Slide 1
Slide 1 text
AWS CDKͷ࠷ڧͷॻ͖ํΛ
࣮ફͯ͠ΈΔ 2023൛
2023/7/8
CXࣄۀຊ෦ ࠤ౻ஐथ
Slide 2
Slide 2 text
No content
Slide 3
Slide 3 text
ࣗݾհ
• ࠤ౻ஐथ
• CXࣄۀຊ෦ ΞʔΩςΫτνʔϜ Ϛωʔδϟʔ
• JAWS-UG CDKࢧ෦ ӡӦ
• ڭһ໔ڐ ߴߍ/தֶֶ ใ
• ͖ͳAWSαʔϏεɿLambdaɺCDK
3
@tmk2154
tomoki10
Slide 4
Slide 4 text
ࠓճ͢͜ͱʢҰ୴հʣ
ҎԼͷτϐοΫ͔ΒԿݸ͔͢
4
1. جຊతͳCDKͷߏͷ͓͞Β͍
2. CDKͰաͳநԽΛආ͚Δ
3. StackͰͳ͘ConstructͰ͚Δ
4. Construct L2(+α)ΛϝΠϯͰ͏
5. ڥ͝ͱͷࠩΦϒδΣΫτΛ͏
6. Stackఆٛͷग़͚͠
7. ςετΛͲ͜·ͰΔ͔
8. NodejsFunctionΛ͓͏ҕһձ
9. ϞϊϨϙ͔ɺγϯάϧϨϙ͔
Slide 5
Slide 5 text
ࠓͷϋογϡλά 5
ɹ #devio2023
Slide 6
Slide 6 text
࣍
•νϣʔΫτʔΫͱ
•ͳͥࠓ͢ͷ͔
•͢͜ͱͷݩωλ
•ࠓճ͢͜ͱ
6
Slide 7
Slide 7 text
νϣʔΫτʔΫͱ
ٕज़ઐࣝʹؔ͢ΔτϐοΫʹ͍ͭͯɺΤΩεύʔτ
ઐՈ͕ࢀՃऀʹରͯ͠తʹઆ໌σϞϯετϨʔγϣ
ϯΛߦ͍ͳ͕ΒɺରσΟεΧογϣϯΛߦ͏Πϕϯτܗ
ࣜͰ͢ɻ
νϣʔΫτʔΫͷಛɺࢀՃऀͱΤΩεύʔτͱͷؒͰର
σΟεΧογϣϯ͕׆ൃʹߦΘΕΔ͜ͱͰ͢ɻࢀՃऀ
ɺ࣭Λͨ͠ΓɺٙҙݟΛड़ͨΓ͢Δ͜ͱͰɺΤΩ
εύʔτͱͷ૬ޓ࡞༻Λ௨ͯ͡ΑΓਂ͍ཧղࣝΛಘΔ͜
ͱ͕Ͱ͖·͢ɻ
7
Slide 8
Slide 8 text
νϣʔΫτʔΫͱ
ٕज़ઐࣝʹؔ͢ΔτϐοΫʹ͍ͭͯɺΤΩεύʔτ
ઐՈ͕ࢀՃऀʹରͯ͠తʹઆ໌σϞϯετϨʔγϣ
ϯΛߦ͍ͳ͕ΒɺରσΟεΧογϣϯΛߦ͏Πϕϯτܗ
ࣜͰ͢ɻ
νϣʔΫτʔΫͷಛɺࢀՃऀͱΤΩεύʔτͱͷؒͰର
σΟεΧογϣϯ͕׆ൃʹߦΘΕΔ͜ͱͰ͢ɻࢀՃऀ
ɺ࣭Λͨ͠ΓɺٙҙݟΛड़ͨΓ͢Δ͜ͱͰɺΤΩ
εύʔτͱͷ૬ޓ࡞༻Λ௨ͯ͡ΑΓਂ͍ཧղࣝΛಘΔ͜
ͱ͕Ͱ͖·͢ɻ
8
Slide 9
Slide 9 text
͍ͭͰ/ͲΜͳ࣭Ͱ
Welcome!!
