使用編輯器建立變更範本 - AWS Systems Manager

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

使用編輯器建立變更範本

折傭本主題中的步驟,輸入 JSON 或 YAML 在 Change Manager (AWS Systems Manager 的功能) 中設定變更範本,而不是使用主控台控制。

若要使用編輯器建立變更範本

  1. 在導覽窗格中,選擇 Change Manager

    -或-

    如果 AWS Systems Manager 首頁先開啟,選擇選單圖示 ( The menu icon ) 以開啟導覽窗格,然後選擇 Change Manager

  2. 選擇 Create template (建立範本)

  3. 對於 Name (名稱),輸入可輕鬆識別用途的範本名稱,例如 RestartEC2LinuxInstance

  4. Change template details (變更範本詳細資訊) 上方,選擇 Editor (編輯器)。

  5. Document editor (文件編輯器) 區段中,選擇 Edit (編輯),然後輸入變更範本的 JSON 或 YAML 內容。

    以下是範例。

    注意

    使用參數 minRequiredApprovals 來指定必須要有多少指定層級的審查者核准使用此範本建立的變更請求。

    此範例會示範兩個核准層級。您最多可以指定五個核准層級,但只需要一個層級。

    在第一級中,特定使用者 "John-Doe" 必須核准每個變更請求。接下來,IAM 角色 Admin 的任何三個成員必須核准變更請求。

    如需有關變更範本核准的詳細資訊,請參閱關於變更範本中的核准

    YAML
    description: >-
  This change template demonstrates the feature set available for creating
  change templates for Change Manager. This template starts a Runbook workflow
  for the Automation runbook called AWS-HelloWorld.
templateInformation: >
  ### Document Name: HelloWorldChangeTemplate

  ## What does this document do?

  This change template demonstrates the feature set available for creating
  change templates for Change Manager. This template starts a Runbook workflow
  for the Automation runbook called AWS-HelloWorld.

  ## Input Parameters

  * ApproverSnsTopicArn: (Required) Amazon Simple Notification Service ARN for
  approvers.

  * Approver: (Required) The name of the approver to send this request to.

  * ApproverType: (Required) The type of reviewer.
    * Allowed Values: IamUser, IamGroup, IamRole, SSOGroup, SSOUser

  ## Output Parameters

  This document has no outputs
schemaVersion: '0.3'
parameters:
  ApproverSnsTopicArn:
    type: String
    description: Amazon Simple Notification Service ARN for approvers.
  Approver:
    type: String
    description: IAM approver
  ApproverType:
    type: String
    description: >-
      Approver types for the request. Allowed values include IamUser, IamGroup,
      IamRole, SSOGroup, and SSOUser.
executableRunBooks:
  - name: AWS-HelloWorld
    version: '1'
emergencyChange: false
autoApprovable: false
mainSteps:
  - name: ApproveAction1
    action: 'aws:approve'
    timeoutSeconds: 3600
    inputs:
      Message: >-
        A sample change request has been submitted for your review in Change
        Manager. You can approve or reject this request.
      EnhancedApprovals:
        NotificationArn: '{{ ApproverSnsTopicArn }}'
        Approvers:
          - approver: John-Doe
            type: IamUser
            minRequiredApprovals: 1
  - name: ApproveAction2
    action: 'aws:approve'
    timeoutSeconds: 3600
    inputs:
      Message: >-
        A sample change request has been submitted for your review in Change
        Manager. You can approve or reject this request.
      EnhancedApprovals:
        NotificationArn: '{{ ApproverSnsTopicArn }}'
        Approvers:
          - approver: Admin
            type: IamRole
            minRequiredApprovals: 3
    JSON
    {
   "description": "This change template demonstrates the feature set available for creating
  change templates for Change Manager. This template starts a Runbook workflow
  for the Automation runbook called AWS-HelloWorld",
   "templateInformation": "### Document Name: HelloWorldChangeTemplate\n\n
    ## What does this document do?\n
    This change template demonstrates the feature set available for creating change templates for Change Manager. 
    This template starts a Runbook workflow for the Automation runbook called AWS-HelloWorld.\n\n
    ## Input Parameters\n* ApproverSnsTopicArn: (Required) Amazon Simple Notification Service ARN for approvers.\n
    * Approver: (Required) The name of the approver to send this request to.\n
    * ApproverType: (Required) The type of reviewer.  * Allowed Values: IamUser, IamGroup, IamRole, SSOGroup, SSOUser\n\n
    ## Output Parameters\nThis document has no outputs\n",
   "schemaVersion": "0.3",
   "parameters": {
      "ApproverSnsTopicArn": {
         "type": "String",
         "description": "Amazon Simple Notification Service ARN for approvers."
      },
      "Approver": {
         "type": "String",
         "description": "IAM approver"
      },
      "ApproverType": {
         "type": "String",
         "description": "Approver types for the request. Allowed values include IamUser, IamGroup, IamRole, SSOGroup, and SSOUser."
      }
   },
   "executableRunBooks": [
      {
         "name": "AWS-HelloWorld",
         "version": "1"
      }
   ],
   "emergencyChange": false,
   "autoApprovable": false,
   "mainSteps": [
      {
         "name": "ApproveAction1",
         "action": "aws:approve",
         "timeoutSeconds": 3600,
         "inputs": {
            "Message": "A sample change request has been submitted for your review in Change Manager. You can approve or reject this request.",
            "EnhancedApprovals": {
               "NotificationArn": "{{ ApproverSnsTopicArn }}",
               "Approvers": [
                  {
                     "approver": "John-Doe",
                     "type": "IamUser",
                     "minRequiredApprovals": 1
                  }
               ]
            }
         }
      },
        {
         "name": "ApproveAction2",
         "action": "aws:approve",
         "timeoutSeconds": 3600,
         "inputs": {
            "Message": "A sample change request has been submitted for your review in Change Manager. You can approve or reject this request.",
            "EnhancedApprovals": {
               "NotificationArn": "{{ ApproverSnsTopicArn }}",
               "Approvers": [
                  {
                     "approver": "Admin",
                     "type": "IamRole",
                     "minRequiredApprovals": 3                  
                  }
               ]
            }
         }
      }
   ]
}

  6. 選擇 Save and preview (儲存與預覽)。

  7. 檢閱您正在建立之變更範本的詳細資訊。

    如果您要在提交變更範本以供檢閱之前,對變更範本進行變更,請選擇 Actions, Edit (動作,編輯)。

    如果您對變更範本的內容感到滿意,請選擇 Submit for review (提交審核)。您組織或帳戶中已在 Change Manager 中的 Settings (設定) 標籤上指定為範本檢閱者的使用者會收到通知:新的變更範本正待其檢閱。

    如果已為變更範本指定 Amazon Simple Notification Service (Amazon SNS) 主題,則會在變更範本遭到拒絕或獲得核准時傳送通知。如果您沒有收到與此變更範本相關的通知,您可以稍後返回 Change Manager,以檢查其狀態。