Upgrade to Pro — share decks privately, control downloads, hide ads and more …

初心者だからこそ触りたい、AWS CLI ~ "躓きやすい"を無くしたい ~ #devio2020

初心者だからこそ触りたい、AWS CLI ~ "躓きやすい"を無くしたい ~ #devio2020

Developers.IO 2020 Connectでの登壇資料です。
初心者が苦手意識を持ちやすいAWS CLIですが、初心者だからこそ触ってみてよかったと思った点などをお話ししています。
ぜひみなさんもAWS CLIに入門されてはどうでしょうか。

D10bbc54b6a5645bcf688d7ea96b02c2?s=128

Kana Kitagawa

June 16, 2020
Tweet

Transcript

  1. dl͖᪴΍͍͢zΛແ͍ͨ͘͠d  ๺઒Ղಸ ॳ৺ऀ͔ͩΒͦ͜৮Γ͍ͨɺAWS CLI

  2. ๺઒Ղಸ͍͕ͨʔ  ৽ଔΤϯδχΞظੜ "84Λத৺ʹษڧத

  3.  "84$-*͸͍͍ͧɻ

  4. ͜ͷηογϣϯͷର৅  AWS CLI(CUI)ʹۤखҙ͕ࣝ͋Δํ AWS CLIΛ৮Ζ͏ͱͯ͠৮Ε͍ͯͳ͍ํ AWSॳ৺ऀͷํ

  5. ͜ͷηογϣϯͷ࠷ऴ໨ඪ  ͋ΕɺAWS CLIͬͯͦΜͳʹ೉͘͠ͳ͍ʁ ͱࢥ͍ͬͯͨͩ͘͜ͱ

  6. "(&/%"  ɾ"84$-*ͱ͸ʁ ɾॳ৺ऀ͔ͩΒͦ͜৮ͬͯཉ͍͠ ɾΠϯετʔϧͷ࢓ํ ɾ"84$-*Λ࢖ͬͯΈΑ͏ ɾ"84$-*$PNNBOE3FGFSFODFʹ͍ͭͯ ɾ"84ʹ׳Ε͍ͨͳΒɺ"84$-*Λ࢖ͬͯΈΑ͏

  7. "84$-*ͱ͸ʁ  Amazon Web Services Command Line Interface

  8. "84ίϚϯυϥΠϯΠϯλʔϑΣʔεΑΓ  AWS ίϚϯυϥΠϯΠϯλʔϑΣʔε (CLI) ͸ɺ AWS αʔϏεΛ؅ཧ͢ΔͨΊͷ౷߹πʔϧͰ͢ɻ μ΢ϯϩʔυ͓Αͼઃఆ༻ͷ୯ҰͷπʔϧͷΈΛ࢖༻ͯ͠ɺ ίϚϯυϥΠϯ͔Βෳ਺ͷ

    AWS αʔϏεΛ੍ޚ͠ɺ εΫϦϓτΛ࢖༻ͯ͜͠ΕΒΛࣗಈԽ͢Δ͜ͱ͕Ͱ͖·͢ɻ
  9. Ξοϓσʔτʹ͍ͭͯ  2020/02/12 V2͕Ұൠར༻Մೳʹ

  10. Ξοϓσʔτʹ͍ͭͯ  V2 Pythonͷόʔδϣϯؔ܎ͳ͘࢖͑Δ

  11.  ͋ͷɺࠇ͍ը໘͸ۤखͰ͔͢ʁ

  12. $6*ɺ͍ͩͿ׳Ε·ͨ͠ɻ  ࢲ΋ۤ͘͢͝खͰͨ͠ɻ ৮ͬͯΑ͏΍͘׳Ε͖ͯͨɻ

  13. ॳ৺ऀ͔ͩΒͦ͜৮ͬͯཉ͍͠"84$-*  ࣮ࡍʹΞʔΩςΫνϟΛ૊Ή ྲྀΕ͕௫ΊΔɻ

  14. Ϛωδϝϯτίϯιʔϧͱͷҧ͍ྑ͞  Ұͭͷը໘্Ͱૢ࡞͕Ͱ͖Δɻ

  15. Ϛωδϝϯτίϯιʔϧͱͷҧ͍ྑ͞  ࣗಈԽ౳͕͠΍͍͢ɻ

  16. Ϛωδϝϯτίϯιʔϧͱͷҧ͍ྑ͞  ׳ΕΔͱ࢖͍΍͍͢ɻ

  17. "84$-*7Πϯετʔϧํ๏  GUI CUI

  18. ࠓճͷ࣮ߦ؀ڥ  mac OS Catalina 10.15.5

  19. DVSMίϚϯυͰύοέʔδΛΠϯετʔϧ  $ curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o “AWSCLIV2.pkg"

  20. ύοέʔδ͔Β"84$-*ΛΠϯετʔϧ  $ sudo installer -pkg AWSCLIV2.pkg -target /

  21. ͏·͘ΠϯετʔϧͰ͖͔ͨ֬ೝͯ͠ऴྃʂ  $ aws - -version aws-cli/2.0.19 Python/3.7.4 Darwin/19.5.0 botocore/2.0.0dev23

