Upgrade to Pro — share decks privately, control downloads, hide ads and more …

JAWS-UG_CLI_Setup_SSM_20211028

Avatar for h-ashisan h-ashisan
October 28, 2021
Technology
0
910

 JAWS-UG_CLI_Setup_SSM_20211028

JAWS-UG CLI専門支部で2021年10月28日に「【初心者向け】Systems Managerってどう始めるんだっけ?」というタイトルで発表したLTです。

Avatar for h-ashisan

h-ashisan

October 28, 2021
Tweet

More Decks by h-ashisan

See All by h-ashisan
OpsJAWS34_CloudTrailLake_for_Organizations
Avatar for h-ashisan hiashisan
0
350
Classmethod_regrowth_2024_tokyo_security_identity_governance_summary
Avatar for h-ashisan hiashisan
0
1.3k
2024/11/29_失敗談から学ぶ! エンジニア向けre:Invent攻略アンチパターン集
Avatar for h-ashisan hiashisan
0
600
20241015 Toranomon Tech Hub#1 Service Catalog使ってみた
Avatar for h-ashisan hiashisan
0
520
Practical-AWS-Security-measures-you-can-implement-now
Avatar for h-ashisan hiashisan
0
630
20240724_cm_odyssey_hibiyatech
Avatar for h-ashisan hiashisan
0
430
[2024最新版]AWS Control Towerを使ったセキュアなマルチアカウント環境の作り方
Avatar for h-ashisan hiashisan
0
1.1k
クラウド利用者の「責任」をどう果たす?AWSセキュリティ対策のススメ #AWSSummit
Avatar for h-ashisan hiashisan
0
670
20240617_IAM MFAのパスキー対応を理解したい_今更多要素認証とパスキーについてキャッチアップしてみた
Avatar for h-ashisan hiashisan
0
920

Other Decks in Technology

See All in Technology
25分で解説する「最小権限の原則」を実現するための AWS「ポリシー」大全 / 20250625-aws-summit-aws-policy
Avatar for opelab opelab
6
680
知識を整理して未来を作る 〜SKDとAI協業への助走〜
Avatar for yyoosshh yosh1995
0
130
AWS CDK 実践的アプローチ N選 / aws-cdk-practical-approaches
Avatar for k.goto gotok365
4
470
Definition of Done
Avatar for Yasunobu Kawaguchi kawaguti
PRO
6
460
CI/CDとタスク共有で加速するVibe Coding
Avatar for tnbe21 tnbe21
0
230
原則から考える保守しやすいComposable関数設計
Avatar for Mori Atsushi moriatsushi
3
500
Uniadex__公開版_20250617-AIxIoTビジネス共創ラボ_ツナガルチカラ_.pdf
Avatar for AIxIoTビジネス共創ラボ iotcomjpadmin
0
140
Liquid Glass革新とSwiftUI/UIKit進化
Avatar for Fumiya Sakai fumiyasac0921
0
110
Oracle Audit Vault and Database Firewall 20 概要
Avatar for oracle4engineer oracle4engineer
PRO
2
1.6k
Amazon Bedrockで実現する 新たな学習体験
Avatar for Kazuki Maeda kzkmaeda
1
380
DenoとJSRで実現する最速MCPサーバー開発記 / Building MCP Servers at Lightning Speed with Deno and JSR
Avatar for Okuto Oyama yamanoku
1
260
Windows 11 で AWS Documentation MCP Server 接続実践/practical-aws-documentation-mcp-server-connection-on-windows-11
Avatar for emi emiki
0
660

Featured

See All Featured
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
2.7k
Building Applications with DynamoDB
Avatar for Matt Wood mza
95
6.5k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
Avatar for Aki / @LoveIdahoBurger aki_iinuma
124
52k
Navigating Team Friction
Avatar for Lara Hogan lara
187
15k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
53
2.8k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
206
24k
BBQ
Avatar for Matthew Crist matthewcrist
89
9.7k
Rails Girls Zürich Keynote
Avatar for Gregor Martynus gr2m
94
14k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
Avatar for Eileen M. Uchitelle eileencodes
137
34k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
54
6.4k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
39
1.9k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
29
2.7k

Transcript

  1. 1 ʲॳ৺ऀ޲͚ʳ Systems ManagerͬͯͲ͏࢝ΊΔΜ͚ͩͬʁ

  2. 2 ࣗݾ঺հ ɾ໊લ ɹ- ͋͠͞Μ(@ashi_ssan) ɾॴଐ ɹ- Ϋϥεϝιουגࣜձࣾ ɹ- AWSࣄۀຊ෦

    ίϯαϧςΟϯά෦ ɾུྺ ɹ- ৽ଔ→ಠཱܥSIer→ݱ৬(2021/09ʙ) ɾ޷͖ͳAWSαʔϏε ɹ- CloudShell ɹ- Systems Manager SessionManager/RunCommand ɾϒϩά

