Upgrade to Pro — share decks privately, control downloads, hide ads and more …

JAWS-UG_CLI_Setup_SSM_20211028

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for h-ashisan h-ashisan
October 28, 2021
Technology
0
950

 JAWS-UG_CLI_Setup_SSM_20211028

JAWS-UG CLI専門支部で2021年10月28日に「【初心者向け】Systems Managerってどう始めるんだっけ?」というタイトルで発表したLTです。

Avatar for h-ashisan

h-ashisan

October 28, 2021
Tweet

More Decks by h-ashisan

See All by h-ashisan
regrowth_tokyo_2025_securityagent
Avatar for h-ashisan hiashisan
0
380
Tokyo_reInforce_2025_recap_iam_access_analyzer
Avatar for h-ashisan hiashisan
0
330
OpsJAWS34_CloudTrailLake_for_Organizations
Avatar for h-ashisan hiashisan
0
720
Classmethod_regrowth_2024_tokyo_security_identity_governance_summary
Avatar for h-ashisan hiashisan
0
1.5k
2024/11/29_失敗談から学ぶ! エンジニア向けre:Invent攻略アンチパターン集
Avatar for h-ashisan hiashisan
0
750
20241015 Toranomon Tech Hub#1 Service Catalog使ってみた
Avatar for h-ashisan hiashisan
0
680
Practical-AWS-Security-measures-you-can-implement-now
Avatar for h-ashisan hiashisan
0
780
20240724_cm_odyssey_hibiyatech
Avatar for h-ashisan hiashisan
0
520
[2024最新版]AWS Control Towerを使ったセキュアなマルチアカウント環境の作り方
Avatar for h-ashisan hiashisan
0
1.4k

Other Decks in Technology

See All in Technology
GSIが複数キー対応したことで、俺達はいったい何が嬉しいのか?
Avatar for Makky12 smt7174
3
120
15 years with Rails and DDD (AI Edition)
Avatar for Andrzej Krzywda andrzejkrzywda
0
140
All About Sansan – for New Global Engineers
Avatar for Sansan, Inc. sansan33
PRO
1
1.3k
Amazon ElastiCacheのコスト最適化を考える/Elasticache Cost Optimization
Avatar for quiver quiver
0
370
メルカリのAI活用を支えるAIセキュリティ
Avatar for さうす s3h
8
6k
セキュリティ はじめの一歩
Avatar for nikinusu nikinusu
0
1.4k
CDKで始めるTypeScript開発のススメ
Avatar for つくぼし tsukuboshi
1
230
クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)
Avatar for capytan capytan
6
1.8k
生成AI時代にこそ求められるSRE / SRE for Gen AI era
Avatar for ymotongpoo ymotongpoo
4
1.9k
エンジニアとマネジメントの距離/Engineering and Management
Avatar for 小田中育生 ikuodanaka
3
700
Azure Durable Functions で作った NL2SQL Agent の精度向上に取り組んだ話/jat08
Avatar for TonyTonyKun thara0402
0
110
IaaS/SaaS管理における SREの実践 - SRE Kaigi 2026
Avatar for Shun bbqallstars
4
1.3k

Featured

See All Featured
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
187
22k
What Being in a Rock Band Can Teach Us About Real World SEO
Avatar for Ade Holder 427marketing
0
170
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
Avatar for Kenny Baas-Schwegler baasie
0
220
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
13
1.1k
How to make the Groovebox
Avatar for あそなす asonas
2
1.9k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
37
7.1k
Designing for Performance
Avatar for Lara Hogan lara
610
70k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
359
30k
Tell your own story through comics
Avatar for letsgokoyo letsgokoyo
1
800
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
Visual Storytelling: How to be a Superhuman Communicator
Avatar for David Neal reverentgeek
2
420
Everyday Curiosity
Avatar for Cassini Nazir cassininazir
0
120

Transcript

  1. 1 ʲॳ৺ऀ޲͚ʳ Systems ManagerͬͯͲ͏࢝ΊΔΜ͚ͩͬʁ

  2. 2 ࣗݾ঺հ ɾ໊લ ɹ- ͋͠͞Μ(@ashi_ssan) ɾॴଐ ɹ- Ϋϥεϝιουגࣜձࣾ ɹ- AWSࣄۀຊ෦

    ίϯαϧςΟϯά෦ ɾུྺ ɹ- ৽ଔ→ಠཱܥSIer→ݱ৬(2021/09ʙ) ɾ޷͖ͳAWSαʔϏε ɹ- CloudShell ɹ- Systems Manager SessionManager/RunCommand ɾϒϩά

