DMM 決済基盤で AWS CDK を使っている話

%..ܾࡁج൫Ͱ"84 $%,Λ࢖͍ͬͯΔ࿩ ߹ಉձࣾ%..DPN1'ࣄۀຊ෦ϖΠϝϯταʔϏε෦ খੁߤฏ!$%,NFFUVQ

ࣗݾ঺հ

খੁߤฏ JE!)VLVSPV,L w ߹ಉձࣾ%..DPNॴଐ w ϓϥοτϑΥʔϜࣄۀຊ෦ w ϖΠϝϯταʔϏε෦ w ΞϓϦέʔγϣϯΤϯδχΞ
w ৽ଔ

ΞδΣϯμ "84$%,ͱ͸ ࠾༻ͨ͠എܠ "84$%,Λར༻͍ͯ͠ΔϓϩμΫτʹ͍ͭͯͷ঺հ "84$%,Λ࢖ͬͨ࣌ͷ։ൃ࣌ͷར఺ ՝୊఺ͳͲ
ࠓޙʹ͍ͭͯ ·ͱΊ

"84$%,ͱ͸ʁ

"84$%, w ϓϩάϥϚϒϧ*B$πʔϧɻίʔυͰ"84ͷ؀ڥߏங͕Մ ೳɻ +BWB4DSJQUɾ5ZQF4DSJQUɾ1ZUIPOɾ+BWBɾ/&5 w ࠒʹ("ʂݱࡏWFS ݱࡏ
w αʔϏε͝ͱʹ࡞ΒΕ͍ͯΔ$POTUSVDU΍1BUUFSOTΛ࢖ ͑͹αΫοͱ؀ڥߏங͕Ͱ͖Δɻ

ͳͥ࠾༻͔ͨ͠ʁ

ݱঢ়ͷઆ໌͔Β

ΦϯϓϨ Ϋϥ΢υ ϦϓϨΠεதʜ ΠϯϑϥνʔϜ ֤ϓϩμΫτνʔϜ FHܾࡁ5 ϨΨγʔ ϓϩμΫτ ৽ ϓϩμΫτ

ϦϓϨΠε࣌ͷ՝୊఺ w *B$πʔϧ $MPVE'PSNBUJPO΍UFSSBGPSN ͷར༻ͷͨΊ ͷֶशίετ૿Ճ w Ұ෦ɺ8FC6*Λϙνϙν͢Δ࠶ݱੑͷͳ͍؀ڥߏங w ΞʔΩςΫνϟ
αʔόʔϨεɺίϯςφͳͲ ʹΑͬͯ πʔϧͷ૬ੑ͕͋Δɻ

ղܾͷબ୒ࢶͷҰ͕ͭ"84$%,

"84$%,ར༻ͷૂ͍ w ಠࣗͷ%4-ͳͲ࢖ΘͣʹɺϓϩάϥϚϒϧʹॻ͚Δ͜ͱʹ ΑͬͯΞϓϦέʔγϣϯدΓͷΤϯδχΞͰ΋ॻ͖΍͍͢ɺ ϨϏϡʔ͠΍͍͢ɻ w ܕʹΑͬͯิ׬͕ޮͨ͘ΊɺͦΕͧΕͷ$POTUSVDU-JCSBSZ ʹԿ͕͋Δ͔೺ѲͰ͖Δɻ FEJUPSʹΑΓ·͕͢
w ΞϓϦέʔγϣϯ͔ΒΠϯϑϥ·Ͱಉ͡ݴޠͰॻ͘͜ͱ͕Ͱ ͖Δɻ αʔϏεʹΑΓ·͕͢

ଞͷπʔϧൺֱ

4". w "84αʔόʔϨεΞϓϦέʔγϣϯϞσϧ "844". ͸ αʔόʔϨεʹಛԽͨ͠*B$πʔϧ w ZBNMͰߏ੒Λఆٛ͠ɺσϓϩΠ΋ߦ͑Δɻ·ͨMPDBMBQJͷ Α͏ͳݕূػೳ΋༻ҙ͞Ε͍ͯΔɻ w
ݕূػೳ͸%ZOBNP%#-PDBM 4UFQ'VODUJPOT-PDBMͳͲ ͱ࿈ܞ΋औΕΔͨΊɺϩʔΧϧͷ"84ݕূ؀ڥ΋༻ҙՄ ೳɻ

