AWSの研修環境構築のためにAWS CDKとAmplify Console使った話 / jaws sonic 2020

Slide 1

Slide 1 text

AWSͷݚम؀ڥߏஙͷͨΊʹ AWS CDKͱAmplify Console ࢖ͬͨ࿩ Hiroshi Kasahara (JAWS-UG Niigata) JAWS SONIC 2020 & MIDNIGHT JAWS 2020 2020/09/12 Sat. 21:00

Slide 2

Slide 2 text

• ৽ׁࢢࡏॅ • ஍ݩSIerۈ຿ͷΤϯδχΞ • ޷͖ͳݴޠ: • ίϛϡχςΟ: • JAWS-UG ৽ׁ • JaSST Niigata ࣮ߦҕһձ • ASTER ਖ਼ձһ • etc. Hiroshi Kasahara @kasacchiful @kasacchiful 2

Slide 3

Slide 3 text

JAWS-UG Niigata • 2018೥11݄ʹ্ཱͪ͛ • ৽ׁݝ಺ʹ3ͭ͋Δࢧ෦ͷ1ͭ • ৽ׁͱ͍͑͹ɺञ • ࠙਌ձ͕ʮʹ͍͕ͨञͷਞʯͷ࣌΋ • ΦϑϥΠϯ։࠵ͷࡍʹ͸ɺ͓͍͍͓͠ञ ͱ͓৯ࣄΛᅂΈʹɺͥͻ৽ׁ΁͓ӽ͘͠ ͍ͩ͞ 3

Slide 4

Slide 4 text

࿩͢͜ͱ • ࣾ಺ͷݚम؀ڥΛߏங͢ΔͨΊʹɺAWS CDKͱAWS Amplify ConsoleΛ࢖͍·ͨ͠ • AWS CDKͱAWS Amplify Consoleͷબఆཧ༝ • AWS CDKͱAWS Amplify Consoleͷݸਓత࢖༻ײ 4

Slide 5

Slide 5 text

࿩͞ͳ͍͜ͱ • AWS CDKͷৄࡉ • AWS Amplify Consoleͷৄࡉ • ࣮ࡍॻ͍ͨίʔυͷઆ໌ 5

Slide 6

Slide 6 text

΍ͬͨ͜ͱ • ݚमͰ࢖༻͢ΔIAMϢʔβ΍VPCͳͲͷॳظઃఆ • AWS CDKͰఆٛ • ݚमͰ࢖༻͢ΔϋϯζΦϯࢿྉ • docsifyΛ࢖༻ͯ͠هड़͠ɺAmplify ConsoleͰՔಇ 6

Slide 7

Slide 7 text

എܠ • ࠓ೥ɺࣾ಺ͷAWSݚमΛ೚͞Ε·ͨ͠ • ΄ͱΜͲͷࣾһ͸AWS৮ͬͨ͜ͱ͕ͳ͍ • ʮAWSͱ͸Կ͔ʯΛ஻ͬͨޙʹʮϋϯζΦϯʯ͕ඞཁͩͳ • ʮϋϯζΦϯʯͲ͏΍ͬͯ΍Ζ͏͔ͳʁ 7

Slide 8

Slide 8 text

ϋϯζΦϯͷ಺༰ • 2019೥ʹʮJAWS-UG৽ׁʯͱ ʮJAWS-UG৽ׁݝʯͰ࣮ࢪͨ͠ɺ EC2ͱS3ͷϋϯζΦϯΛݩʹߏ੒ɻ • ๯಄30෼આ໌ͷޙɺ2࣌ؒ൒Ͱ WordPressαΠτߏங·ͰҰ௨ΓͰ͖ ΔΑ͏ʹɻ • ૣ͘ऴΘͬͨਓ޲͚ʹΦϓγϣϯϋϯ ζΦϯΛ༻ҙɻ 1. Amazon EC2 • ΠϯελϯεىಈɺΠϯελϯελΠϓมߋɺ Πϯελϯε࡟আ 2. Amazon S3 • όέοτ࡞੒ɺΦϒδΣΫτอଘɺόέοτ࡟ আɺެ։ઃఆɺ੩తWebαΠτϗεςΟϯά 3. WordPressαΠτߏங • Marketplace AMIΛ࢖༻ͯ͠Πϯελϯεىಈɺ ը૾ϑΝΠϧΛS3ʹอଘͯ͠഑৴ 4. Φϓγϣϯ • WordPressͷMySQLσʔλΛRDSʹҠߦ • ALBͰෛՙ෼ࢄ • ΦʔτεέʔϦϯάઃఆ 8