  3. 3 গ͚ͩ͠એ఻ ɾMeety࢝Ί·ͨ͠ʢࠓ೔ʣ

  4. 4 ͸͡Ίʹ ࿩͢͜ͱ ɾAWS Systems Manager(SSM)ͷηοτΞοϓํ๏ ࿩͞ͳ͍͜ͱ ɾ֤SSMαʔϏεʹ͍ͭͯͷઆ໌

  5. 5 ͖͔͚ͬ

  6. 6 ͖͔͚ͬ Amazon LinuxܥͷΠϯελϯεʹ͸ SSM Agent͕σϑΥϧτͰϓϦΠϯετʔϧ͞Ε͍ͯΔ (ެࣜυΩϡϝϯτΑΓ)

  7. 7 ͖͔͚ͬ SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ = ଈ SSM ηοτΞοϓ׬ྃʂ = ηογϣϯϚωʔδϟʔՄೳ

    Ͱ͸ʁʁ

  8. 8 ࣮ࡍʹ΍ͬͯΈͨ

  9. 9 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿSSMηογϣϯϚωʔδϟʔͷCLIίϚϯυ $ aws ssm start-session --target <instance-id>

  10. 10 ࣮ࡍʹ΍ͬͯΈͨ

  11. 11 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ͸ ࢖͑Δʁ

  12. 12 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  13. 13 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ ɾIAMϩʔϧ(ΠϯελϯεϓϩϑΝΠϧ)͕ෆ଍ →ʮAmazonSSMManagedInstanceCoreʯͷΞΫηεڐՄ͕ඞཁ ※ʮAmazonEC2RoleforSSMʯ͸ΞΫηεڐՄൣғ͕޿͍ͨΊඇਪ঑ ࢀߟɿ https://docs.aws.amazon.com/ja_jp/systems-manager/latest/userguide/setup-instance-profile.html

  14. 14 ࣮ࡍʹ΍ͬͯΈͨ

  15. 15 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ(ry

  16. 16 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͨ͠

  17. 17 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿCLI͔Β઀ଓ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0aa906b95f3c0cf2d Starting

    session with SessionId: 1635351198-session-0790888dbb163125d sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.0.24 netmask 255.255.255.0 broadcast 10.0.0.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  18. 18 ࣮ࡍʹ΍ͬͯΈͨ

  19. 19 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒Ͱ(ry

  20. 20 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  21. 21 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ SystemsManager API΁ͷૄ௨ܦ࿏͕ͳ͍ →ʮΠϯελϯε͔ΒSystemsManager API΁ͷΞ΢τό΢ϯ υͷ௨৴ܦ࿏(443ϙʔτ)ʯ͕ඞཁ (࣮૷ྫ) ①NAT

    Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  22. 22 ①NAT Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ

  23. 23 ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  24. 24 ໰ɿ (ry

  25. 25 ౴͑ɿͰ͖·ͨ͠

  26. 26 ɾCLI͔Βܨ͛ͨ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0118cd8e6d13fc095 Starting session

    with SessionId: 1635351198-session-0afb128b8b6169055 sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.3.251 netmask 255.255.255.0 broadcast 10.0.3.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  27. 27 ·ͱΊ

  28. 28 SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ ≠ ଈ SSM ηοτΞοϓ׬ྃʂ ≠ ηογϣϯϚωʔδϟʔՄೳ

  29. 29 ࠓ೔ֶΜͩ͜ͱ ɾSSMηοτΞοϓͷνΣοΫϙΠϯτ ✅ SSM Agent͕Πϯετʔϧ͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯεʹద੾ͳݖݶ͕෇༩͞ΕͨIAMϩʔϧ͕Ξλον͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯε͔ΒSSM

    API΁ͷ௨৴ܦ࿏͸֬อ͞Ε͍ͯΔ͔ʁ

  30. 30 ࢀߟ ɾAWS BlackBelt https://d1.awsstatic.com/webinars/jp/pdf/services/20200212_AWSBlackBelt_SystemsManager_0214.pdf ɾηογϣϯϚωʔδϟʔͷϋϚΓͲ͜ΖΛύλʔϯ͝ͱʹ੔ཧ ͯ͠ΈΔ(DevelopersIO) https://dev.classmethod.jp/articles/session-manager-pattern/

  31. 31 Ҏ্ɻ