9
Slide 10
Slide 10 text
CDKͬͯԿʁ
ͿͬͪΌ͚ࠓϊϦͰདྷͨΜͰ
10
ྫ͑…
Slide 11
Slide 11 text
࣭
CDKͬͨ͜ͱ͕͋Δਓʁ
ɹɹɹ1. ࣄͰ2Ҏ্͍ͬͯΔ
ɹɹɹ2. ࣄͰ1Ҏ্͍ͬͯΔ
ɹɹɹ3. ϋϯζΦϯۀ֎Ͱࢼ͍ͯ͠Δ
ɹɹɹ4. ͬͨ͜ͱ͕ͳ͍
11
Slide 12
Slide 12 text
ͳͥࠓ͢ͷ͔ 12
ੲͷࢿྉ
Slide 13
Slide 13 text
2021ͷࢿྉͰݕ౼ࣄ߲ྑ͍͕͑ݹ͘ͳ͖ͬͯͨ
ͳͥࠓ͢ͷ͔ 13
Slide 14
Slide 14 text
ࠓճ͢͜ͱͷݩωλ 14
Slide 15
Slide 15 text
ࢿྉΞοϓϩʔυ͞Εͯ·͢ 15
Slide 16
Slide 16 text
͜ͷ໘ന͞ΘͬͯΔͷ͔ͳ͋ʁ
ͬͱΊ͍ͨʂ
16
Slide 17
Slide 17 text
ࠓճ͢͜ͱ
ҎԼͷτϐοΫ͔ΒԿݸ͔͢
17
1. جຊతͳCDKͷߏͷ͓͞Β͍
2. CDKͰաͳநԽΛආ͚Δ
3. StackͰͳ͘ConstructͰ͚Δ
4. Construct L2(+α)ΛϝΠϯͰ͏
5. ڥ͝ͱͷࠩΦϒδΣΫτΛ͏
6. Stackఆٛͷग़͚͠
7. ςετΛͲ͜·ͰΔ͔
8. NodejsFunctionΛ͓͏ҕһձ
9. ϞϊϨϙ͔ɺγϯάϧϨϙ͔
Slide 18
Slide 18 text
αϯϓϧϦϙδτϦ
https://github.com/tomoki10/cdk-best-design-2023
18
Slide 19
Slide 19 text
جຊతͳCDKͷߏͷ͓͞Β͍ 19
DELKTPO
03
BQQPQUJPO
FOUSZQPJOU
Slide 20
Slide 20 text
جຊతͳCDKͷߏͷ͓͞Β͍ 20
Slide 21
Slide 21 text
CDKͰաͳநԽΛආ͚Δ
खଓܕ͕ͩએݴܕతʹॻ͘
21
Slide 22
Slide 22 text
CDKͰաͳநԽΛආ͚Δ
खଓܕ͕ͩએݴܕతʹॻ͘
ҎԼۃͳѱ͍ྫ
22
Slide 23
Slide 23 text
CDKͰաͳநԽΛආ͚Δ
Ifɺforۃྗॻ͔ͳ͍ɺڥࠩҟجຊύϥϝʔλͰઃఆ
։ൃ/ຊ൪ؒͰͷϦιʔεଘࡏͷࠩҟۃྗ͑Δ※
23
※ ʮTwelve-Factor App ։ൃ/ຊ൪Ұகʯhttps://12factor.net/ja/dev-prod-parity
Slide 24
Slide 24 text
StackͰͳ͘ConstructͰ͚Δ 24
PropsʹΑΔStackؒࢀর͕ݩڟͰCDK༻ऀͷ
΄΅100%͕ϋϚΔ᠘
͍ͬͯͳ͍
͋Δ
CDKͷΫϩεελοΫؒࢀরͰ
٧·ͬͨ͜ͱ͋Γ·͔͢ʁ(Սۭ)
https://dev.classmethod.jp/articles/aws-cdk-props-cross-stack-reference-
problem-and-handle/
Slide 25
Slide 25 text
StackͰͳ͘ConstructͰ͚Δ 25
Slide 26
Slide 26 text
L1,2,3 Constructͷ͓͞Β͍ 26
$POTUSVDUͷ-BZFSͷΠϝʔδ
-
-
-
&$4
$%,
$POTUSVDU
&$3
$%,
$POTUSVDU
71$
$%,
$POTUSVDU
&$4$GO
$POTUSVDU
&$4
$%,
$POTUSVDU
&$4$GO
$POTUSVDU
&$4
$MPVE
'PSNBUJPO
&$4
1BUUFSOT
&$4
$MPVE
'PSNBUJPO
ʜ
ʜ
-
நԽ
ରԠ
ରԠ
நԽ
Slide 27
Slide 27 text
Construct L2(+α)ΛϝΠϯͰ͏ 27
L2 + Security or Governance or Best Setting
Platform TeamSecurity TeamͳͲ͕ਪઃఆΛॻ͖ɺࢀর࣮͠
Slide 28
Slide 28 text
ڥ͝ͱͷࠩΦϒδΣΫτΛ͏ 28
cdk.json:
{
"app": "npx ts-node --prefer-ts-exts bin/cdk-best-design-2023.ts”,
"context": {
"projectName": "hoge-fuga",
"dev": {
"envName": "dev",
"env": {
"account": "123456789012",
"region": "ap-northeast-1"
}
},
"stg": {
"envName": “stg",
...
}
...