Slide 9

Slide 9 text

ϋϯζΦϯ؀ڥ • ࢀՃऀຖͷAWSΞΧ΢ϯτ͸ແ͍ɻ • ϋϯζΦϯ༻ͷAWSΞΧ΢ϯτ1ͭʹ ରͯ͠ɺࢀՃऀ෼ͷIAMϢʔβ΍VPC ͳͲΛ༻ҙɻ • AWSϚωδϝϯτίϯιʔϧͰૢ࡞ • EC2΁ͷϩάΠϯ͸Systems Manager ͷηογϣϯϚωδϟʔͰ࣮ࢪ 9

Slide 10

Slide 10 text

ϋϯζΦϯ؀ڥ 10 WordPressͷEC2ΠϯελϯεΛىಈͤ͞ ͯɺը૾ϑΝΠϧΛS3ʹอଘɾ഑৴Ͱ͖Δ ·ͰΛ໨ඪʹϋϯζΦϯ࣮ࢪ ΦϓγϣϯϋϯζΦϯ·Ͱ࣮ࢪ͢Δͱɺ͜͜ ·ͰͰ͖Δ

Slide 11

Slide 11 text

ϋϯζΦϯ࣮ࢪ͢Δʹ͋ͨͬͯͷ՝୊ (1) 1. ࣾ಺ͷωοτϫʔΫ؀ڥͰ͸ɺEC2ʹϩάΠϯͰ͖ͳ͍ • ձࣾ͸ϦϞʔτϫʔΫͰ͸ͳ͘ɺΈͳ͞ΜΦϑΟεϫʔΫ • Ϛωδϝϯτίϯιʔϧ͸৮ΕΔ͕ɺSSH/RDP͚ͩͰͳ͘SSMηογϣ ϯϚωδϟʔ΋ϒϩοΫ͞ΕΔ 2. ޿͍ձٞࣨͰ΋ɺͨ͘͞ΜͷਓΛೖΕͨ͘ͳ͍ • ࣮ࡍͷϋϯζΦϯࢀՃऀ͸ߜΓ͍ͨ • Ͱ΋ɺͨ͘͞ΜͷਓʹࢀՃͯ͠΄͍͠δϨϯϚ 11

Slide 12

Slide 12 text

ϋϯζΦϯ࣮ࢪ͢Δʹ͋ͨͬͯͷ՝୊ (2) 3. ϋϯζΦϯͷॳظઃఆ͸ɺࢀՃਓ਺ʹԠͯ͡ਝ଎ʹ࡞Γ͍ͨ • 3࣌ؒͷ௕ஸ৔ͳͷͰɺ࣌ؒΛ֬อ͔ͯ͠ΒࢀՃਃࠐʹͳΔ͸ͣ • ͭ·Γɺ։࠵௚લʹ૿͑ΔՄೳੑେ 4. ։࠵ޙʹ෮श͢ΔͨΊͷ؀ڥΛ༩͍͑ͯ͋͛ͨ • श͏ΑΓ׳ΕΖ • ܁Γฦ͠AWSΛ৮ͬͨํ͕਎ʹ෇͘ • Ͱ΋ࣾ಺ωοτϫʔΫ͔ΒAWS৮Δͷ͸೉͍͠ 12

