Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OpsJAWS#4 CloudWatch Events Hands-on

Tmorinaga
March 01, 2016
Technology
3
1.8k

OpsJAWS#4 CloudWatch Events Hands-on

OpsJAWS#4 20160301

Tmorinaga

March 01, 2016
Tweet

More Decks by Tmorinaga

See All by Tmorinaga
OpsJAWS#13 IAMベストプラクティス
tmorinaga
1
3.8k
Developers.IO 2017 E3
tmorinaga
0
1.3k
JAWS DAYS 2017 Security-JAWS発表資料
tmorinaga
2
4.7k
AWS WAFのログが3時間しか見れないのでなんとかしてみる
tmorinaga
3
4.2k
re:Growth 2016 in Tokyo
tmorinaga
0
2.2k
Developers.IO 2016 in Fukuoka
tmorinaga
1
810
【エンジニア編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
tmorinaga
1
4.3k
【ビジネス編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
tmorinaga
1
2.3k

Other Decks in Technology

See All in Technology
今日からはじめるプラットフォームエンジニアリング
jacopen
8
1.7k
Making a MIDI controller device with PicoRuby/R2P2 (RubyKaigi 2025 LT)
risgk
1
350
日経電子版 for Android の技術的課題と取り組み(令和最新版)/android-20250423
nikkei_engineer_recruiting
1
520
バクラクの認証基盤の成長と現在地 / bakuraku-authn-platform
convto
4
790
Dataverseの検索列について
miyakemito
1
140
AIでめっちゃ便利になったけど、結局みんなで学ぶよねっていう話
kakehashi
PRO
1
450
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
5.4k
30代からでも遅くない! 内製開発の世界に飛び込み、最前線で戦うLLMアプリ開発エンジニアになろう
minorun365
PRO
15
4.7k
エンジニアリングで組織のアウトカムを最速で最大化する!
ham0215
1
250
白金鉱業Meetup_Vol.18_AIエージェント時代のUI/UX設計
brainpadpr
1
240
Aspire をカスタマイズしよう & Aspire 9.2
nenonaninu
0
250
コスト最適重視でAurora PostgreSQLのログ分析基盤を作ってみた #jawsug_tokyo
non97
1
790

Featured

See All Featured
Being A Developer After 40
akosma
91
590k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
119
51k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
2.9k
Visualization
eitanlees
146
16k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.3k
Done Done
chrislema
184
16k
It's Worth the Effort
3n
184
28k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.6k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
31
1.1k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
34
2.2k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
What's in a price? How to price your products and services
michaelherold
245
12k

Transcript

  1. OpsJAWS#4 CloudWatchEvents Hands-on Ϋϥεϝιουגࣜձࣾ ιϦϡʔγϣϯΞʔΩςΫτ ৿Ӭେࢤ

  2. ࣗݾ঺հ

  3. Morinaga Taishi(@morimoritaitai) AWS Solution Archetect ✦ झຯ : ήʔϜ(શൠ) /

    ञ / Χϝϥ ✦ ڵຯ : DevOps / Security ✦ ޷͖ͳαʔϏε:Config/CloudTrail/IAM AWS Certified Solutions Architect - Professional Developer -Associate SysOps Administorator - Associate

  4. ձࣾ঺հ

  5. Classmethod,Inc.

  6. Classmethod,Inc. AWSίϯαϧɾઃܭɾߏஙͱ ϞόΠϧ։ൃ͕ϝΠϯ

  7. ੈքதʹΦϑΟε جຊతʹਓ͕͍Δͱ͜ΖʹΦϑΟε͕ग़དྷ·͢

  8. Developers.IO

  9. Developers.IO 5500ຊͷٕज़هࣄ 2300ຊͷAWSهࣄ ݄ؒ100ສPV

  10. ϋϯζΦϯͷࢿྉ͸ͪ͜Β https://speakerdeck.com/tmorinaga https://gist.github.com/Tmorinaga

