使用命令行工具创建更改模板 - Amazon Web Services Systems Manager
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

使用命令行工具创建更改模板

以下过程介绍了如何使用Amazon命令行界面 (AmazonCLI)(在 Linux 上,macOS或窗口)或AmazonWindows PowerShell 在更改管理器中创建更改请求的工具,Amazon Web Services Systems Manager。

创建更改模板

  1. 安装和配置AmazonCLI 或AmazonTools for PowerShell,如果您还没有。

    想要了解有关信息,请参阅安装或升级Amazon命令行工具

  2. 在本地计算机上使用之类的名称创建一个 JSON 文件。MyChangeTemplate.json,然后将更改模板的内容粘贴到此模板中。

    注意

    更改模板使用的架构 0.3 版本不包括与自动化运行手册相同的所有支持。

    以下是示例。

    注意

    此示例演示了两个级别的批准。您最多可以指定五个级别的批准,但只需要一个级别。

    { "description": "This change template demonstrates the feature set available for creating change templates for Change Manager. This template starts a Runbook workflow for the Automation runbook called AWS-HelloWorld", "templateInformation": "### Document Name: HelloWorldChangeTemplate\n\n ## What does this document do?\n This change template demonstrates the feature set available for creating change templates for Change Manager. This template starts a Runbook workflow for the Automation runbook called AWS-HelloWorld.\n\n ## Input Parameters\n* ApproverSnsTopicArn: (Required) Amazon Simple Notification Service ARN for approvers.\n * Approver: (Required) The name of the approver to send this request to.\n * ApproverType: (Required) The type of reviewer. * Allowed Values: IamUser, IamGroup, IamRole, SSOGroup, SSOUser\n\n ## Output Parameters\nThis document has no outputs\n", "schemaVersion": "0.3", "parameters": { "ApproverSnsTopicArn": { "type": "String", "description": "Amazon Simple Notification Service ARN for approvers." }, "Approver": { "type": "String", "description": "IAM approver" }, "ApproverType": { "type": "String", "description": "Approver types for the request. Allowed values include IamUser, IamGroup, IamRole, SSOGroup, and SSOUser." } }, "executableRunBooks": [ { "name": "AWS-HelloWorld", "version": "1" } ], "emergencyChange": false, "mainSteps": [ { "name": "ApproveAction1", "action": "aws:approve", "timeoutSeconds": 3600, "inputs": { "Message": "A sample change request has been submitted for your review in Change Manager. You can approve or reject this request.", "EnhancedApprovals": { "NotificationArn": "{{ ApproverSnsTopicArn }}", "Approvers": [ { "approver": "{{ Approver }}", "type": "{{ ApproverType }}", "minRequiredApprovals": 1 } ] } } }, { "name": "ApproveAction2", "action": "aws:approve", "timeoutSeconds": 3600, "inputs": { "Message": "A sample change request has been submitted for your review in Change Manager. You can approve or reject this request.", "EnhancedApprovals": { "NotificationArn": "{{ ApproverSnsTopicArn }}", "Approvers": [ { "approver": "{{ Approver }}", "type": "{{ ApproverType }}", "minRequiredApprovals": 1 } ] } } } ] }
  3. 运行以下命令,创建更改模板。

    Linux & macOS
    aws ssm create-document \ --name MyChangeTemplate \ --document-format JSON \ --document-type Automation.ChangeTemplate \ --content file://MyChangeTemplate.json --tags Key=tag-key,Value=tag-value
    Windows
    aws ssm create-document ^ --name MyChangeTemplate ^ --document-format JSON ^ --document-type Automation.ChangeTemplate ^ --content file://MyChangeTemplate.json Key=tag-key,Value=tag-value
    PowerShell
    $json = Get-Content -Path "C:\path\to\file\MyChangeTemplate.json" | Out-String New-SSMDocument ` -Content $json ` -Name "MyChangeTemplate" ` -DocumentType "Automation.ChangeTemplate" ` -Tags "Key=tag-key,Value=tag-value"

    有关可以指定的其他选项的信息,请参阅创建文档

    系统将返回类似于FOLLO。

    {
       "DocumentDescription":{
          "CreatedDate":1.585061751738E9,
          "DefaultVersion":"1",
          "Description":"Use this template to update an EC2 Linux AMI. Requires one
          approver specified in the template and an approver specified in the request.",
          "DocumentFormat":"JSON",
          "DocumentType":"Automation",
          "DocumentVersion":"1",
          "Hash":"0d3d879b3ca072e03c12638d0255ebd004d2c65bd318f8354fcde820dEXAMPLE",
          "HashType":"Sha256",
          "LatestVersion":"1",
          "Name":"MyChangeTemplate",
          "Owner":"123456789012",
          "Parameters":[
             {
                "DefaultValue":"",
                "Description":"Level one approvers",
                "Name":"LevelOneApprovers",
                "Type":"String"
             },
             {
                "DefaultValue":"",
                "Description":"Level one approver type",
                "Name":"LevelOneApproverType",
                "Type":"String"
             },
       "cloudWatchMonitors": {
          "monitors": [
             "my-cloudwatch-alarm"
          ]
       }
          ],
          "PlatformTypes":[
             "Windows",
             "Linux"
          ],
          "SchemaVersion":"0.3",
          "Status":"Creating",
          "Tags":[
    
          ]
       }
    }

您的组织或帐户中被指定为模板审阅者的用户在设置选项卡将通知新的更改模板正在等待其审阅。

如果已为更改模板指定 Amazon Simple Notification Service (Amazon SNS) 主题,则在更改模板被拒绝或批准时将通知发送。如果您没有收到与此更改模板相关的通知,您可以稍后返回到 “变更管理器” 以检查其状态。