Slide 13

Slide 13 text

՝୊΁ͷରԠ (1) 1. ࣾ಺ͷωοτϫʔΫ؀ڥͰ͸ɺEC2ʹϩάΠϯͰ͖ͳ͍ • ձ৔ʹϋϯζΦϯઐ༻ΞΫηεϙΠϯτ͕͋ΔͷͰɺҰ࣌తʹ༗ޮԽ͢ Δ 2. ޿͍ձٞࣨͰ΋ɺͨ͘͞ΜͷਓΛೖΕͨ͘ͳ͍ • ΦϯϥΠϯͰࢹௌͰ͖ΔΑ͏ʹ͢Δ (ฐࣾͰ͸ɺMicrosoft Teams) • ϋϯζΦϯ࣌ؒଳͰ͸ɺࢲͷϋϯζΦϯ಺༰ͷϥΠϒߏஙΛ഑৴ • ձ৔಺ࢀՃऀ޲͚ͷϋϯζΦϯαϙʔτ͸ɺผͷਓʹ͓೚ͤͨ͠ 13

Slide 14

Slide 14 text

՝୊΁ͷରԠ (2) 3. ϋϯζΦϯͷॳظઃఆ͸ɺࢀՃਓ਺ʹԠͯ͡ਝ଎ʹ࡞Γ͍ͨ • AWS CDKͰઃఆͰ͖ΔΑ͏ʹͨ͠ (ࣾ಺NW͔ΒCDKίϚϯυͰΞΫηεͰ͖ͨ) 4. ։࠵ޙʹ෮श͢ΔͨΊͷ؀ڥΛ༩͍͑ͯ͋͛ͨ • ϋϯζΦϯࢿྉΛAWS Amplify ConsoleͰެ։͠ɺࣗ୐Ͱ෮शͰ͖ΔΑ͏ʹͨ͠ • ॳظઃఆ͸CDKͰग़ྗͨ͠CloudFormationςϯϓϨʔτͰઃఆͰ͖ΔΑ͏ʹͨ͠ • ࢲͷϋϯζΦϯϥΠϒߏங഑৴ಈը͸ɺ࿥ը͢ΔͱࣗಈతʹMicrosoft Streamsʹ อଘ͞ΕΔͷͰɺࣗ୐ͰϥΠϒߏஙಈըΛݟͳ͕ΒߏஙͰ͖ΔΑ͏ʹͨ͠ 14

Slide 15

Slide 15 text

AWS CDK 15

Slide 16

Slide 16 text

AWS CDK • AWSͷϦιʔεΛϓϩάϥϛϯάݴޠͰఆٛͯ͠ϓϩϏδϣχϯά • CloudFormationͷϥούʔ 16

Slide 17

Slide 17 text

ͳͥAWS CDKΛ࢖ͬͨͷ͔ʁ ಉ͡ઃఆΛ܁Γฦ͠࡞Γ͍ͨ • CloudFormationΛॻ͘ͷ͸(ݸਓతʹ)πϥΠ • CDKͰϧʔϓͤ͞Ε͹OKͩ͠ɺ(ݸਓతʹ)௚ײతʹ͔͚Δ ීஈ࢖͍׳Ε͍ͯΔϓϩάϥϛϯάݴޠͷίʔυͰॻ͚Δ/ಡΊΔ҆৺ײ • CloudFormationͷYAML/JSONϑΝΠϧΑΓɺCDKͷPythonίʔυͷํ͕ɺ(ݸਓతʹ)ಡΈ ΍͍͢ CloudFormationςϯϓϨʔτ΋ग़ྗͰ͖Δ • ࣗݾֶश࣌ʹɺݸਓͷAWSΞΧ΢ϯτͰॳظઃఆΛ࠶ݱͰ͖Δ 17 ͜ΕͰࢀՃਓ਺෼ɺ ҰؾʹVPCͳͲͷॳظઃఆ͕Ͱ͖Δʂ

