Upgrade to Pro — share decks privately, control downloads, hide ads and more …

JAWS-UG_CLI_Setup_SSM_20211028

h-ashisan
October 28, 2021
Technology
0
860

 JAWS-UG_CLI_Setup_SSM_20211028

JAWS-UG CLI専門支部で2021年10月28日に「【初心者向け】Systems Managerってどう始めるんだっけ?」というタイトルで発表したLTです。

h-ashisan

October 28, 2021
Tweet

More Decks by h-ashisan

See All by h-ashisan
Classmethod_regrowth_2024_tokyo_security_identity_governance_summary
hiashisan
0
1.1k
2024/11/29_失敗談から学ぶ! エンジニア向けre:Invent攻略アンチパターン集
hiashisan
0
490
20241015 Toranomon Tech Hub#1 Service Catalog使ってみた
hiashisan
0
330
Practical-AWS-Security-measures-you-can-implement-now
hiashisan
0
470
20240724_cm_odyssey_hibiyatech
hiashisan
0
310
[2024最新版]AWS Control Towerを使ったセキュアなマルチアカウント環境の作り方
hiashisan
0
750
クラウド利用者の「責任」をどう果たす?AWSセキュリティ対策のススメ #AWSSummit
hiashisan
0
510
20240617_IAM MFAのパスキー対応を理解したい_今更多要素認証とパスキーについてキャッチアップしてみた
hiashisan
0
720
まるクラ勉強会#2_CloudTrail管理戦略
hiashisan
2
600

Other Decks in Technology

See All in Technology
Unlearn Product Development - Unleashed Edition
lemiorhan
PRO
2
150
20240513 - 框裡框外_文學院學生如何在AI世代安身立命 @ 淡江大學
dpys
0
450
20241218_今年はSLI/SLOの導入を頑張ってました!
zepprix
0
220
事業貢献を考えるための技術改善の目標設計と改善実績 / Targeted design of technical improvements to consider business contribution and improvement performance
oomatomo
0
180
[JAWS-UG新潟#20] re:Invent2024 -CloudOperationsアップデートについて-
shintaro_fukatsu
0
130
Google Cloud で始める Cloud Run 〜AWSとの比較と実例デモで解説〜
risatube
PRO
0
120
Oracle Cloud Infrastructure:2024年12月度サービス・アップデート
oracle4engineer
PRO
1
360
普通のエンジニアがLaravelコアチームメンバーになるまで
avosalmon
0
610
株式会社ログラス − エンジニア向け会社説明資料 / Loglass Comapany Deck for Engineer
loglass2019
3
32k
[Ruby] Develop a Morse Code Learning Gem & Beep from Strings
oguressive
1
200
ハイテク休憩
sat
PRO
2
190
[Oracle TechNight#85] Oracle Autonomous Databaseを使ったAI活用入門
oracle4engineer
PRO
1
170

Featured

See All Featured
Statistics for Hackers
jakevdp
796
220k
Building an army of robots
kneath
302
44k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
7
530
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
49
2.2k
Being A Developer After 40
akosma
89
590k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.9k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
27
1.5k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
33
2.7k
Designing for Performance
lara
604
68k

Transcript

  1. 1 ʲॳ৺ऀ޲͚ʳ Systems ManagerͬͯͲ͏࢝ΊΔΜ͚ͩͬʁ

  2. 2 ࣗݾ঺հ ɾ໊લ ɹ- ͋͠͞Μ(@ashi_ssan) ɾॴଐ ɹ- Ϋϥεϝιουגࣜձࣾ ɹ- AWSࣄۀຊ෦

    ίϯαϧςΟϯά෦ ɾུྺ ɹ- ৽ଔ→ಠཱܥSIer→ݱ৬(2021/09ʙ) ɾ޷͖ͳAWSαʔϏε ɹ- CloudShell ɹ- Systems Manager SessionManager/RunCommand ɾϒϩά