  22. Ξοϓσʔτʹ͍ͭͯ  V2 Pythonͷόʔδϣϯؔ܎ͳ͘࢖͑Δ ࣗಈิ׬ػೳ͕࢖͑Δ

  23. ࣗಈิ׬ػೳΛ࢖͏[TIͷ৔߹  ~/.zshrc ʹ௥Ճ

  24. ࣗಈิ׬ػೳΛ࢖͏[TIͷ৔߹  autoload bashcompinit && bashcompinit complete -C '/usr/local/aws/bin/ aws_completer'

    aws
  25. ࣗಈิ׬ػೳΛ࢖͏[TIͷ৔߹  $ source ~/.zshrc

  26. ແࣄɺิ׬ػೳΛ௥ՃͰ͖͍ͯΕ͹  TABΩʔΛԡ͢ͱิ׬͞ΕΔ

  27. *".Ϣʔβʔͷ੾Γସ͑΋Մೳ  aws configure - - profile USER1 (vi ~/.aws/config)

  28. *".Ϣʔβʔͷ੾Γସ͑΋Մೳ  export AWS_DEFAULT_PROFILE=USER1

  29. "84$-*Λ৮ͬͯΈΑ͏  ΍Γ͍ͨ͜ͱΛࡉ͔͘෼͚ͯΈΔ

  30. ࠓճ΍Γ͍ͨ͜ͱ  VPC಺ʹEC2ΠϯελϯεΛىಈ͢Δ ͦͷΠϯελϯεʹ͸ssh઀ଓ͍ͨ͠ Πϯλʔωοτʹ઀ଓ͍ͨ͠

  31. ͬ͘͟Γ෼͚Δ  VPCͱ2ͭͷαϒωοτΛ࡞੒ ҰͭͷαϒωοτΛύϒϦοΫʹ͢Δ αϒωοτ಺ʹΠϯελϯεΛىಈ

  32. ࠓճ΍Γ͍ͨ͜ͱ 

  33. ࡉ͔͘෼͚͍ͯ͘ 

  34. ࡉ͔͘෼͚͍ͯ͘  aws ec2 create-vpc - -cidr-block 10.0.0.0/16

  35. ࡉ͔͘෼͚͍ͯ͘ 

  36. ࡉ͔͘෼͚͍ͯ͘  aws ec2 create-subnet - -cidr-block 10.0.1.0/24 aws ec2

    create-subnet - -cidr-block 10.0.0.0/24
  37. ࡉ͔͘෼͚͍ͯ͘ 

  38. ࡉ͔͘෼͚͍ͯ͘  aws ec2 create-internet-gateway aws ec2 attach-internet-gateway —internet-gateway-id XXX

    --vpc-id XXX
  39. ࡉ͔͘෼͚͍ͯ͘  aws ec2 create-route-table --vpc-id XXX aws ec2 create-route

    --route-table-id XXX —destination-cidr-block 0.0.0.0/0 —gateway-id XXX aws ec2 associate-route-table --subnet-id XXXXX —route-table-id XXX
  40. ࡉ͔͘෼͚͍ͯ͘  aws ec2 modify-subnet-attribute --subnet-id XXXXX --map-public-ip-on-launch

  41. ࡉ͔͘෼͚͍ͯ͘  aws ec2 create-key-pair --key-name KEY --query 'KeyMaterial' --output

    text > ~/.ssh/$4.pem chmod 400 ~/.ssh/$4.pem
  42. ࡉ͔͘෼͚͍ͯ͘  aws ec2 create-security-group --group-name Test —description "Security group

    for SSH access Internet access" --vpc-id XXX
  43. ηΩϡϦςΟάϧʔϓ  Πϯελϯεͷ௨৴Λ੍ޚ͢Δ ϑΝΠΞ΢Υʔϧ σϑΥϧτ:Πϯό΢ϯυ௨৴͸શͯڋ൱ Ξ΢τό΢ϯυ͔Β͸શͯڐՄ