Slide 18

Slide 18 text

αʔϏεͷ੍ݶʹؾΛ͚ͭΔ AWSͷ֤छαʔϏεͷ੍ݶΛ֬ೝ͓ͯ͘͜͠ͱɻ ࠓճ্ݶ؇࿨ͷਃ੥Λͨ͠΋ͷ • 1Ϧʔδϣϯ͋ͨΓͷVPCͷ਺ • 1Ϧʔδϣϯ͋ͨΓͷΠϯλʔωοτήʔτ΢ΣΠͷ਺ 18

Slide 19

Slide 19 text

αʔϏεΫΥʔλ ʮࢲͷαʔϏεΫΥʔλʯ͔Βɺ্ݶ؇࿨ͷਃ੥Ͱ͖·͢ɻ • ʮطଘͰಈ͍͍ͯΔ΋ͷͷ਺ʯΛؚΊΔ͜ͱΛ๨Ε͕ͪͳͷͰɺؾΛ͚͓ͭͯ͜͏ • ྫ: σϑΥϧτVPC • VPCͷ਺Λʮ10ʯ࡞Γ͍͔ͨΒʮ10ʯͰਃ੥͢ΔͱɺσϑΥϧτVPC෼ΛؚΊ ͯͳ͍ͷͰɺVPC1ͭ࡞Εͳ͍ ਃ੥ͨ͠ཌ೔͘Β͍ʹ͸ɺ্ݶ؇࿨͕൓ө͞Ε·ͨ͠ɻ 19

Slide 20

Slide 20 text

CDKͰઃఆͨ͠΋ͷ ࢀՃऀ͋ͨΓ • VPC: 1ͭ • Πϯλʔωοτήʔτ΢ΣΠ: 1ͭ (VPCʹΞλον) • αϒωοτ: 4ͭ • publicαϒωοτ͸ɺIGW΁ͷϧʔςΟϯά௥ Ճ • ηΩϡϦςΟάϧʔϓ: 2ͭ (web ͱ db) • IAMϢʔβ • ڞ௨ͷIAMάϧʔϓʹ௥Ճ 20 ࢀՃऀڞ௨ • IAMάϧʔϓ • ֤छϙϦγʔΛΞλον • IAMϩʔϧ • EC2ʹʮAmazonEC2RoleforSSMʯͱ ʮAmazonS3FullAccessʯΛڐՄ͢ΔͨΊ • ΠϯελϯεϓϩϑΝΠϧͷ࡞੒Λ๨Εͣʹ ࠓճ͸PythonͰॻ͖·ͨ͠

Slide 21

Slide 21 text

ߏஙྫ (IAMϢʔβͱIAMάϧʔϓ) # IAM Group iam_group = iam.Group(self, "HandsonGroup", group_name = "HandsonGroup", managed_policies = [ iam.ManagedPolicy.from_aws_managed_policy_name("AmazonS3FullAccess"), ] ) # IAM Users cnt = 10 for i in range(1, cnt + 1): iam_user = iam.User(self, f"handson-seminar-iamuser-{i}", user_name = f"handson-seminar-iamuser-{i}", groups = [iam_group], ) 21

Slide 22

Slide 22 text

ࣗݾֶश༻ͷॳظ؀ڥઃఆCFNςϯϓϨʔτ cdk synth ͷίϚϯυͰɺCloudFormationςϯϓϨʔτΛग़ྗͰ͖Δɻ 22 $ cdk synth handson-stack > cfn-template-handson.yml