  11. Agenda • CloudWatchEventsͱ͸ • ϋϯζΦϯͷ४උ • Built-in targetΛࢼͯ͠ΈΔ • Lambda

    functionΛࢼͯ͠ΈΔ • ͓ย͚ͮ

  12. CloudWatch Eventsͱ͸

  13. CloudWatchEventsͱ͸ • ΠϕϯτʢϦιʔεͷঢ়ଶมԽͳͲʣΛݕ஌ ͠ɺΠϕϯτυϦϒϯͰΞΫγϣϯΛ࣮ߦ͢ ΔࣄͷͰ͖ΔαʔϏε • ౦ژϦʔδϣϯͰ࢖͑·͢ʂʂʂ

  14. ΠϕϯτυϦϒϯͬͯLambda ͱ͸Ͳ͏ҧ͏ͷʁ • CWE͸Lambdaͷ৽͍͠Πϕϯτιʔε • LambdaҎ֎ͷ࿈ܞʢSNSɺKinesisʣ΍Built- inͷ࢓૊Έ΋༻ҙ͞Ε͍ͯΔ

  15. CloudWatchEventsͷߏ੒ཁૉ • Πϕϯτιʔε • λʔήοτ • ϧʔϧ

  16. Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷୹̑෼ִؒʣ

    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ

  17. Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷୹̑෼ִؒʣ

    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ

  18. CloudWatchEvents͕ API CallΛΠϕϯτιʔεʹ΋ͭ

  19. Lambda͕ CWEΛΠϕϯτιʔεʹ΋ͭ

  20. ΄΅͢΂ͯͷAPI CallΛ ؆୯ʹLambda࿈ܞͰ͖Δʂ

  21. λʔήοτ • ࣮ߦ͢ΔΞΫγϣϯ • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • Lambda Function • SNS

    Topic • Kinesis Stream • Built-in Targetʢsnapshot࡞੒ͳͲͷػೳʣ

  22. ϧʔϧ • Πϕϯτιʔεͱλʔήοτͷ૊Έ߹Θͤ • ͲΜͳϦιʔε͕Ͳ͏ͳͬͨΒʢΠϕϯτιʔ εʣɺͲ͏͢Δ͔ʢλʔήοτʣ

  23. ϋϯζΦϯͷ४උ

  24. ҎԼͷࣄΛ֬ೝͯ͠Լ͍͞ • IAMͷPolicyઃఆ • ࠓճ͸ AdminݖݶͰ΍Γ·͢ʢIAM͍͡ΔͨΊʣ • STSʢSecurity Token ServiceʣͷEndpoint

    • IAM→Account Settings→Security Token Service RegionsͰઃఆ • σϑΥϧτ͸ON • Stoppedঢ়ଶͷΠϯελϯεΛͻͱͭ

  25. CWEʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action":

    "events:*", "Resource": "*" }, { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "*" } ] }

  26. Ϧʔδϣϯͷ ΤϯυϙΠϯτ༗ޮԽ

  27. Πϯελϯεͷ४උ t2.nanoͰ΋ͳΜͰ΋͍͍Ͱ͢

  28. Built-in TargetΛ ࢼͯ͠ΈΔ

  29. ࢼͯ͠ΈΔ͜ͱ • InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • ҙຯ͸ಛʹແ͍Ͱ͕͢ɺಈ͖Λݟͯ௖͚Ε͹

  30. Ruleͷ࡞੒ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

  31. Πϕϯτιʔεͷબ୒

  32. EC2Πϯελϯεͷঢ়ଶΛબ୒

  33. λʔήοτͷ௥Ճ

  34. Built-in targetΛબ୒

  35. ΞΫγϣϯͷબ୒

  36. Πϯελϯεͷબ୒ ͜Ε * ͰࢦఆͰ͖ΔΑ͏ʹͳΓ·ͤΜ͔Ͷ…ʁ

  37. ϧʔϧͷ໊લΛೖྗ

  38. IAM RoleΛ࡞੒ طʹ࡞੒͞Ε͍ͯΔํ͸ͦͪΒΛબ୒

  39. IAM Roleͷ࡞੒ ಛʹઃఆ͸ཁΒͳ͍ͷͰڐՄ

  40. built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",

    "Action": [ "ec2:Describe*", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot" ], "Resource": "*" } ] }

