Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
OpsJAWS#4 CloudWatch Events Hands-on
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Tmorinaga
March 01, 2016
Technology
3
1.8k
OpsJAWS#4 CloudWatch Events Hands-on
OpsJAWS#4 20160301
Tmorinaga
March 01, 2016
Tweet
Share
More Decks by Tmorinaga
See All by Tmorinaga
OpsJAWS#13 IAMベストプラクティス
tmorinaga
1
4k
Developers.IO 2017 E3
tmorinaga
0
1.3k
JAWS DAYS 2017 Security-JAWS発表資料
tmorinaga
2
4.9k
AWS WAFのログが3時間しか見れないのでなんとかしてみる
tmorinaga
3
4.3k
re:Growth 2016 in Tokyo
tmorinaga
0
2.3k
Developers.IO 2016 in Fukuoka
tmorinaga
1
890
【エンジニア編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
tmorinaga
1
4.5k
【ビジネス編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
tmorinaga
1
2.4k
Other Decks in Technology
See All in Technology
OpenClawで回す組織運営
jacopen
3
630
EMからICへ、二周目人材としてAI全振りのプロダクト開発で見つけた武器
yug1224
5
480
[AEON TECH HUB #24] お客様の長期的興味の理解に向けて
alpicola
0
110
自動テストが巻き起こした開発プロセス・チームの変化 / Impact of Automated Testing on Development Cycles and Team Dynamics
codmoninc
3
1.2k
Claude Codeの進化と各機能の活かし方
oikon48
19
8.9k
Ultra Ethernet (UEC) v1.0 仕様概説
markunet
3
230
Dr. Werner Vogelsの14年のキーノートから紐解くエンジニアリング組織への処方箋@JAWS DAYS 2026
p0n
1
110
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
14k
DevOpsエージェントで実現する!! AWS Well-Architected(W-A) を実現するシステム設計 / 20260307 Masaki Okuda
shift_evolve
PRO
3
260
メタデータ同期に潜んでいた問題 〜 Cache Stampede 時の Cycle Wait を⾒つけた話
lycorptech_jp
PRO
0
150
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
4
22k
LINE Messengerの次世代ストレージ選定
lycorptech_jp
PRO
19
7.5k
Featured
See All Featured
The B2B funnel & how to create a winning content strategy
katarinadahlin
PRO
1
290
Navigating Weather and Climate Data
rabernat
0
130
Statistics for Hackers
jakevdp
799
230k
What Being in a Rock Band Can Teach Us About Real World SEO
427marketing
0
190
Automating Front-end Workflow
addyosmani
1370
200k
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
170
We Are The Robots
honzajavorek
0
190
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.4k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
1
68
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
Technical Leadership for Architectural Decision Making
baasie
3
280
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
9.8k
Transcript
OpsJAWS#4 CloudWatchEvents Hands-on Ϋϥεϝιουגࣜձࣾ ιϦϡʔγϣϯΞʔΩςΫτ Ӭେࢤ
ࣗݾհ
Morinaga Taishi(@morimoritaitai) AWS Solution Archetect ✦ झຯ : ήʔϜ(શൠ) /
ञ / Χϝϥ ✦ ڵຯ : DevOps / Security ✦ ͖ͳαʔϏε:Config/CloudTrail/IAM AWS Certified Solutions Architect - Professional Developer -Associate SysOps Administorator - Associate
ձࣾհ
Classmethod,Inc.