5FSSBGPSN w )BTIJ$PSQ੡*B$πʔϧɻUGϑΝΠϧʹઐ༻ͷ%4- )$- Ͱ؀ڥߏஙఆٛΛॻ͘ɻ֤ϕϯμʔʹରԠɻ w ͋͘·ͰɺΠϯϑϥΛͭ͘ΔπʔϧʹͨΊɺΞϓϦέʔ γϣϯͷ[JQԽͳͲ͕ඞཁɻ w Ͳ͏ͯ͠΋044ɺ͔ͭϚϧνϕϯμʔʹରԠ͍ͯ͠Δͷ΋
͋ͬͯɺ৽αʔϏε΁ͷରԠ͸஗Ίɻ

"84$%,Λར༻͍ͯ͠ΔϓϩμΫτʹ͍ͭͯͷ঺հ

4FSWFSMFTT

֓ཁ w ܾࡁ୅ߦձࣾͷϦΫΤετΛड͚औΓɺฐࣾͷϙΠϯτ ΛϢʔβʔʹ෇༩͢ΔγεςϜ w ෇༩ॲཧʹࣦഊͨ͠৔߹ɺ੒ޭ͢Δ·Ͱ࠶౓ॲཧΛߦ ͏ɻ w ࠓޙෳ਺ͷ୅ߦձࣾʹରԠͰ͖ΔΑ͏ɺͳΔ΂͘։ൃɾ ӡ༻Λָʹ͢Δ

ϦΫΤετΛ ड͚औΔ

-BNCEB͕ىಈ 424 4ʹ౤͛Δ

ΩϡʔΛΠϕϯτʹ-BNCEB ىಈ 4UBUFNBDIJOFΛཱͯΔ

4UFQGVODUJPOTͰϫʔΫϑϩʔ؅ཧ -BNCEBͰϦΫΤετΛ౤͛Δ ࣦഊͨ͠Β·ͨ܁Γฦ͢ɻ

αʔόʔϨεͷํ͸ ͜ͷهࣄͰ΋঺հ͍ͯ͠·͢ɻ https://inside.dmm.com/entry/2020/01/17/ payment-cdk-serverless

$POUBJOFS &$4'BSHBUF

֓ཁ w ΫϨδοτΧʔυػೳؔ࿈ͷϑϩϯτΤϯυΞϓϦέʔ γϣϯ w ΠϯϑϥͱΞϓϦέʔγϣϯͷͦΕͧΕͷߋ৽ͷࡍͷɺ σϓϩΠपΓΛ্ख͘࿈ܞͤ͞Δඞཁ͕͋Δɻ

։ൃϑϩʔ

%FQMPZɾ3FMFBTF

*OGSBTUSVDUVSFEFQMPZ ᶃ13NFSHF ᶄDELEFQMPZ

"QMJDBUJPOEFQMPZ &$4 ᶃ13NFSHF "QQMJDBUJPOSFQPTJUSZ *OGSBTUSVDUVSFSFQPTJUSZ ᶄ1VTI&$3 ᶅ৽͍͠JNBHFUBHʹमਖ਼ͯ͠QVTI ։ൃ؀ڥͰ͸ࣗಈमਖ਼ɺຊ൪౳Ͱ͸खಈमਖ਼ ᶈ1VMMOFXJNBHF ᶇDELEFQMPZ
ᶆ13NFSHF

ϒϥϯνઓུ w ֤؀ڥ͝ͱʹϒϥϯνΛ༻ҙɻ QSETUHEFWTBOECPY w QSETUHEFWͰ͸ଞͷϓϩμΫτ΍ଞαʔϏεͷ1'ػೳ ͱͯ͠ݕূʹ΋࢖ΘΕΔͨΊɺӨڹͷ͋ΔσϓϩΠ͸Ͱ͖ͳ ͍ɻ w
TBOECPY͸ଞͷϓϩμΫτͱͷͭͳ͗͜ΈΛ͠ͳ͍ಠཱͨ͠ ։ൃ؀ڥɻ։ൃதͷڍಈͷ֬ೝʹ࢖༻͢Δɻ