  41. ϧʔϧ࡞੒׬ྃ

  42. ಈ࡞֬ೝ

  43. ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ

  44. ࣍ͷϋϯζΦϯͷͨΊʹ… ࢒͍ͯ͠Δͱ͕࣍͏·͍͖͘·ͤΜ

  45. Lambda FunctionΛ ࢼͯ͠ΈΔ

  46. ࢼͯ͠ΈΔ͜ͱ • ࢦఆ͞ΕͨλάʮCostʯ͕͍͍ͭͯͳ͍ InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • λάͷ͚ͭ๨Εͬͯଟ͍Ͱ͢ΑͶ…

  47. Lambda Function࡞੒

  48. blueprint͸࢖Θͳ͍ͷͰSkip

  49. ໊લͱ࢖༻ݴޠΛࢦఆ

  50. ίʔυΛίϐϖ https://gist.github.com/Tmorinaga/5b1df9e90e20fe173685

  51. ίʔυʹ͍ͭͯ • ΤϥʔϋϯυϦϯάͳͲ͍ͯ͠·ͤΜͷͰɺ ຊ൪ར༻ͳͲ͢Δ৔߹͸࡞Γ͜ΜͰԼ͍͞ɻ • ͍͍΋ͷ͕Ͱ͖ͨΒڭ͑ͯԼ͍͞m(_ _)m

  52. Lambda༻IAM Role࡞੒

  53. Policyඍௐ੔

  54. Policyඍௐ੔

  55. built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",

    "Action": [ . . . ], "Resource": "arn:aws:logs:*:*:*" }, { "Effect": "Allow", "Action": [ "ec2:StopInstances", "ec2:DescribeInstances" ], "Resource": "*" } ] } ←͜ͷ෦෼Λ௥Ճ https://gist.github.com/Tmorinaga/678cd280c1702c9c5233

  56. Advanced settings͸ͦͷ··

  57. Review

  58. Ruleͷ࡞੒ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

  59. Πϕϯτιʔεͷબ୒

  60. EC2Πϯελϯεͷঢ়ଶΛબ୒

  61. λʔήοτͷ௥Ճ

  62. Lambda functionΛબ୒

  63. Lambda functionΛબ୒

  64. ϧʔϧͷ໊લΛೖྗ

  65. ϧʔϧ࡞੒׬ྃ

  66. λά෇͚ͳ͠ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ

  67. λάʮCostʯΛ௥Ճ

  68. λά෇͚͋Γಈ࡞֬ೝ ↓ runningʹͪΌΜͱͳΔʂ

  69. ͓ย͚ͮ

  70. ϧʔϧΛ࡟আ ফ͓͔ͯ͠ͳ͍ͱΠϯελϯε͕ ىಈͰ͖ͳ͍ݱ৅͕͓͖·͢ɻ

  71. Lambda functionΛ࡟আ ফ͞ͳͯ͘΋ѱ͞͸͠·ͤΜͷͰɺ ࢒͍ͯͯ͠΋ߏ͍·ͤΜ

  72. Πϯελϯεͷఀࢭ or ࡟আ

  73. ·ͱΊ

  74. ·ͱΊ • CloudWatch Events͸AWSϦιʔεͷঢ়ଶม ԽʹϦΞϧλΠϜʹରԠͰ͖Δ • pendingͰࢭΊΕ͹՝ۚͳ͠ʂ • ݁ہLambda͸ඞཁͳͷͰ֮͑·͠ΐ͏ •

    ؤுΓ·͢

  75. OpsJAWS͝঺հ • AWSӡ༻؅ཧͷϊ΢ϋ΢Λ޿͘ൃ৴ • Partner SAϒϩάʹӡ༻TipsهࣄΛܝࡌத ؂ࢹɺϩάӡ༻ɺίετ؅ཧɺδϣϒӡ༻ɺߏ੒؅ཧɺΠϕϯτ௨஌etc . . .

    http://aws.typepad.com/aws_partner_sa/2015/06/aws-ops.html ɹɹɹɹɹɹɹɹɹɹɹɹ·ͨ͸ɺɹɹɹɹɹɹɹɹɹ ɹɹɹͰݕࡧ • Doorkeeper(OpsJAWS)

  76. ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ

  77. None