Classmethod,Inc. AWSίϯαϧɾઃܭɾߏஙͱ ϞόΠϧ։ൃ͕ϝΠϯ
ੈքதʹΦϑΟε جຊతʹਓ͕͍Δͱ͜ΖʹΦϑΟε͕ग़དྷ·͢
Developers.IO
Developers.IO 5500ຊͷٕज़هࣄ 2300ຊͷAWSهࣄ ݄ؒ100ສPV
ϋϯζΦϯͷࢿྉͪ͜Β https://speakerdeck.com/tmorinaga https://gist.github.com/Tmorinaga
Agenda • CloudWatchEventsͱ • ϋϯζΦϯͷ४උ • Built-in targetΛࢼͯ͠ΈΔ • Lambda
functionΛࢼͯ͠ΈΔ • ͓ย͚ͮ
CloudWatch Eventsͱ
CloudWatchEventsͱ • ΠϕϯτʢϦιʔεͷঢ়ଶมԽͳͲʣΛݕ ͠ɺΠϕϯτυϦϒϯͰΞΫγϣϯΛ࣮ߦ͢ ΔࣄͷͰ͖ΔαʔϏε • ౦ژϦʔδϣϯͰ͑·͢ʂʂʂ
ΠϕϯτυϦϒϯͬͯLambda ͱͲ͏ҧ͏ͷʁ • CWELambdaͷ৽͍͠Πϕϯτιʔε • LambdaҎ֎ͷ࿈ܞʢSNSɺKinesisʣBuilt- inͷΈ༻ҙ͞Ε͍ͯΔ
CloudWatchEventsͷߏཁૉ • Πϕϯτιʔε • λʔήοτ • ϧʔϧ
Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔελΠϛϯά • ݱࡏબͰ͖ΔͷҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷ִ̑ؒʣ
• API CallʢCloudTrailͰर͑Δͷ͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ
Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔελΠϛϯά • ݱࡏબͰ͖ΔͷҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷ִ̑ؒʣ
• API CallʢCloudTrailͰर͑Δͷ͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ
CloudWatchEvents͕ API CallΛΠϕϯτιʔεʹͭ
Lambda͕ CWEΛΠϕϯτιʔεʹͭ
΄΅ͯ͢ͷAPI CallΛ ؆୯ʹLambda࿈ܞͰ͖Δʂ
λʔήοτ • ࣮ߦ͢ΔΞΫγϣϯ • ݱࡏબͰ͖ΔͷҎԼ • Lambda Function • SNS
Topic • Kinesis Stream • Built-in Targetʢsnapshot࡞ͳͲͷػೳʣ
ϧʔϧ • ΠϕϯτιʔεͱλʔήοτͷΈ߹Θͤ • ͲΜͳϦιʔε͕Ͳ͏ͳͬͨΒʢΠϕϯτιʔ εʣɺͲ͏͢Δ͔ʢλʔήοτʣ
ϋϯζΦϯͷ४උ
ҎԼͷࣄΛ֬ೝͯ͠Լ͍͞ • IAMͷPolicyઃఆ • ࠓճ AdminݖݶͰΓ·͢ʢIAM͍͡ΔͨΊʣ • STSʢSecurity Token ServiceʣͷEndpoint
• IAM→Account Settings→Security Token Service RegionsͰઃఆ • σϑΥϧτON • Stoppedঢ়ଶͷΠϯελϯεΛͻͱͭ
CWEʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action":
"events:*", "Resource": "*" }, { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "*" } ] }
Ϧʔδϣϯͷ ΤϯυϙΠϯτ༗ޮԽ
Πϯελϯεͷ४උ t2.nanoͰͳΜͰ͍͍Ͱ͢
Built-in TargetΛ ࢼͯ͠ΈΔ
ࢼͯ͠ΈΔ͜ͱ • InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • ҙຯಛʹແ͍Ͱ͕͢ɺಈ͖Λݟ͚ͯΕ
Ruleͷ࡞ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:
Πϕϯτιʔεͷબ
EC2Πϯελϯεͷঢ়ଶΛબ
λʔήοτͷՃ
Built-in targetΛબ
ΞΫγϣϯͷબ
Πϯελϯεͷબ ͜Ε * ͰࢦఆͰ͖ΔΑ͏ʹͳΓ·ͤΜ͔Ͷ…ʁ
ϧʔϧͷ໊લΛೖྗ