  44. ࠓճɺઃఆ͢΂͖ηΩϡϦςΟάϧʔϓ  22൪ͱ80൪ϙʔτͷ Πϯό΢ϯυ઀ଓΛڐՄ

  45. ࡉ͔͘෼͚͍ͯ͘  curl -s ifconfig.me /32

  46. ࡉ͔͘෼͚͍ͯ͘  aws ec2 authorize-security-group-ingress --group-id XXX --protocol tcp --port

    22 --cidr XXX
  47. ࡉ͔͘෼͚͍ͯ͘  aws ec2 authorize-security-group-ingress --group-id XXX --protocol tcp --port

    80 --cidr XXX
  48. Ͳ͏ͳͬͨͷ͔ 

  49. ࡉ͔͘෼͚͍ͯ͘  aws ec2 run-instances --image-id ami-0f310fced6141e627 --count 1 --instance-type

    t2.nano --key-name XXX —security-group-ids XXX --subnet-id XXX
  50. ࡉ͔͘෼͚͍ͯ͘ 

  51. ࡉ͔͘෼͚͍͖ͯ·ͨ͠  ͦΕͧΕͷखॱΛҰ͍͖ͭͣͭͯ͠·͢ɻ

  52. ࡉ͔͘෼͚͍͖ͯ·ͨ͠  ͦΕͧΕͷग़ྗ݁ՌΛϝϞ͢Δඞཁ͕͋Δɻ

  53. ͔ͤͬ͘ͳͷͰɺ͍͍ͱ͜ΖΛ׆͔ͦ͏  ࣗಈԽ͍͖͍ͯͨ͠ɻ

  54. -FU`TࣗಈԽ  εΫϦϓτ࡞Γ·ͨ͠ɻ

  55. ग़ྗͷϑΟϧλϦϯά  —query Φϓγϣϯ

  56. εΫϦϓτ࣮ߦલʹΠϯετʔϧ͍͖͍ͯͨͩͨ͠෺  jqίϚϯυ JSONϑΝΠϧΛ੔ܗ͢Δ $ brew install jq

  57. ࣮ߦ࣌ͷίϚϯυ ྫ  $ ./test.sh 10.0.0.0/16 10.0.0.0/24 10.1.0.0/24 test_key

  58. ࣮ߦ࣌ͷίϚϯυ  $ ./test.sh (VPC_CIDR) (PUB_SUB_CIDR) (PRI_SUB_CIDR) (KEY_NAME)

  59. ࣮ࡍͷγΣϧεΫϦϓτ  #!/bin/bash VPC=`aws ec2 create-vpc --cidr-block $1 | jq

    '.Vpc | .VpcId' | tr -d '"'` echo $VPC SUBNET_PUB=`aws ec2 create-subnet --vpc-id $VPC --cidr-block $2 | jq '.Subnet | .SubnetId' | tr -d '"'` SUBNET_PRI=`aws ec2 create-subnet --vpc-id $VPC --cidr-block $3 | jq '.Subnet | .SubnetId' | tr -d '"'` echo $SUBNET_PUB echo $SUBNET_PRI IGW=`aws ec2 create-internet-gateway | jq '.InternetGateway | .InternetGatewayId' | tr -d '"'` aws ec2 attach-internet-gateway --internet-gateway-id $IGW --vpc-id $VPC RT=`aws ec2 create-route-table --vpc-id $VPC | jq '.RouteTable | .RouteTableId' | tr -d '"'` aws ec2 create-route --route-table-id $RT --destination-cidr-block 0.0.0.0/0 --gateway-id $IGW aws ec2 associate-route-table --subnet-id $SUBNET_PUB --route-table-id $RT | jq '.AssociationState' aws ec2 modify-subnet-attribute --subnet-id $SUBNET_PUB --map-public-ip-on-launch aws ec2 create-key-pair --key-name $4 --query 'KeyMaterial' --output text > ~/.ssh/$4.pem chmod 400 ~/.ssh/$4.pem SG=`aws ec2 create-security-group --group-name Test-SecurityG --description "Security group for SSH access Internet access" --vpc-id $VPC | jq .GroupId | tr -d '"'` MYIP=`curl -s ifconfig.me` MYIP="$MYIP/32" aws ec2 authorize-security-group-ingress --group-id $SG --protocol tcp --port 22 --cidr $MYIP aws ec2 authorize-security-group-ingress --group-id $SG --protocol tcp --port 80 --cidr $MYIP aws ec2 describe-security-groups --group-ids $SG | jq '.SecurityGroups[] | .IpPermissions[]' INSTANCE_ID=`aws ec2 run-instances --image-id ami-0f310fced6141e627 --count 1 --instance-type t2.nano --key-name $4 --security-group-ids $SG --subnet-id $SUBNET_PUB | jq '.Instances[] | .InstanceId' | tr -d '"'` aws ec2 describe-instances --instance-id $INSTANCE_ID | jq '.Reservations[] | .Instances[] | .KeyName, .PublicIpAddress'
  60. ͜ͷεΫϦϓτ  ઌ΄Ͳߦͬͨ΋ͷΛฒ΂͚ͨͩͰ͢ɻ