  3. 3 গ͚ͩ͠એ఻ ɾMeety࢝Ί·ͨ͠ʢࠓ೔ʣ

  4. 4 ͸͡Ίʹ ࿩͢͜ͱ ɾAWS Systems Manager(SSM)ͷηοτΞοϓํ๏ ࿩͞ͳ͍͜ͱ ɾ֤SSMαʔϏεʹ͍ͭͯͷઆ໌

  5. 5 ͖͔͚ͬ

  6. 6 ͖͔͚ͬ Amazon LinuxܥͷΠϯελϯεʹ͸ SSM Agent͕σϑΥϧτͰϓϦΠϯετʔϧ͞Ε͍ͯΔ (ެࣜυΩϡϝϯτΑΓ)

  7. 7 ͖͔͚ͬ SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ = ଈ SSM ηοτΞοϓ׬ྃʂ = ηογϣϯϚωʔδϟʔՄೳ

    Ͱ͸ʁʁ

  8. 8 ࣮ࡍʹ΍ͬͯΈͨ

  9. 9 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿSSMηογϣϯϚωʔδϟʔͷCLIίϚϯυ $ aws ssm start-session --target <instance-id>

  10. 10 ࣮ࡍʹ΍ͬͯΈͨ

  11. 11 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ͸ ࢖͑Δʁ

  12. 12 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  13. 13 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ ɾIAMϩʔϧ(ΠϯελϯεϓϩϑΝΠϧ)͕ෆ଍ →ʮAmazonSSMManagedInstanceCoreʯͷΞΫηεڐՄ͕ඞཁ ※ʮAmazonEC2RoleforSSMʯ͸ΞΫηεڐՄൣғ͕޿͍ͨΊඇਪ঑ ࢀߟɿ https://docs.aws.amazon.com/ja_jp/systems-manager/latest/userguide/setup-instance-profile.html

  14. 14 ࣮ࡍʹ΍ͬͯΈͨ

  15. 15 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ(ry

  16. 16 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͨ͠

  17. 17 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿCLI͔Β઀ଓ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0aa906b95f3c0cf2d Starting

    session with SessionId: 1635351198-session-0790888dbb163125d sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.0.24 netmask 255.255.255.0 broadcast 10.0.0.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  18. 18 ࣮ࡍʹ΍ͬͯΈͨ

  19. 19 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒Ͱ(ry

  20. 20 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  21. 21 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ SystemsManager API΁ͷૄ௨ܦ࿏͕ͳ͍ →ʮΠϯελϯε͔ΒSystemsManager API΁ͷΞ΢τό΢ϯ υͷ௨৴ܦ࿏(443ϙʔτ)ʯ͕ඞཁ (࣮૷ྫ) ①NAT

    Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  22. 22 ①NAT Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ

  23. 23 ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  24. 24 ໰ɿ (ry

  25. 25 ౴͑ɿͰ͖·ͨ͠

  26. 26 ɾCLI͔Βܨ͛ͨ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0118cd8e6d13fc095 Starting session

    with SessionId: 1635351198-session-0afb128b8b6169055 sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.3.251 netmask 255.255.255.0 broadcast 10.0.3.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  27. 27 ·ͱΊ

  28. 28 SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ ≠ ଈ SSM ηοτΞοϓ׬ྃʂ ≠ ηογϣϯϚωʔδϟʔՄೳ

  29. 29 ࠓ೔ֶΜͩ͜ͱ ɾSSMηοτΞοϓͷνΣοΫϙΠϯτ ✅ SSM Agent͕Πϯετʔϧ͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯεʹద੾ͳݖݶ͕෇༩͞ΕͨIAMϩʔϧ͕Ξλον͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯε͔ΒSSM

    API΁ͷ௨৴ܦ࿏͸֬อ͞Ε͍ͯΔ͔ʁ

  30. 30 ࢀߟ ɾAWS BlackBelt https://d1.awsstatic.com/webinars/jp/pdf/services/20200212_AWSBlackBelt_SystemsManager_0214.pdf ɾηογϣϯϚωʔδϟʔͷϋϚΓͲ͜ΖΛύλʔϯ͝ͱʹ੔ཧ ͯ͠ΈΔ(DevelopersIO) https://dev.classmethod.jp/articles/session-manager-pattern/

  31. 31 Ҏ্ɻ