Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM で MFA 有効でないユーザを awscli + Mackerel で監視する / Monitoring users who are not MFA enabled with AWS IAM with awscli + Mackerel
Search
do-su-0805
May 12, 2019
Programming
0
170
AWS IAM で MFA 有効でないユーザを awscli + Mackerel で監視する / Monitoring users who are not MFA enabled with AWS IAM with awscli + Mackerel
#kosen10s LT#14 で発表したネタです。AWS IAM に登録されたユーザで、多要素認証が有効でないユーザを調べて Mackerel で監視するまでです。
do-su-0805
May 12, 2019
Tweet
Share
More Decks by do-su-0805
See All by do-su-0805
元SREのCREが伝えたい、Mackerelをもっと活用するための実践Tips集 / Mackerel Drink Up #11 do-su-0805
dosu0805
0
140
iptables を使って、 2回に1回 ping が落ちる サーバを作る / Use iptables to create a server that pings once every two times
dosu0805
0
980
とある高専生の進路例/Example of a certain college student
dosu0805
1
1k
Webアプリケーション初心者が ISUCON 4 予選を通じてパフォーマンスの測定改善をした話 / newcomers of web application improvements in performance measurement through ISUCON 4 qualifying
dosu0805
0
1.2k
Other Decks in Programming
See All in Programming
RAGのretrievalの評価を “ranx”で行う / Evaluate retrival of RAG using "ranx"
kun432
1
190
esbuild 最適化芸人
exoego
2
970
AIで生成したものをAIでチェックしてる話
ippey
0
140
JS RPCを理解する
yusukebe
5
390
Adding Security to Microcontroller Ruby
sylph01
2
2k
Embedding it into Ruby code
soutaro
3
3.2k
Swift Attributes
hokuron
0
140
The Final Frontier of Web Development: React Server Components vs Jakarta EE
ivargrimstad
0
390
Compose UI for... a light switch? (KotlinConf 2024)
jakewharton
PRO
3
320
見えないものに着目すると上手くいく、モデリングの勘所 / invisible-driven-design
minodriven
18
3.7k
プログラミング&実行できるWEBアプリを手作り
ohmori_yusuke