Slide 23

Slide 23 text

AWS CDKͷ࢖༻ײ • ͍ͭ΋ͷϓϩάϥϛϯάݴޠͰॻ͚Δ҆৺ײ (ݸਓతʹ) • ݁ߏলུͯ͠هड़Ͱ͖Δ • ϋϯζΦϯͰࢿྉʹهड़͢Δඞཁ͕͋ͬͨͷͰVPC໊͸ࢦఆ͕ͨ͠ɺ CloudFormationςϯϓϨʔτΑΓهड़ྔ͕ݮͬͨ • ݟ௚͕͠ϥΫ • ࠔͬͨͱ͖͸ɺAPIϦϑΝϨϯε΍ઌۦऀͷTypeScriptίʔυ౳Λࢀর • ݴޠ͸ҟͳͬͯ΋ɺΫϥε΍ϝιου͕ڞ௨Խ͞Ε͍ͯΔ 23

Slide 24

Slide 24 text

AWS Amplify Console 24

Slide 25

Slide 25 text

AWS Amplify Console • ੩తWebϗεςΟϯάαʔϏε • Ϗϧυ&σϓϩΠ͢ΔͨΊͷɺγϯϓϧͳCI/CDػೳ͋Γ • AmplifyΛߏ੒͢Δཁૉͷ1ͭ • ࠓճ͸Amplify ConsoleͷΈ࢖͍ͬͯ·͢ 25

Slide 26

Slide 26 text

Amplify Consoleͷಋೖ 1. Deployͷ”GET STARTED”Λબ୒ 2. GitϦϙδτϦαʔϏεΛબ୒ 3. ϦϙδτϦͱϒϥϯνΛબ୒ 4. ϏϧυઃఆΛ௥Ճ 5. อଘͯ͠σϓϩΠ!!!

Slide 27

Slide 27 text

ͳͥAmplify ConsoleΛ࢖ͬͨͷ͔ʁ (1) ࣗ୐͔ΒͰ΋ࣗݾֶशͰ෮श͍ͤͯ͋͛ͨ͞ • Amplify ConsoleͰࢿྉΛWebͰެ։͢Ε͹OK • ύεϫʔυอޢ(Basicೝূ)΋Ͱ͖Δ • VPC౳ͷॳظઃఆ΋ɺCDKͰ࡞੒ͨ͠CloudFormationςϯϓ ϨʔτΛࢿྉαΠτ͔Βμ΢ϯϩʔυͯ͠࢖༻ͯ͠΋Β͑͹OK 27

Slide 28

Slide 28 text

ͳͥAmplify ConsoleΛ࢖ͬͨͷ͔ʁ (2) σϓϩΠ·ͰͷखॱΛϥΫʹ͍ͨ͠ • ࠓ·ͰͷJAWS-UG৽ׁͰ΍ͬͯͨ͜ͱ • ฤू࣌: MarkdownͰॻ͘ → masterϒϥϯνʹϚʔδ → GitHubʹpush • Ϗϧυ&σϓϩΠ࣌: MarkdownΛHTMLʹม׵͢Δ → S3ʹઃஔ͢Δ • ࠓճ΍ͬͨ͜ͱ • ฤू࣌: MarkdownͰॻ͘ → masterϒϥϯνʹϚʔδ → GitHubʹpush • pushͨ͠ޙ͸ɺAmplify Console͕ࣗಈతʹϏϧυ & σϓϩΠͯ͘͠ΕΔ 28 ࢿྉ࡞Δͷ͸ࢲ1ਓ͚͔ͩͩΒɺ ༨ܭͳखॱΛ౿·ͳ͍Α͏ʹ͍ͨ͠

Slide 29

Slide 29 text

Ϗϧυ & σϓϩΠ ϑϩʔ 29

Slide 30

Slide 30 text

υΩϡϝϯταΠτΛdocsifyͰ VueϕʔεͷυΩϡϝϯταΠτΛ͓खܰʹ • Single Page Application • Ϗϧυෆཁ • MarkdownϑΝΠϧͷ··ઃஔͰ͖Δ • JAWS-UG৽ׁͷϋϯζΦϯࢿྉ(Markdown)͕ͦͷ··࢖͑Δ • Ͱ΋ϚωδϝϯτίϯιʔϧͷUIมߋ͕݁ߏ͋ͬͨͷͰɺॻ͖௚͢෦෼͸ଟ͔ͬͨ • ֤छϗεςΟϯάαʔϏε΁ͷσϓϩΠखॱ͕υΩϡϝϯτʹ༻ҙ • Amplify Console΁͸ɺ͜ͷσϓϩΠखॱͷ௨Γʹ࣮ࢪ͠·ͨ͠ 30 IUUQTEPDTJGZKTPSH

