Slide 1
Slide 1 text
ͦͷଓઌใͲ͜ʹ
גࣜձࣾGunosy ྄ี
Slide 2
Slide 2 text
͓·͑ͩΕ
• @aibou (·͡ Γΐ͏͚͢)
• ʮ͍͋΅͏͞Μͬͯຊ໊ͳΜͰ͚ͨͬ͠ʁʯ
• GunosyαʔϏεͷΠϯϑϥશൠ୲(AWSྺ1ͪΐ͍)
• Java(Spring Boot), Ruby, Chef
• झຯɿεϙʔπ؍ઓ ⚾Ϟʔλʔεϙʔπ
• ࡢDAZNొ͠·ͨ͠ɻڵຯ͋Δਓ࠙ձͰͥͻ
• Ԍ্ྺ͋Γ
Slide 3
Slide 3 text
AWS Lambda
͍ͬͯΔํʹ࣭Ͱ͢
Slide 4
Slide 4 text
ൿີͳใͲ͜ʹॻ͍ͯ·͔͢ʁ
ʢDBଓใʣ
Slide 5
Slide 5 text
AWSίϯιʔϧͷΤσΟλʹ
ίʔυॻ͖
Slide 6
Slide 6 text
JenkinsͷࣗલϏϧυαʔό
ͰύϥϝʔλԽ
Slide 7
Slide 7 text
ΦϯϓϨϦϙδτϦ(GHE, svn)
͔ͩΒϋʔυίʔυ
Slide 8
Slide 8 text
GunosyͰAWS KMSΛͬͯ
ଓઌใΛ҉߸Խ͍ͯ͠·͢
-BNCEB͏࣌ɺͰ͢ɻ
ීஈ0QTXPSLTͷ$VTUPN+TPOʹॻ͍ͯ·͢
Slide 9
Slide 9 text
ࠓͦͷ͓Λ͠·͢
Slide 10
Slide 10 text
͋ͬɾɾɾ
IUUQEFWDMBTTNFUIPEKQDMPVEEFDSZQUTFOTJUJWFEBUBXJUILNTPOMBNCEBJOWPDBUJPO
Slide 11
Slide 11 text
GunosyͰAWS KMSΛͬͯ
ଓઌใ͕ೖͬͨϑΝΠϧΛ
ؙ͝ͱ҉߸Խ͍ͯ͠·͢
Slide 12
Slide 12 text
ྲྀΕతͳ
JBN6QEBUF'VODUJPO$PEF
JBN1VCMJTI7FSTJPO
LNT%FDSZQU
DPOOFDU
JBN&ODSZQU
UFTU[JQQJOH
Slide 13
Slide 13 text
ConfigϑΝΠϧͷαϯϓϧ
{
"DATABASES": {
"master": {
"HOST": "",
"PORT": "",
"NAME": "",
"USER": "",
"PASSWORD": ""
}
}
}
γϯϓϧʂ
ͪΖΜ%#Ҏ֎ͷઃఆهࡌͯͨ͠Γ͠·͢
Slide 14
Slide 14 text
Lambda্Ͱͷσίʔυ
ʢPythonʣ
kms = boto3.client('kms')
with open(encrypted_json_path) as f:
_settings = json.loads(
kms.decrypt(CiphertextBlob=f.read())['Plaintext']
)
DATABASES = _settings.get("DATABASES") or {}
# DATABASES['master']['HOST']
# DATABASES['master']['USER']
IPHF@@JOJU@@QZʹॻ͍͓͚ͯ
JNQPSUIPHFͰ͑Δͷ˓
Slide 15
Slide 15 text
ࠔͬͨ͜ͱ
ɾݖݶͷ͍ग़͠
ɾઃఆߋ৽͕ΊΜͲ͍͘͞
ɾݱঢ়Ͳ͏͍͏ઃఆʹͳͬͯΔ͔Θ͔Βͳ͍
͜ͷลɹɹɹΛ͑ղܾͰ͖ͦ͏
Slide 16
Slide 16 text
ཪϫβ
lambda functionͷ
descriptionʹઃఆΛຒΊΔʂ
Slide 17
Slide 17 text
function description
Slide 18
Slide 18 text
Description͔Βऔಘ
ʢPythonʣ
import boto3
import json
def lambda_handler(event, context):
configuration = boto3.client('lambda').get_function_configuration(
FunctionName=context.function_name
)
json_conf = json.loads(configuration['Description'])
return json_conf['name']
Slide 19
Slide 19 text
࠷ޙʹ
AWS Lambda Ruby Φωγϟεʂ