Upgrade to Pro — share decks privately, control downloads, hide ads and more …

JAWS-UG_CLI_Setup_SSM_20211028

Avatar for h-ashisan h-ashisan
October 28, 2021
Technology
0
920

 JAWS-UG_CLI_Setup_SSM_20211028

JAWS-UG CLI専門支部で2021年10月28日に「【初心者向け】Systems Managerってどう始めるんだっけ?」というタイトルで発表したLTです。

Avatar for h-ashisan

h-ashisan

October 28, 2021
Tweet

More Decks by h-ashisan

See All by h-ashisan
Tokyo_reInforce_2025_recap_iam_access_analyzer
Avatar for h-ashisan hiashisan
0
200
OpsJAWS34_CloudTrailLake_for_Organizations
Avatar for h-ashisan hiashisan
0
410
Classmethod_regrowth_2024_tokyo_security_identity_governance_summary
Avatar for h-ashisan hiashisan
0
1.4k
2024/11/29_失敗談から学ぶ! エンジニア向けre:Invent攻略アンチパターン集
Avatar for h-ashisan hiashisan
0
610
20241015 Toranomon Tech Hub#1 Service Catalog使ってみた
Avatar for h-ashisan hiashisan
0
540
Practical-AWS-Security-measures-you-can-implement-now
Avatar for h-ashisan hiashisan
0
650
20240724_cm_odyssey_hibiyatech
Avatar for h-ashisan hiashisan
0
450
[2024最新版]AWS Control Towerを使ったセキュアなマルチアカウント環境の作り方
Avatar for h-ashisan hiashisan
0
1.2k
クラウド利用者の「責任」をどう果たす?AWSセキュリティ対策のススメ #AWSSummit
Avatar for h-ashisan hiashisan
0
700

Other Decks in Technology

See All in Technology
Building GoReleaser - from shell script to paid product
Avatar for Carlos Alexandro Becker caarlos0
0
270
東京海上日動におけるセキュアな開発プロセスの取り組み
Avatar for miyabit miyabit
0
120
DatabricksのOLTPデータベース『Lakebase』に詳しくなろう!
Avatar for Takeru Ino inoutk
0
110
AIを使っていい感じにE2Eテストを書けるようになるまで / Trying to Write Good E2E Tests with AI
Avatar for Akihiro Yokota katawara
2
1.6k
スプリントレビューを効果的にするために
Avatar for Miho Nagase miholovesq
9
1.6k
FAST導入1年間のふりかえり〜現実を直視し、さらなる進化を求めて〜 / Review of the first year of FAST implementation
Avatar for Kyosuke Awata wooootack
1
120
Bliki (ja), and the Cathedral, and the Bazaar
Avatar for Koichi ITO koic
8
1.3k
PHPでResult型やってみよう
Avatar for higaki higaki_program
0
190
分散トレーシングによる コネクティッドカーのデータ処理見える化の試み
Avatar for thatsdone thatsdone
0
190
Amazon CloudWatchのメトリクスインターバルについて / Metrics interval matters
Avatar for ymotongpoo ymotongpoo
3
210
Shadow DOMとセキュリティ - 光と影の境界を探る / Shibuya.XSS techtalk #13
Avatar for Masato Kinugawa masatokinugawa
0
270
P2P ではじめる WebRTC のつまづきどころ
Avatar for tnoho tnoho
1
210

Featured

See All Featured
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
51
8.6k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
53k
Done Done
Avatar for chrislema chrislema
184
16k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
332
24k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
54
13k
Being A Developer After 40
Avatar for Adrian Kosmaczewski akosma
90
590k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
35
6.8k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
PRO
21
1.3k
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
278
23k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
161
15k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
8
370
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
48
50k

Transcript

  1. 1 ʲॳ৺ऀ޲͚ʳ Systems ManagerͬͯͲ͏࢝ΊΔΜ͚ͩͬʁ

  2. 2 ࣗݾ঺հ ɾ໊લ ɹ- ͋͠͞Μ(@ashi_ssan) ɾॴଐ ɹ- Ϋϥεϝιουגࣜձࣾ ɹ- AWSࣄۀຊ෦

    ίϯαϧςΟϯά෦ ɾུྺ ɹ- ৽ଔ→ಠཱܥSIer→ݱ৬(2021/09ʙ) ɾ޷͖ͳAWSαʔϏε ɹ- CloudShell ɹ- Systems Manager SessionManager/RunCommand ɾϒϩά