  3. 3 গ͚ͩ͠એ఻ ɾMeety࢝Ί·ͨ͠ʢࠓ೔ʣ

  4. 4 ͸͡Ίʹ ࿩͢͜ͱ ɾAWS Systems Manager(SSM)ͷηοτΞοϓํ๏ ࿩͞ͳ͍͜ͱ ɾ֤SSMαʔϏεʹ͍ͭͯͷઆ໌

  5. 5 ͖͔͚ͬ

  6. 6 ͖͔͚ͬ Amazon LinuxܥͷΠϯελϯεʹ͸ SSM Agent͕σϑΥϧτͰϓϦΠϯετʔϧ͞Ε͍ͯΔ (ެࣜυΩϡϝϯτΑΓ)

  7. 7 ͖͔͚ͬ SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ = ଈ SSM ηοτΞοϓ׬ྃʂ = ηογϣϯϚωʔδϟʔՄೳ

    Ͱ͸ʁʁ

  8. 8 ࣮ࡍʹ΍ͬͯΈͨ

  9. 9 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿSSMηογϣϯϚωʔδϟʔͷCLIίϚϯυ $ aws ssm start-session --target <instance-id>

  10. 10 ࣮ࡍʹ΍ͬͯΈͨ

  11. 11 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ͸ ࢖͑Δʁ

  12. 12 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  13. 13 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ ɾIAMϩʔϧ(ΠϯελϯεϓϩϑΝΠϧ)͕ෆ଍ →ʮAmazonSSMManagedInstanceCoreʯͷΞΫηεڐՄ͕ඞཁ ※ʮAmazonEC2RoleforSSMʯ͸ΞΫηεڐՄൣғ͕޿͍ͨΊඇਪ঑ ࢀߟɿ https://docs.aws.amazon.com/ja_jp/systems-manager/latest/userguide/setup-instance-profile.html

  14. 14 ࣮ࡍʹ΍ͬͯΈͨ

  15. 15 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒ͰηογϣϯϚωʔδϟʔ(ry

  16. 16 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͨ͠

  17. 17 ࣮ࡍʹ΍ͬͯΈͨ ࢀߟɿCLI͔Β઀ଓ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0aa906b95f3c0cf2d Starting

    session with SessionId: 1635351198-session-0790888dbb163125d sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.0.24 netmask 255.255.255.0 broadcast 10.0.0.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  18. 18 ࣮ࡍʹ΍ͬͯΈͨ

  19. 19 ࣮ࡍʹ΍ͬͯΈͨ ໰ɿ ͜ͷߏ੒Ͱ(ry

  20. 20 ࣮ࡍʹ΍ͬͯΈͨ ౴͑ɿͰ͖·ͤΜʂ

  21. 21 ࣮ࡍʹ΍ͬͯΈͨ ݪҼɿ SystemsManager API΁ͷૄ௨ܦ࿏͕ͳ͍ →ʮΠϯελϯε͔ΒSystemsManager API΁ͷΞ΢τό΢ϯ υͷ௨৴ܦ࿏(443ϙʔτ)ʯ͕ඞཁ (࣮૷ྫ) ①NAT

    Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  22. 22 ①NAT Gateway/Πϯελϯεܦ༝Ͱ௨৴͢Δ

  23. 23 ②VPC Endpointܦ༝Ͱ௨৴͢Δ

  24. 24 ໰ɿ (ry

  25. 25 ౴͑ɿͰ͖·ͨ͠

  26. 26 ɾCLI͔Βܨ͛ͨ࣌ͷϩά bash-3.2$ aws ssm start-session --target i-0118cd8e6d13fc095 Starting session

    with SessionId: 1635351198-session-0afb128b8b6169055 sh-4.2$ sh-4.2$ ifconfig |grep "10\.0\." inet 10.0.3.251 netmask 255.255.255.0 broadcast 10.0.3.255 sh-4.2$ exit exit Exiting session with sessionId: 1635351198-session-0790888dbb163125d.

  27. 27 ·ͱΊ

  28. 28 SSM Agent͕ϓϦΠϯετʔϧ͞Ε͍ͯΔ ≠ ଈ SSM ηοτΞοϓ׬ྃʂ ≠ ηογϣϯϚωʔδϟʔՄೳ

  29. 29 ࠓ೔ֶΜͩ͜ͱ ɾSSMηοτΞοϓͷνΣοΫϙΠϯτ ✅ SSM Agent͕Πϯετʔϧ͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯεʹద੾ͳݖݶ͕෇༩͞ΕͨIAMϩʔϧ͕Ξλον͞Ε͍ͯΔ͔ʁ ✅ Πϯελϯε͔ΒSSM

    API΁ͷ௨৴ܦ࿏͸֬อ͞Ε͍ͯΔ͔ʁ

  30. 30 ࢀߟ ɾAWS BlackBelt https://d1.awsstatic.com/webinars/jp/pdf/services/20200212_AWSBlackBelt_SystemsManager_0214.pdf ɾηογϣϯϚωʔδϟʔͷϋϚΓͲ͜ΖΛύλʔϯ͝ͱʹ੔ཧ ͯ͠ΈΔ(DevelopersIO) https://dev.classmethod.jp/articles/session-manager-pattern/

  31. 31 Ҏ্ɻ