  61. ࣮ࡍͷγΣϧεΫϦϓτ  #!/bin/bash VPC=`aws ec2 create-vpc --cidr-block $1 | jq

    '.Vpc | .VpcId' | tr -d '"'` echo $VPC SUBNET_PUB=`aws ec2 create-subnet --vpc-id $VPC --cidr-block $2 | jq '.Subnet | .SubnetId' | tr -d '"'` SUBNET_PRI=`aws ec2 create-subnet --vpc-id $VPC --cidr-block $3 | jq '.Subnet | .SubnetId' | tr -d '"'` echo $SUBNET_PUB echo $SUBNET_PRI IGW=`aws ec2 create-internet-gateway | jq '.InternetGateway | .InternetGatewayId' | tr -d '"'` aws ec2 attach-internet-gateway --internet-gateway-id $IGW --vpc-id $VPC RT=`aws ec2 create-route-table --vpc-id $VPC | jq '.RouteTable | .RouteTableId' | tr -d '"'` aws ec2 create-route --route-table-id $RT --destination-cidr-block 0.0.0.0/0 --gateway-id $IGW aws ec2 associate-route-table --subnet-id $SUBNET_PUB --route-table-id $RT | jq '.AssociationState' aws ec2 modify-subnet-attribute --subnet-id $SUBNET_PUB --map-public-ip-on-launch aws ec2 create-key-pair --key-name $4 --query 'KeyMaterial' --output text > ~/.ssh/$4.pem chmod 400 ~/.ssh/$4.pem SG=`aws ec2 create-security-group --group-name Test-SecurityG --description "Security group for SSH access Internet access" --vpc-id $VPC | jq .GroupId | tr -d '"'` MYIP=`curl -s ifconfig.me` MYIP="$MYIP/32" aws ec2 authorize-security-group-ingress --group-id $SG --protocol tcp --port 22 --cidr $MYIP aws ec2 authorize-security-group-ingress --group-id $SG --protocol tcp --port 80 --cidr $MYIP aws ec2 describe-security-groups --group-ids $SG | jq '.SecurityGroups[] | .IpPermissions[]' INSTANCE_ID=`aws ec2 run-instances --image-id ami-0f310fced6141e627 --count 1 --instance-type t2.nano --key-name $4 --security-group-ids $SG --subnet-id $SUBNET_PUB | jq '.Instances[] | .InstanceId' | tr -d '"'` aws ec2 describe-instances --instance-id $INSTANCE_ID | jq '.Reservations[] | .Instances[] | .KeyName, .PublicIpAddress'
  62. ࣮ࡍͷ࣮ߦ݁Ռ  VPC ID PUBLIC SUBNET ID PRIVATE SUBNET ID

    ϧʔτΛ࡞Ε͔ͨ ϧʔτςʔϒϧ͕ඥ͍͔ͮͨ ηΩϡϦςΟάϧʔϓͷத਎ Ωʔͷ໊લ ύϒϦοΫIP
  63. "84$-*$PNNBOE3FGFSFODFʹ͍ͭͯ  ࠔͬͨΒɺ͜͜ΛΈΔ

  64. جຊతͳ࢖͍ํ  aws ίϚϯυ໊ αϒίϚϯυ ύϥϝʔλ

  65. ͍͍ͩͨύλʔϯ͕ܾ·͍ͬͯ·͢ɻ  aws αʔϏε໊ create-ʓʓ aws αʔϏε໊ describes-ʓʓ aws αʔϏε໊

    delete-ʓʓ
  66. େ੾ͳ͜ͱ  खॱΛ೺Ѳ͢Δ

  67. ׳ΕΔ·Ͱ  Ұ౓ɺGUI(Ϛωδϝϯτίϯιʔϧ)Ͱ ৮ͬͯΈΔͷ΋͓קΊͰ͢ɻ

  68. "84$-*ʹ׳ΕΔͨΊʹ΍ͬͯΈͨ 

  69. "84ʹ׳Ε͍ͨͳΒʜʁ 

  70. "84ʹ׳Ε͍ͨͳΒʜʁ  AWS CLI

  71. None