IAM RoleΛ࡞ طʹ࡞͞Ε͍ͯΔํͦͪΒΛબ
IAM Roleͷ࡞ ಛʹઃఆཁΒͳ͍ͷͰڐՄ
built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",
"Action": [ "ec2:Describe*", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot" ], "Resource": "*" } ] }
ϧʔϧ࡞ྃ
ಈ࡞֬ೝ
ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ
࣍ͷϋϯζΦϯͷͨΊʹ… ͍ͯ͠Δͱ͕࣍͏·͍͖͘·ͤΜ
Lambda FunctionΛ ࢼͯ͠ΈΔ
ࢼͯ͠ΈΔ͜ͱ • ࢦఆ͞ΕͨλάʮCostʯ͕͍͍ͭͯͳ͍ InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • λάͷ͚ͭΕͬͯଟ͍Ͱ͢ΑͶ…
Lambda Function࡞
blueprintΘͳ͍ͷͰSkip
໊લͱ༻ݴޠΛࢦఆ
ίʔυΛίϐϖ https://gist.github.com/Tmorinaga/5b1df9e90e20fe173685
ίʔυʹ͍ͭͯ • ΤϥʔϋϯυϦϯάͳͲ͍ͯ͠·ͤΜͷͰɺ ຊ൪ར༻ͳͲ͢Δ߹࡞Γ͜ΜͰԼ͍͞ɻ • ͍͍ͷ͕Ͱ͖ͨΒڭ͑ͯԼ͍͞m(_ _)m
Lambda༻IAM Role࡞
Policyඍௐ
Policyඍௐ
built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",
"Action": [ . . . ], "Resource": "arn:aws:logs:*:*:*" }, { "Effect": "Allow", "Action": [ "ec2:StopInstances", "ec2:DescribeInstances" ], "Resource": "*" } ] } ←͜ͷ෦ΛՃ https://gist.github.com/Tmorinaga/678cd280c1702c9c5233
Advanced settingsͦͷ··
Review
Ruleͷ࡞ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:
Πϕϯτιʔεͷબ
EC2Πϯελϯεͷঢ়ଶΛબ
λʔήοτͷՃ
Lambda functionΛબ
Lambda functionΛબ
ϧʔϧͷ໊લΛೖྗ
ϧʔϧ࡞ྃ
λά͚ͳ͠ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ
λάʮCostʯΛՃ
λά͚͋Γಈ࡞֬ೝ ↓ runningʹͪΌΜͱͳΔʂ
͓ย͚ͮ
ϧʔϧΛআ ফ͓͔ͯ͠ͳ͍ͱΠϯελϯε͕ ىಈͰ͖ͳ͍ݱ͕͓͖·͢ɻ
Lambda functionΛআ ফ͞ͳͯ͘ѱ͞͠·ͤΜͷͰɺ ͍ͯͯ͠ߏ͍·ͤΜ
Πϯελϯεͷఀࢭ or আ
·ͱΊ
·ͱΊ • CloudWatch EventsAWSϦιʔεͷঢ়ଶม ԽʹϦΞϧλΠϜʹରԠͰ͖Δ • pendingͰࢭΊΕ՝ۚͳ͠ʂ • ݁ہLambdaඞཁͳͷͰ֮͑·͠ΐ͏ •
ؤுΓ·͢
OpsJAWS͝հ • AWSӡ༻ཧͷϊϋΛ͘ൃ৴ • Partner SAϒϩάʹӡ༻TipsهࣄΛܝࡌத ࢹɺϩάӡ༻ɺίετཧɺδϣϒӡ༻ɺߏཧɺΠϕϯτ௨etc . . .
http://aws.typepad.com/aws_partner_sa/2015/06/aws-ops.html ɹɹɹɹɹɹɹɹɹɹɹɹ·ͨɺɹɹɹɹɹɹɹɹɹ ɹɹɹͰݕࡧ • Doorkeeper(OpsJAWS)
͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ
None
tmorinaga
jacopen
yug1224
alpicola
codmoninc
oikon48
markunet
p0n
sansan33
shift_evolve
lycorptech_jp
katarinadahlin
rabernat
jakevdp
427marketing
addyosmani
dugsong
honzajavorek
marcduiker
akademiya2063
smashingmag
baasie
aleyda
