ Ref: CustomPolicy
+ PrincipalName:
+ Fn::Join:
+ - ''
+ - - Ref: RamUser
+ - '@'
+ - Fn::GetAtt:
+ - ResourceManagerResourceGroup
+ - AccountId
+ - .onaliyun.com
+ PrincipalType: IMSUser
+ FcService:
+ Type: ALIYUN::FC::Service
+ Properties:
+ InternetAccess: true
+ ServiceName:
+ Fn::Join:
+ - '-'
+ - - IoT_Service
+ - Ref: ALIYUN::StackId
+ Function:
+ Type: ALIYUN::FC::Function
+ Properties:
+ ServiceName:
+ Fn::GetAtt:
+ - FcService
+ - ServiceName
+ FunctionName: pushData2DingTalk
+ Handler: index.handler
+ Runtime: nodejs14
+ Code:
+ SourceCode:
+ 'Fn::Sub': >-
+ const https = require("https");
+ const accessToken = "${AccessToken}";
+ module.exports.handler = function (event, context, callback) {
+ var eventJson = JSON.parse(event.toString());
+ //钉钉消息格式
+ const postData = JSON.stringify({
+ msgtype: "markdown",
+ markdown: {
+ title: "温湿度传感器",
+ text:
+ "#### 温湿度传感器上报\n" +
+ "> 设备位置:" +
+ eventJson.tag +
+ "\n\n" +
+ "> 设备编号:" +
+ eventJson.isn +
+ "\n\n" +
+ "> 实时温度:" +
+ eventJson.temperature +
+ "℃\n\n" +
+ "> 相对湿度:" +
+ eventJson.humidity +
+ "%\n\n" +
+ "> ###### " +
+ eventJson.time +
+ " 发布 by [物联网平台](https://www.aliyun.com/product/iot) \n",
+ },
+ at: {
+ isAtAll: false,
+ },
+ });
+ const options = {
+ hostname: "oapi.dingtalk.com",
+ port: 443,
+ path: "/robot/send?access_token=" + accessToken,
+ method: "POST",
+ headers: {
+ "Content-Type": "application/json",
+ "Content-Length": Buffer.byteLength(postData),
+ },
+ };
+ const req = https.request(options, (res) => {
+ res.setEncoding("utf8");
+ res.on("data", (chunk) => {});
+ res.on("end", () => {
+ callback(null, "success");
+ });
+ });
+ // 异常返回
+ req.on("error", (e) => {
+ callback(e);
+ });
+ // 写入数据
+ req.write(postData);
+ req.end();
+ };
+Outputs:
+ FcService:
+ Description:
+ en: Fc Service.
+ zh-cn: FC 服务。
+ Value:
+ Fn::GetAtt:
+ - FcService
+ - ServiceName
+ RamUser:
+ Description:
+ en: Ram User
+ zh-cn: RAM用户名称。
+ Value:
+ Fn::GetAtt:
+ - RamUser
+ - UserName
+ ResourceManagerResourceGroup:
+ Description:
+ en: Resource Manager Resource Group Display Name
+ zh-cn: 资源组显示名称。
+ Value:
+ Fn::GetAtt:
+ - ResourceManagerResourceGroup
+ - DisplayName
+ InstanceGroup:
+ Description:
+ en: ECS Instance ID.
