Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
JAWS-UG_CLI_Setup_SSM_20211028
Search
h-ashisan
October 28, 2021
Technology
0
920
JAWS-UG_CLI_Setup_SSM_20211028
JAWS-UG CLI専門支部で2021年10月28日に「【初心者向け】Systems Managerってどう始めるんだっけ?」というタイトルで発表したLTです。
h-ashisan
October 28, 2021
Tweet
Share
More Decks by h-ashisan
See All by h-ashisan
Tokyo_reInforce_2025_recap_iam_access_analyzer
hiashisan
0
200
OpsJAWS34_CloudTrailLake_for_Organizations
hiashisan
0
410
Classmethod_regrowth_2024_tokyo_security_identity_governance_summary
hiashisan
0
1.4k
2024/11/29_失敗談から学ぶ! エンジニア向けre:Invent攻略アンチパターン集
hiashisan
0
610
20241015 Toranomon Tech Hub#1 Service Catalog使ってみた
hiashisan
0
540
Practical-AWS-Security-measures-you-can-implement-now
hiashisan
0
650
20240724_cm_odyssey_hibiyatech
hiashisan
0
450
[2024最新版]AWS Control Towerを使ったセキュアなマルチアカウント環境の作り方
hiashisan
0
1.2k
クラウド利用者の「責任」をどう果たす?AWSセキュリティ対策のススメ #AWSSummit
hiashisan
0
700
Other Decks in Technology
See All in Technology
Building GoReleaser - from shell script to paid product
caarlos0
0
270
東京海上日動におけるセキュアな開発プロセスの取り組み
miyabit
0
120
DatabricksのOLTPデータベース『Lakebase』に詳しくなろう!
inoutk
0
110
AIを使っていい感じにE2Eテストを書けるようになるまで / Trying to Write Good E2E Tests with AI
katawara
2
1.6k
スプリントレビューを効果的にするために
miholovesq
9
1.6k
FAST導入1年間のふりかえり〜現実を直視し、さらなる進化を求めて〜 / Review of the first year of FAST implementation
wooootack
1
120
Bliki (ja), and the Cathedral, and the Bazaar
koic
8
1.3k
PHPでResult型やってみよう
higaki_program
0
190
分散トレーシングによる コネクティッドカーのデータ処理見える化の試み
thatsdone
0
190
Amazon CloudWatchのメトリクスインターバルについて / Metrics interval matters
ymotongpoo
3
210
Shadow DOMとセキュリティ - 光と影の境界を探る / Shibuya.XSS techtalk #13
masatokinugawa
0
270
P2P ではじめる WebRTC のつまづきどころ
tnoho
1
210
Featured
See All Featured
The Cost Of JavaScript in 2023
addyosmani
51
8.6k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
Done Done
chrislema
184
16k
VelocityConf: Rendering Performance Case Studies
addyosmani
332
24k
The Art of Programming - Codeland 2020
erikaheidi
54
13k
Being A Developer After 40
akosma
90
590k
The Pragmatic Product Professional
lauravandoore
35
6.8k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
21
1.3k
How to Ace a Technical Interview
jacobian
278
23k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
370
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Transcript
1 ʲॳ৺ऀ͚ʳ Systems ManagerͬͯͲ͏࢝ΊΔΜ͚ͩͬʁ