3
210
勉強会4_アップデートされたAssistantsAPIを試す
milky04
0
1.7k
Featured
See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
155
14k
The Cost Of JavaScript in 2023
addyosmani
22
4k
What the flash - Photography Introduction
edds
64
11k
Scaling GitHub
holman
457
140k
For a Future-Friendly Web
brad_frost
172
9k
A Philosophy of Restraint
colly
197
16k
It's Worth the Effort
3n
180
27k
GraphQLの誤解/rethinking-graphql
sonatard
56
9.4k
Designing Experiences People Love
moore
136
23k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
21
2k
WebSockets: Embracing the real-time Web
robhawkes
59
7.1k
How To Stay Up To Date on Web Technology
chriscoyier
782
250k
Transcript
AWS IAM Ͱ MFA ༗ޮͰͳ͍ϢʔβΛ awscli + Mackerel Ͱࢹ͢Δ Kosen10s
LT#14 do_su_0805
ΞδΣϯμ w 5-%3 w ߏਤ w ֤छઃఆ
5-%3 • awscli ͷ `aws iam` Λ͏ͱɺMFA ͕༗ޮͰͳ͍Ϣʔβ͕ൈ͖ग़ͤΔ ◦ ҰൃͰൈ͖ग़ͤͳ͍ͷͰɺΈ߹Θ͍ͤͯ͘
◦ ϋʔυΣΞΩʔͳϢʔβ͚ͩൈ͖ग़͢ͷ͕ͪΐͬͱେม • ͦͷΛ Mackerel ͷϝτϦοΫͱͯ͠ߘ͠ɺࢹ͢Δ ◦ ϝτϦοΫͱͯ͠ඞཁͳ͍ͳΒɺνΣοΫࢹͰಉ͜͡ͱ͕Ͱ͖Δ
ߏਤ ਤߏਤ
BXTDMJʹ͍ͭͯ l"84ίϚϯυϥΠϯΠϯλʔϑΣΠε $-* ɺ"84αʔϏεΛཧ͢ ΔͨΊͷ౷߹πʔϧͰ͢ɻμϯϩʔυ͓Αͼઃఆ༻ͷ୯ҰͷπʔϧͷΈΛ ༻ͯ͠ɺίϚϯυϥΠϯ͔Βෳͷ"84αʔϏεΛ੍ޚ͠ɺεΫϦϓτ Λ༻ͯ͜͠ΕΒΛࣗಈԽ͢Δ͜ͱ͕Ͱ͖·͢ɻz "84ίϚϯυϥΠϯΠϯλʔϑΣΠεIUUQTBXTBNB[PODPNKQDMJ !5
.BDLFSFMʹ͍ͭͯ l.BDLFSFMʢϚΧϨϧʣɺӡ༻தͷΫϥυ͘͠ΦϯϓϨϛεͷαʔ όʹΤʔδΣϯτΛͭೖΕΔ͚ͩͰɺ؆୯ʹαʔόཧΛ࢝ΊΒΕ·͢ɻ ࢹαʔόࣗͷߏஙɾӡ༻ෆཁͰ͢ɻ͞ΒʹෛՙͷϦιʔεঢ়گͳͲͷ ΛάϥϑʹՄࢹԽ͠·͢ɻোൃੜ࣌ʹΞϥʔτ͕ه͞Εɺ༷ʑͳ πʔϧʹ௨Ͱ͖·͢ɻγεςϜӡ༻อकʹ࠷దͳࢹαʔϏεͰ͢ɻz ಛͱػೳಛz l.BDLFSFMʢϚΧϨϧʣ৽ੈͷαʔόཧɾࢹαʔϏε IUUQTNBDLFSFMJPKBGFBUVSFT
!6
ਤ.BDLFSFM IUUQTNBDLFSFMJPKB
BXTDMJΛͬͯใΛऔಘ͢Δ w ొ͢ΔίϚϯυͭ w BXTJBNMJTUVTFST w "84*".ϢʔβͷҰཡΛऔಘ w BXTJBNMJTUWJSUVBMNGBEFWJDFT w
"84*".ʹొ͞Ε͍ͯΔԾ.'"σόΠεҰཡΛऔಘ w BXTJBNMJTUNGBEFWJDFTVTFSOBNF\VTFS^ w "84*".ʹొ͞Ε͍ͯΔɺಛఆϢʔβͷ.'"σόΠεҰཡΛऔಘ