"84αʔϏεڍಈ֬ೝ ։ൃ։࢝ EFW΁൓ө TUH΁൓ө QSE΁൓ө

։ൃํ਑ w ͋Δ۠෼ͰTUBDLΛ෼͚Δ.VMUJ4UBDLӡ༻ QSPEVDU MPHج൫ .PDL"QJ &$3 71$ͳͲ
w υϝΠϯͷূ໌ॻऔಘ "$. ͳͲೋ౓໨ʹ΍Δ͜ͱ͸ͳ͍෦෼͸ 8FC6*Ͱߦͳ͍ͬͯΔɻ w ؀ڥͷ੾Γସ͑͸DELEFQMPZDFOWEFWͷΑ͏ͳDPOUFYUʹ౉͠ ͯ੾Γସ͍͑ͯ͠Δɻ const envName = app.node.tryGetContext('env') || 'dev'; const config = app.node.tryGetContext('environments')[envName];

։ൃ࣌ͷϝϦοτ

ϓϩάϥϜݴޠͰߏ੒ΛఆٛͰ͖Δɹ w ݱࡏ"84$%,͸+BWB4DSJQUɾ5ZQF4DSJQUɾ1ZUIPOɾ +BWBɾ/&5ʹରԠ͍ͯ͠Δɻ w ಠࣗͷ%4-Ͱॻ͘ඞཁ͕ͳ͍ͨΊɺͦͷݴޠΛѻ͍ͬͯͨΤ ϯδχΞͳΒ։ൃʹࢀՃ͠΍͍͢ɻ w ·ͨΞϓϦέʔγϣϯ΋߹ΘͤΔͱޮ཰61

ศརͳ$POTUSVDU-JCSBSZ w "84$%,ʹ͸$POTUSVDUMJCSBSZͱ͍͏$MPVE'PSNBUJPOͰ هࡌ͢Δ಺༰ΛΧϓηϧԽ͞ΕͨϞδϡʔϧ͕͋Δɻ w $POTUSVDUʹ΋छྨ͕͋Γɺ-PX-FWFM$POTUSVDU )JHI -FWFM$POTUSVDU 1BUUFSOTͷࡾछྨ͕͋ΓɺͦΕͧΕఆٛϨ ϕϧ͕ҧ͏΋ͷ͕༻ҙ͞Ε͍ͯΔɻ
w ݸਓతʹ͸)JHI-FWFM$POTUSVDUɺ1BUUFSOT͕͋Ε͹$%, ߏங͢ΔϝϦοτ͕ग़͖ͯͦ͏͔ͳͱࢥ͍ͬͯ·͢ɻ ࢀߟ AWS Cloud Development Kit (AWS CDK) Developer Guide https://docs.aws.amazon.com/cdk/latest/guide/constructs.html

-PX-FWFM$POTUSVDU w $GOͱQSFpY͕෇͍͍ͯΔϥΠϒϥϦɻ$MPVE'PSNBUJPOͷ֤ Ϧιʔεʹ౰ͨΔɻ )JHI-FWFM$POTUSVDU w $MPVE'PSNBUJPOͷ֤ϦιʔεΛந৅Խ͍ͯ͠ΔϥΠϒϥϦɻ NFUIPEͳͲ͕༻ҙ͞Ε͓ͯΓఆ͕ٛ؆୯ɻ 1BUUFSOT w
ෳ਺ͷϦιʔεΛར༻͢ΔϢʔεέʔεΛந৅Խͨ͠ϥΠϒϥ ϦɻBXTFDTQBUUFSOT΍BXTSPVUFQBUUFSOT͕౰ͨΔɻ

)JHI-FWFM$POTUSVDUTBNQMF "1*HBUFXBZ-BNCEB export class LambdaApigatewayStackStack extends cdk.Stack { constructor(scope: cdk.Construct,
id: string, props?: cdk.StackProps) { super(scope, id, props); const restApi = new RestApi(this, id, { restApiName: 'SampleApiGateway', }); const sampleResource = restApi.root.addResource('SampleResource'); const sanpelFun = new Function(this, 'MyFunction', { runtime: Runtime.NODEJS_12_X, handler: 'index.handler', code: new AssetCode('./src/lambda'), }); const confirmDeletionIntegration = new LambdaIntegration(sanpelFun); sampleResource.addMethod('POST', confirmDeletionIntegration); } }

export class EcsPatternSampleStack extends Stack { constructor(scope: Construct, id: string,
props?: StackProps) { super(scope, id, props); const cluster = new Cluster(this, 'EcsPatternSampleCluster', { clusterName: 'EcsPatternSampleCluster', }); const taskDefinition = new FargateTaskDefinition(this, 'TaskDefinition'); const container = taskDefinition.addContainer('EcsPatternSampleContainer', { image: ContainerImage.fromRegistry('amazon/amazon-ecs-sample') }); container.addPortMappings({ containerPort: 80 }); new ApplicationLoadBalancedFargateService(this, 'EcsPatternSampleService', { cluster: cluster, memoryLimitMiB: 1024, cpu: 512, desiredCount: 1, taskDefinition: taskDefinition }); } } 1BUUFSOTTBNQMF FDTQBUUFSOT