Slide 31

Slide 31 text

version: 0.1 frontend: phases: build: commands: - "sed -i -e \"s/routerMode: 'hash',/routerMode: 'history',/g\" ./docs/index.html" artifacts: baseDirectory: /docs files: - '**/*' cache: paths: [] docsifyͷυΩϡϝϯτʹ ै͑͹OKɻ • ϦϙδτϦϧʔτʹஔ͘ amplify.yml͸ӈͷΑ͏ ʹͯ͠ɺϏϧυ࣌ʹ routerModeΛ”history” ʹॻ͖׵͍͑ͯΔɻ Amplify Console΁ͷσϓϩΠઃఆ

Slide 32

Slide 32 text

ΤϯτϦϙΠϯτͷindex.htmlʹdocsifyͷઃఆΛॻ͖ɺ ֤ϖʔδ͸MarkdownͰॻ͖·͢ɻ

Slide 33

Slide 33 text

࣮ࡍͷϋϯζΦϯςΩετ͸͜Μͳײ͡

Slide 34

Slide 34 text

ςΩετͱϚωδϝϯτίϯιʔϧฒ΂ͯ ϋϯζΦϯͷ໛༷Λ࣮ԋ & ࣾ಺ʹϥΠϒ഑৴͠·ͨ͠

Slide 35

Slide 35 text

AWS Amplify Consoleͷ࢖༻ײ • Ϗϧυ & σϓϩΠͷख͕͔ؒͳΓল͚ͨ • ॳظઃఆ͸ҙ֎ͱ؆୯ͩͬͨ • (docsifyͷσϓϩΠखॱʹै͚ͬͨͩͰ͸͋Δ͕…) • Amplify SDK΍Amplify CLI࢖Θͳͯ͘΋ɺ·ͣ͸Amplify Consoleͩ ͚Ͱ΋ࢼͯ͠ΈΔՁ஋͸͋Δ 35

Slide 36

Slide 36 text

·ͱΊ 36

Slide 37

Slide 37 text

·ͱΊ • ࣾ಺ͷݚम؀ڥΛߏங͢ΔͨΊʹɺAWS CDKͱAWS Amplify ConsoleΛ࢖͍·ͨ͠ • AWS CDKͰϋϯζΦϯͷॳظ؀ڥߏஙɻϓϩάϥϛϯάݴޠͰॻ͚ Δ҆৺ײɻهड़͕݁ߏলུͰ͖ͯɺίʔυશମ͕εοΩϦɻ • AWS Amplify ConsoleͰϋϯζΦϯςΩεταΠτͷϏϧυ&σϓϩ ΠলྗԽɻҙ֎ͱ؆୯ɻා͘ͳ͍ɻ 37

Slide 38

Slide 38 text

https://jawsug-niigata.connpass.com 38

Slide 39

Slide 39 text

ࢀߟ • ϋϯζΦϯͷϕʔε: • JAWS-UG ৽ׁ #2 - S3 ϋϯζΦϯ • https://jawsug-niigata.connpass.com/event/114694/ • JAWS-UG ৽ׁ #4 - EC2 / Lightsail ϋϯζΦϯ • https://jawsug-niigata.connpass.com/event/126558/ • JAWS-UG ৽ׁݝ ॳ৺ऀ޲͚ϋϯζΦϯ • https://nds.connpass.com/event/133878/ 39