  3. 3 গ͚ͩ͠એ఻ ɾMeety࢝Ί·ͨ͠ʢࠓ೔ʣ

  4. 4 ͸͡Ίʹ ࿩͢͜ͱ ɾAWS Systems Manager(SSM)ͷηοτΞοϓํ๏ ࿩͞ͳ͍͜ͱ ɾ֤SSMαʔϏεʹ͍ͭͯͷઆ໌

  5. 5 ͖͔͚ͬ

  6. 6 ͖͔͚ͬ Amazon LinuxܥͷΠϯελϯεʹ͸ SSM Agent͕σϑΥϧτͰϓϦΠϯετʔϧ͞Ε͍ͯΔ (ެࣜυΩϡϝϯτΑΓ)

  7. 7 ͖͔͚ͬ SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ = ଈ SSM ηοτΞοϓ׬ྃʂ = ηογϣϯϚωʔδϟʔՄೳ

    Ͱ͸ʁʁ

  8. 8 ࣮ࡍʹ΍ͬͯΈͨ

  9. 9 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿSSMηογϣϯϚωʔδϟʔͷCLIίϚϯυ $ aws ssm start-session --target <instance-id>

  10. 10 ࣮ࡍʹ΍ͬͯΈͨ

  11. 11 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ͸ ࢖͑Δʁ

  12. 12 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  13. 13 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ ɾIAMϩʔϧ(ΠϯελϯεϓϩϑΝΠϧ)͕ෆ଍ →ʮAmazonSSMManagedInstanceCoreʯͷΞΫηεڐՄ͕ඞཁ ※ʮAmazonEC2RoleforSSMʯ͸ΞΫηεڐՄൣғ͕޿͍ͨΊඇਪ঑ ࢀߟɿ https://docs.aws.amazon.com/ja_jp/systems-manager/latest/userguide/setup-instance-profile.html

  14. 14 ࣮ࡍʹ΍ͬͯΈͨ

  15. 15 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ(ry

  16. 16 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͨ͠

  17. 17 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿCLI͔Β઀ଓ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0aa906b95f3c0cf2d Starting

    session with SessionId: 1635351198-session-0790888dbb163125d sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.0.24 netmask 255.255.255.0 broadcast 10.0.0.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  18. 18 ࣮ࡍʹ΍ͬͯΈͨ

  19. 19 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒Ͱ(ry

  20. 20 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  21. 21 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ SystemsManager API΁ͷૄ௨ܦ࿏͕ͳ͍ →ʮΠϯελϯε͔ΒSystemsManager API΁ͷΞ΢τό΢ϯ υͷ௨৴ܦ࿏(443ϙʔτ)ʯ͕ඞཁ (࣮૷ྫ) ①NAT

    Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  22. 22 ①NAT Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ

  23. 23 ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  24. 24 ໰ɿ (ry

  25. 25 ౴͑ɿͰ͖·ͨ͠

  26. 26 ɾCLI͔Βܨ͛ͨ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0118cd8e6d13fc095 Starting session

    with SessionId: 1635351198-session-0afb128b8b6169055 sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.3.251 netmask 255.255.255.0 broadcast 10.0.3.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  27. 27 ·ͱΊ

  28. 28 SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ ≠ ଈ SSM ηοτΞοϓ׬ྃʂ ≠ ηογϣϯϚωʔδϟʔՄೳ

  29. 29 ࠓ೔ֶΜͩ͜ͱ ɾSSMηοτΞοϓͷνΣοΫϙΠϯτ ✅ SSM Agent͕Πϯετʔϧ͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯεʹద੾ͳݖݶ͕෇༩͞ΕͨIAMϩʔϧ͕Ξλον͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯε͔ΒSSM

    API΁ͷ௨৴ܦ࿏͸֬อ͞Ε͍ͯΔ͔ʁ

  30. 30 ࢀߟ ɾAWS BlackBelt https://d1.awsstatic.com/webinars/jp/pdf/services/20200212_AWSBlackBelt_SystemsManager_0214.pdf ɾηογϣϯϚωʔδϟʔͷϋϚΓͲ͜ΖΛύλʔϯ͝ͱʹ੔ཧ ͯ͠ΈΔ(DevelopersIO) https://dev.classmethod.jp/articles/session-manager-pattern/

  31. 31 Ҏ্ɻ