+ zh-cn: 实例ID。
+ Value:
+ Fn::GetAtt:
+ - InstanceGroup
+ - InstanceIds
+Metadata:
+ ALIYUN::ROS::Interface:
+ ParameterGroups:
+ - Parameters:
+ - ZoneId
+ - InstanceType
+ - SystemDiskCategory
+ - InstancePassword
+ Label:
+ en: ECS Configuration
+ zh-cn: ECS配置
+ - Parameters:
+ - DeviceName
+ - ProductKey
+ - DeviceSecret
+ - Host
+ Label:
+ en: IOT Configuration
+ zh-cn: IOT配置
+ - Parameters:
+ - AccessToken
+ Label:
+ en: Webhook
+ zh-cn: Webhook
+ TemplateTags:
+ - acs:technical-solution:iot:物联网平台设备数据上云-tech_solu_59
+ Hidden:
+ - CommonName
diff --git a/documents/solution/resource-directory/multiple-accounts-support-configuration-auditing.yml b/documents/solution/resource-directory/multiple-accounts-support-configuration-auditing.yml
index bd460b53..97452c9f 100644
--- a/documents/solution/resource-directory/multiple-accounts-support-configuration-auditing.yml
+++ b/documents/solution/resource-directory/multiple-accounts-support-configuration-auditing.yml
@@ -106,5 +106,4 @@ Metadata:
zh-cn: 资源目录配置
en: ResourceDirectory Configuration
TemplateTags:
- - acs:technical-solution:resource-directory:多账号配置统一合规审计
-
+ - acs:technical-solution:resource-directory:多账号配置统一合规审计-tech_solu_68
diff --git a/integrate/ecs/publish-community-image.yml b/integrate/ecs/publish-community-image.yml
new file mode 100644
index 00000000..64a7f62a
--- /dev/null
+++ b/integrate/ecs/publish-community-image.yml
@@ -0,0 +1,91 @@
+ROSTemplateFormatVersion: '2015-09-01'
+Description:
+ zh-cn: 多地域发布社区镜像
+ en: Publishing community mirrors in multiple regions
+Parameters:
+ ImageId:
+ Type: String
+ AssociationProperty: 'ALIYUN::ECS::Image::ImageId'
+ AssociationPropertyMetadata:
+ SupportedImageOwnerAlias:
+ - self
+ Description:
+ zh-cn: 仅通过认证的企业客户可以通过提交工单申请使用社区镜像发布功能。
+ en: >-
+ Only certified enterprise customers can use the community image
+ publishing function by submitting a work order application.
+ Label:
+ zh-cn: 待发布为社区镜像的镜像ID
+ en: Image ID to be published as a community image
+ DestinationRegionIds:
+ Type: CommaDelimitedList
+ AssociationProperty: 'ALIYUN::ECS::RegionId'
+ Label:
+ zh-cn: 社区镜像的目标地域
+ en: Target region for community mirroring
+ Description:
+ zh-cn: 社区镜像的目标地域。
+ en: Target region for community mirroring.
+Resources:
+ ImageData:
+ Type: 'DATASOURCE::ECS::Images'
+ Properties:
+ ImageId:
+ Ref: ImageId
+ CopyImage:
+ Type: 'ALIYUN::ECS::CopyImage'
+ DeletionPolicy: Retain
+ Count:
+ 'Fn::Length':
+ Ref: DestinationRegionIds
+ Properties:
+ ImageId:
+ Ref: ImageId
+ DestinationRegionId:
+ 'Fn::Select':
+ - Ref: 'ALIYUN::Index'
+ - Ref: DestinationRegionIds
+ AllowCopyInSameRegion: true
+ DestinationDescription:
+ 'Fn::Jq':
+ - First
+ - '.[0].Description'
+ - 'Fn::GetAtt':
+ - ImageData
+ - Images
+ DestinationImageName:
+ 'Fn::Jq':
+ - First
+ - '.[0].ImageName'
+ - 'Fn::GetAtt':
+ - ImageData
+ - Images
+ PublishCommunityImage:
+ Type: 'ALIYUN::ECS::ImageSharePermission'
+ Count:
+ 'Fn::Length':
+ Ref: DestinationRegionIds
+ Properties:
+ RegionId:
+ 'Fn::Select':
+ - Ref: 'ALIYUN::Index'
+ - Ref: DestinationRegionIds
+ KeepPermission: true
+ IsPublic: true
+ ImageId:
+ 'Fn::Select':
+ - Ref: 'ALIYUN::Index'
+ - 'Fn::GetAtt':
+ - CopyImage
+ - ImageId
+Outputs:
+ CopyImageIds:
+ Value:
+ 'Fn::GetAtt':
+ - CopyImage
+ - ImageId
+ Description: The destination image ids.
+Metadata:
+ 'ALIYUN::ROS::Interface':
+ TemplateTags:
+ - 'acs:integrate:ecs:publish-community-image'
diff --git a/solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml b/solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yml
similarity index 100%
rename from solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml
rename to solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yml