஫ࠓճ͸1BUUFSOT࢖͓ͬͯΓ·ͤΜɻ w ӈਤͷΑ͏ͳ"-#ύεϧʔςΟϯ άͰྲྀ͢4FSWJDFΛ෼͚Δߏ੒ʹͰ ͖ΔΑ͏ʹ͔ͨͬͨͨ͠ΊɺFDT QBUUFSOTͷར༻Λݟૹͬͨɻ w ݱࡏͷFDTQBUUFSOT͸ෳ਺ͷ 4FSWJDFͷఆٛʹରԠ͍ͯ͠ͳ͍ͨ Ίɻ
طଘ4FSWJDF ৽ن4FSWJDF IPHF IVHB

4UFQ'VODUJPOTͷ࣮૷ w ϫʔΫϑϩʔ؅ཧΛͯ͘͠ΕΔ"84ͷϚωδϝϯταʔ ϏεɻMBNCEBͷ݁Ռ࣍ୈͰ෼ذॲཧͳͲ࣮૷Ͱ͖Δɻ w ௨ৗ͸KTPOͰఆٛΛॻ͍͍͕ͯ͘ɺ"84$%,ͩͱ $POTUSVDU͕NFUIPEΛ΋͓ͬͯΓɺ؆୯ʹॻ͘͜ͱ͕Մ ೳ

ࢀߟ BXTDELSFGFSFODFBXTTUFQGVODUJPOUBTLT IUUQTEPDTBXTBNB[PODPNDELBQJMBUFTUEPDTBXTTUFQGVODUJPOTUBTLTSFBENFIUNM const firstTask = new sfn.Task(stack, `${stack.stackName}_CommitTask_${serviceName}`, {
task: new sfnTask.InvokeFunction(stepFunc) }).addRetry({ errors: failErrors, maxAttempts: 0, }).addRetry({ errors: retryErrors, interval: Duration.seconds(10), maxAttempts: 26, backoffRate: 1.3, }).addCatch(fail, { errors: failErrors }).addCatch(secondTask, { errors: retryErrors }); $POTUSVDUͷNFUIPEͰUBTLΛ৭ʑઃఆͰ͖Δ

w ॳճͷϦτϥΠ͸୹͘ɺͩΜͩΜ࣍ճϦτϥΠ࣌ؒΛ৳͹ͯ͠ ͍͘ϦτϥΠઃܭ w ࠷௕̎࣌ؒͷϦτϥΠִؒͰिؒଓ͚Δ࢓༷ ϦτϥΠϑϩʔ

։ൃதʹग़ձͬͨนͨͪ 5JQTతͳ

DSPTTTUBDLࢀরͰΞοϓσʔτͰ͖ͳ͍ w "4UBDL͕#TUBDLʹґଘ͍ͯ͠Δ࣌ʹ$%,ͷΞοϓσʔτ ˠΤΫεϙʔτݩͰ͋ΔελοΫΤΫεϙʔτ஋Λมߋ·ͨ͸࡟আͰ ͖ͳ͍͜ͱ͔Βൃੜ ˠൃੜ͠ͳ͍όʔδϣϯ·Ͱ$%,Λ໭͠ɺҰ౓ґଘؔ܎ͱղ͍͔ͯ ΒΞοϓσʔτ͢Δ͜ͱͰղܾ

$MPVE'PSNBUJPOͷ஌͕ࣝඞཁʹͳΔ৔߹΋ w "84$%,ͷDELTZOUI EFQMPZͰग़ྗ͞ΕΔΤϥʔ͸"84 $%,͕ग़͢Τϥʔ΋͋Ε͹ɺ$MPVE'PSNBUJPOͷΤϥʔ͕ͦ ͷ··ग़ྗ͞ΕΔ৔߹΋͋Δɻ w ͦͷ৔߹ɺϦϑΝϨϯε͸$MPVE'PSNBUJPOͷτϥϒϧ γϡʔςΟϯάʹͳΔͨΊɺܦݧ͕ͳ͍৔߹͸গۤ͠ઓ͢Δ ͔΋͠Εͳ͍ɻ