BXTDMJΛͬͯใΛऔಘ͢Δ MJTUVTFSTͰϢʔβҰཡΛग़͢ w BXTJBNMJTUVTFSTcKR6TFST<>cTFMFDU 1BTTXPSE-BTU6TFEOVMM c6TFS/BNFScTPSU w JBNMJTUVTFSTͷ݁Ռ͔ΒɺʮύεϫʔυϩάΠϯͨ͠ϢʔβʯͷҰཡ Λऔಘ
BXTDMJΛͬͯใΛऔಘ͢Δ MJTUWJSUVBMNGBEFWJDFTͰ༗ޮͳԾ.'"σόΠεͷॴ༗ऀΛग़͢ w BXTJBNMJTUWJSUVBMNGBEFWJDFTcKR7JSUVBM.'"%FWJDFT<>cTFMFDU &OBCMF%BUFOVMM a c6TFS6TFS/BNFScTPSU w JBNMJTUWJSUVBMNGBEFWJDFTͷ݁Ռ͔ΒɺԼهͷΑ͏ʹߜΓࠐΉ
w ʮԾ.'"σόΠεҰཡ͔Βʯ w ʮ༗ޮͳσόΠεͷҰཡΛग़͠ʯ w ʮͦͷॴ༗ऀΛऔಘ͢Δʯ
BXTDMJΛͬͯใΛऔಘ͢Δ MJTUNGBEFWJDFTͰಛఆϢʔβʹ༗ޮͳ.'"σόΠε͕͋Δ͔ΛௐΔ w GPSVTFSJO ʮʯͷ݁Ռͱʮʯͷ݁ՌͷࠩϢʔβ EP BXTJBNMJTUNGBEFWJDFTVTFSOBNF\VTFS^cKR.'"%FWJDFT<>a cTFMFDU &OBCMF%BUFOVMM
c6TFS/BNFS EPOF w ʮʯͱʮʯͷ݁Ռͷࠩͱͯ͠දࣔ͞ΕͨϢʔβ͕ɺଞʹσόΠε͕ͳ͍͔ΛௐΔ w ʮʯͷ݁ՌʰԾ.'"σόΠεʱͳͷͰϋʔυΣΞΩʔೖΒͳ͍ w ͔ͱ͍ͬͯɺʮʯͰऔಘͨ͠શϢʔβΛ্هͰݕࡧ͢Δͷͳ͊ɾɾɾ w ௐͯɺݟ͔ͭͬͨΒʮʯಉ༷ʹϢʔβ໊Λऔಘ͢Δ
BXTDMJΛͬͯใΛऔಘ͢Δ औಘ݁ՌΛͱʹ·ͱΊΔ w ʮʯͷ݁ՌશϢʔβʜ" w ʮʯͷ݁ՌԾ.'"σόΠεͰ.'"͍ͯ͠ΔϢʔβʜ# w ʮʯͷ݁ՌϋʔυΣΞσόΠεͰ.'"͍ͯ͠ΔϢʔβʜ$ w
#ͱ$ͷVOJR߹ܭ.'"༗ޮͳϢʔβʜ% w "ͱ%ͷࠩ.'"͕༗ޮͰͳ͍Ϣʔβ
.BDLFSFMͰࢹ͢Δ w ࢼ͠ʹ ϗετϝτϦοΫͱͯ͠.BDLFSFMʹߘ͢Δ w NBDLFSFMBHFOUDPOGʹ͜Μͳײ͡ʹॻ͍ͯ w <QMVHJONFUSJDTBXTJBNNGB> DPNNBOEl ΧϯτεΫϦϓτ
l w ͜Μͳײ͡ʹεΫϦϓτ͕ग़ྗ͢Δͱ ۭനUBC w "84@*".BMMVTFST "84@*".WJSUVBMNGBVTFST "84@*".IBSEXBSFNGBVTFST "84@*".XSPOH@VTFS
.BDLFSFMͰࢹ͢Δ w ࢼ͠ʹ ϗετϝτϦοΫͱͯ͠.BDLFSFMʹߘ͢Δ w ͜͏ͳΔ ਤߘྫ
.BDLFSFMͰࢹ͢Δ w αʔϏεϝτϦοΫͱͯ͠.BDLFSFMʹߘ͢Δͱ͖ w ͖ͬ͞ͷܭࢉ݁ՌΛ"1*ܦ༝Ͱߘͨ͠Γ w BQJWTFSWJDFTTFSWJDF/BNFUTECʹ1045͢Δ w ͖ͬ͞ͷܭࢉ݁ՌΛNLSUISPXͰߘͨ͠Γ w
্ه"1*ͷXSBQQFS
.BDLFSFMͰࢹ͢Δ w νΣοΫࢹͰࢹ͢Δ߹ʢϢʔβ͍Βͳ͍ਓ͚ʣ w NBDLFSFMBHFOUDPOGʹ͜Μͳײ͡ʹॻ͍ͯ w <QMVHJODIFDLTBXTJBNNGB> DPNNBOEl ΧϯτεΫϦϓτ l
w εςʔλε ͱҰॹʹϝοηʔδ Λฦ͢εΫϦϓτΛஔ͘ w ʮ.'"༗ޮ͡Όͳ͍Ϣʔβ͕ʯͳΒ0, FYJU w ʮ.'"༗ޮ͡Όͳ͍Ϣʔβ͕͡Όͳ͍ʯͳΒͩΊ FYJU
.BDLFSFMͰࢹ͢Δ w ࢹϧʔϧͰ͢Δ߹ ϢʔβͷਪҠͳͲཉ͍͠ਓ͚ʣ w ϗετPSαʔϏεϝτϦοΫͱͯ͠ߘ͢Δ w ࢹϧʔϧΛӈͷΑ͏ʹ࡞͢Δ ਤࢹϧʔϧͷઃఆྫ