2 ࣗݾհ ɾ໊લ ɹ- ͋͠͞Μ(@ashi_ssan) ɾॴଐ ɹ- Ϋϥεϝιουגࣜձࣾ ɹ- AWSࣄۀຊ෦
ίϯαϧςΟϯά෦ ɾུྺ ɹ- ৽ଔ→ಠཱܥSIer→ݱ৬(2021/09ʙ) ɾ͖ͳAWSαʔϏε ɹ- CloudShell ɹ- Systems Manager SessionManager/RunCommand ɾϒϩά
3 গ͚ͩ͠એ ɾMeety࢝Ί·ͨ͠ʢࠓʣ
4 ͡Ίʹ ͢͜ͱ ɾAWS Systems Manager(SSM)ͷηοτΞοϓํ๏ ͞ͳ͍͜ͱ ɾ֤SSMαʔϏεʹ͍ͭͯͷઆ໌
5 ͖͔͚ͬ
6 ͖͔͚ͬ Amazon LinuxܥͷΠϯελϯεʹ SSM Agent͕σϑΥϧτͰϓϦΠϯετʔϧ͞Ε͍ͯΔ (ެࣜυΩϡϝϯτΑΓ)
7 ͖͔͚ͬ SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ = ଈ SSM ηοτΞοϓྃʂ = ηογϣϯϚωʔδϟʔՄೳ
Ͱʁʁ
8 ࣮ࡍʹͬͯΈͨ
9 ࣮ࡍʹͬͯΈͨ ࢀߟɿSSMηογϣϯϚωʔδϟʔͷCLIίϚϯυ $ aws ssm start-session --target <instance-id>
10 ࣮ࡍʹͬͯΈͨ
11 ࣮ࡍʹͬͯΈͨ ɿ ͜ͷߏͰηογϣϯϚωʔδϟʔ ͑Δʁ
12 ࣮ࡍʹͬͯΈͨ ͑ɿͰ͖·ͤΜʂ
13 ࣮ࡍʹͬͯΈͨ ݪҼɿ ɾIAMϩʔϧ(ΠϯελϯεϓϩϑΝΠϧ)͕ෆ →ʮAmazonSSMManagedInstanceCoreʯͷΞΫηεڐՄ͕ඞཁ ※ʮAmazonEC2RoleforSSMʯΞΫηεڐՄൣғ͕͍ͨΊඇਪ ࢀߟɿ https://docs.aws.amazon.com/ja_jp/systems-manager/latest/userguide/setup-instance-profile.html
14 ࣮ࡍʹͬͯΈͨ
15 ࣮ࡍʹͬͯΈͨ ɿ ͜ͷߏͰηογϣϯϚωʔδϟʔ(ry
16 ࣮ࡍʹͬͯΈͨ ͑ɿͰ͖·ͨ͠
17 ࣮ࡍʹͬͯΈͨ ࢀߟɿCLI͔Βଓ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0aa906b95f3c0cf2d Starting
session with SessionId: 1635351198-session-0790888dbb163125d sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.0.24 netmask 255.255.255.0 broadcast 10.0.0.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.
18 ࣮ࡍʹͬͯΈͨ
19 ࣮ࡍʹͬͯΈͨ ɿ ͜ͷߏͰ(ry
20 ࣮ࡍʹͬͯΈͨ ͑ɿͰ͖·ͤΜʂ
21 ࣮ࡍʹͬͯΈͨ ݪҼɿ SystemsManager APIͷૄ௨ܦ࿏͕ͳ͍ →ʮΠϯελϯε͔ΒSystemsManager APIͷΞτόϯ υͷ௨৴ܦ࿏(443ϙʔτ)ʯ͕ඞཁ (࣮ྫ) ①NAT
Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ ②VPC Endpointܦ༝Ͱ௨৴͢Δ
22 ①NAT Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ
23 ②VPC Endpointܦ༝Ͱ௨৴͢Δ
24 ɿ (ry
25 ͑ɿͰ͖·ͨ͠
26 ɾCLI͔Βܨ͛ͨ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0118cd8e6d13fc095 Starting session
with SessionId: 1635351198-session-0afb128b8b6169055 sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.3.251 netmask 255.255.255.0 broadcast 10.0.3.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.
27 ·ͱΊ
28 SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ ≠ ଈ SSM ηοτΞοϓྃʂ ≠ ηογϣϯϚωʔδϟʔՄೳ
29 ࠓֶΜͩ͜ͱ ɾSSMηοτΞοϓͷνΣοΫϙΠϯτ ✅ SSM Agent͕Πϯετʔϧ͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯεʹదͳݖݶ͕༩͞ΕͨIAMϩʔϧ͕Ξλον͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯε͔ΒSSM
APIͷ௨৴ܦ࿏֬อ͞Ε͍ͯΔ͔ʁ
30 ࢀߟ ɾAWS BlackBelt https://d1.awsstatic.com/webinars/jp/pdf/services/20200212_AWSBlackBelt_SystemsManager_0214.pdf ɾηογϣϯϚωʔδϟʔͷϋϚΓͲ͜ΖΛύλʔϯ͝ͱʹཧ ͯ͠ΈΔ(DevelopersIO) https://dev.classmethod.jp/articles/session-manager-pattern/
31 Ҏ্ɻ