σΟϨΫτϦߏ੒Λߟܾ͑ͯΊ͍ͯ͘ w جຊతʹ"84$%,ͰDELJOJU͢Δ৔߹ɺσΟϨΫτϦߏ੒͸ ࠷௿ݶͷ΋ͷ͔͠Ͱ͖ͳ͍ͨΊɺαʔϏεͷߏ੒ͱݴޠͷಛ ੑΛՃຯͭͭ͠ɺܾΊ͍͔ͯͳ͚Ε͹ͳΒͳ͍ɻ w ಛʹVOJUUFTUʹؔͯ͠͸֤-BNCEB͕ຊ൪ͱಉ͡ϥΠϒϥϦ ঢ়گͰಈ࡞͔ͤͨͬͨͨ͞ΊɺUTDPOpHͷQBUITͰMBZFS಺෦ ͷϥΠϒϥϦΛಡΈࠐΉͳͲ޻෉͕ඞཁɻ

├── README.md ├── bin │ └── credit-gateway.ts ├── cdk.json ├──
lib │ ├── credit-gateway-log-stack.ts │ ├── credit-gateway-stack.ts │ ├── schema │ │ └── credit-gateway-schema.ts │ └── util │ └── wafacl.ts ├── package-lock.json ├── package.json ├── src │ └── lambda │ ├── common │ ├── confirm-deletion │ ├── delete │ └── layer ├── test │ └── src │ └── lambda └── tsconfig.json

ࠓޙͷ՝୊

DELKTPO DPOUFYU ͷංେԽରࡦ w ΍͸Γن໛͕େ͖͘ͳΕ͹ͳΔ΄ͲDPOUFYUʹ΋͍ͨͤͨ ৘ใ͸૿͍͖͑ͯɺ࣋ͭ΂͖৘ใΛਫ਼͍ࠪͯ͘͠ඞཁ͕͋ Δɻ w $%,ଆͰ͸ෳ਺ͷDPOUFYUpMFΛಡΈࠐΉͷ͸ରԠ͍ͯ͠ ͳ͍ͨΊɺ෼ׂ͕೉͍͠ɻ

Ξοϓσʔτʹ͍͍͚ͭͯΔͩΖ͏͔ʜ w "84$%,͸։ൃ͕੝ΜͳͨΊɺ͍ͩͿଞͷπʔϧʹൺ΂ ΔͱΞοϓσʔτ͕ૣ͍ɻ w ઌड़ͷ͕݅͋ͬͨͨΊɺΞοϓσʔτʹΑΔ໰୊ʹ͸ؾΛ ͚ͭͯ͜·Ίʹ֬ೝ͍ͯ͠Δ͕ɺWYYͰͲͷ͘Β͍ͷม ߋ͕͋Δ͔ʜ

ίʔυͷ೰Έ͕ग़͖ͯͯɺਚ͖ͳ͍ɻ w ΍͸Γɺ$MPVE'PSNBUJPO΍UFSSBGPSNͳͲΑΓ΋ॊೈʹ ίʔυ͕ॻ͚Δ෼ɺ೰Έ͕ਚ͖ͳ͍ɻ w ྫ͑͹"1*(BUFXBZʹඥ͍ͮͨ-BNCEBΛ࡞ͬͯ͘ΕΔ ؔ਺ͳͲ࡞ͬͯ΋ɺ΋͠ߏ੒มߋ͕͋ͬͨ৔߹ʹɺ݁ہ ่͢ඞཁ͸ग़ͯ͘Δɻ

·ͱΊ

w *B$πʔϧ͕ෳ਺ग़͖ͯͨނɺνʔϜʹ߹ͬͨɺϓϩμΫ τʹ߹ͬͨπʔϧͷબ୒͕ඞཁʹͳ͖ͬͯͨɻ w "84$%,Λ࢖͏ͱ$POTUSVDUΛ࢖ͬͯɺΞʔΩςΫνϟ ʹؔΘΒͣɺޮ཰తʹ4UBDLΛઃܭͰ͖ɺίϚϯυҰͭͰ ΠϯϑϥɺΞϓϦέʔγϣϯͷߏங͢Δ͜ͱ͕Ͱ͖Δɻ w "84ͰɺҰ͔Β؀ڥΛ࡞ΔͷͰ͋Ε͹ɺൈ܈ʹΦεε ϝɻ

Α͍$%,ϥΠϑΛʂ ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ

DMM 決済基盤で AWS CDK を使っている話

DMM 決済基盤で AWS CDK を使っている話

Other Decks in Programming

Featured

Transcript