}
}
σϓϩΠ࣌ͷίϚϯυɿ
cdk deploy -c environment=dev ~~
ੲͷϕετϓϥΫςΟεɺcdk.jsonͰڥࠩΛઃఆ
Slide 29
Slide 29 text
ڥ͝ͱͷࠩΦϒδΣΫτΛ͏ 29
parameter.ts
bin/cdk-best-design-2023.ts
Slide 30
Slide 30 text
Stack ఆٛͷग़͚͠ 30
Slide 31
Slide 31 text
Stack ఆٛͷग़͚͠ 31
Slide 32
Slide 32 text
ςετΛͲ͜·ͰΔ͔ 32
• Snapshot Test
CloudFormationςϯϓϨʔτΛอଘ͠ɺࠩ֬ೝΛߦ͑Δ
• GoodɿCDKΞοϓσʔτ࣌ͷมߋࠩΛ֬ೝͰ͖ͯ҆৺
• BadɿS3ͳͲΞηοτͰఆҎ্ʹมߋ͕ࠩͰ͖ΔͷͰ੍͕͍Δ
Slide 33
Slide 33 text
assetsͷิʢCDKͷཪଆͷجຊతͳಈ͖ʣ 33
Client CI/CD Env
Source
code
AWS
CloudFormation
AWS account
OR
AWS CDK
Cfn
Template
Stack
(Resource State)
Cfn
Template
1.Synthesize
S3
Bucket
assets
2.Upload
3.Deploy 5.Generate
AWS Lambda
Amazon
API Gateway
6.API Call
4.Pull
Slide 34
Slide 34 text
ςετΛͲ͜·ͰΔ͔ 34
• Fine-grained Assertions
CloudFormation্ͷϦιʔε͕ఆͨ͠ঢ়ଶ͔֬ೝͰ͖Δ
• Goodɿ੍ޚߏจΛ͏߹ʹಈ࡞֬ೝ͕Ͱ͖Δ
• BadɿL2ϕʔεͰίʔυΛએݴతʹॻ͍͍ͯΕͦͦෆཁͳ߹ଟ͍
Slide 35
Slide 35 text
ςετΛͲ͜·ͰΔ͔ 35
• Integration Test (Alpha)
ϦιʔεΛ࣮ࡍͷΞΧϯτʹσϓϩΠͯ͠ɺσϓϩΠՄೳ͔ͷ֬ೝ
σϓϩΠޙʹHTTPSϦΫΤετͷૄ௨֬ೝͳͲ͕Ͱ͖Δ
CDKͷ෦࣮ͰओʹΘΕ͍ͯΔ
• Goodɿ࣮ࡍͷڥͰఆͨ͠ಈ࡞Λ͢Δ͔֬ೝՄೳ
• BadɿσϓϩΠ͕͋ΔͷͰςετύλʔϯ͕ଟ͍ͱςετ͕࣌ؒ͘ͳΔ
Slide 36
Slide 36 text
ςετΛͲ͜·ͰΔ͔ 36
• cdk-nag
AWSNIST.800.53ɺPCI DSSͳͲͷηΩϡϦςΟɾίϯϓϥΠΞϯεϧʔϧʹ
४ڌ͍ͯ͠Δ͔֬ೝͰ͖Δπʔϧ
• GoodɿσϓϩΠલݕূͰηΩϡϦςΟͷγϑτϨϑτ͕࣮ݱͰ͖Δ
• Badɿޡݕଟ੍͕݁͘ߏඞཁΒ͍͠
• pdk-nag※
cdk-nagͷϥΠτ൛APAC(ओʹΦʔετϥϦΞ)ͷAWS Prototyping Team͕࡞
※https://aws.github.io/aws-prototyping-sdk/developer_guides/pdk-nag/index.html
Slide 37
Slide 37 text
NodejsFunctionΛ͓͏ҕһձ 37
LambdaͰNodejsΛ͏ࡍͷศརπʔϧ͕ἧ͍ͬͯΔ L2+͙Β͍ͷബ͍Construct
ҎԼརͷҰ෦
• όϯυϧ͕؆୯ɻesbuildΛೖΕΔ͚ͩ
distσΟϨΫτϦͳͲதؒͷϑΝΠϧஔ͖ෆཁ
• HotswapͰ࠷ͷσϓϩΠʢඵͰσϓϩΠ😆 ٳΉՋͳ͠😢ʣ
• BundlingΦϓγϣϯͷcommandHooksͰҙίϚϯυϑοΫͳͲ͕Մೳʂ
͜ͷϑΝΠϧ͍ͭͰʹLambdaʹೖΕ͍ͨͱ͔OK
• awsSdkConnectionReuse ͰTCPଓͷ͍ճ͠ΛαΫοͱઃఆ
Slide 38
Slide 38 text
ϞϊϨϙ͔ɺγϯάϧϨϙ͔ 38
͓લΑΓ·্ͩͷੈք͕͋Δʂ
💦
ͳΜʜͩͱʜ
Slide 39
Slide 39 text
ϞϊϨϙ͔ɺγϯάϧϨϙ͔ 39
ϦϙδτϦʢϞϊϨϙʣ
Slide 40
Slide 40 text
ϞϊϨϙ͔ɺγϯάϧϨϙ͔ 40
ϦϙδτϦ ϦϙδτϦ ϦϙδτϦ
Slide 41
Slide 41 text
એ 41
དྷि$%,ࢧ෦ͰΠϕϯτΓ·͢ʂ ਫ
ʙ
https://jawsug-cdk.connpass.com/
Slide 42
Slide 42 text
Ξϯέʔτ͓ئ͍͠·͢ 42
https://forms.gle/Upi2i5PsMTEUyJ6F8
ຬ্ҐͷηογϣϯΛޙϒϩάͰެ։༧ఆʂ
ճͷ͝ڠྗΛΑΖ͓͘͠ئ͍͠·͢ɻ
Slide 43
Slide 43 text
͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ
43