AWS CDKのあるあるお悩みに答えたい

Transcript

1. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   © 2023, Amazon Web Services, Inc. or its affiliates.
   AWS CDKͷ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   ։ൃ࣌ͷҙࢥܾఆΛߴ଎Խ͢ΔͨΊʹ
   ༑Ԭ խࢤ
   Prototyping Engineer
   Amazon Web Services Japan G.K.
   

   View Slide

2. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   ࠓ೔ͷ͓࿩
   AWS CDK (ҎԼCDK) ։ൃʹؔ͢ΔFAQʹରͯ͠ ౴͑ ߟ͑ํͷےಓΛࣔ͢
   Ͱ͖Δ͚ͩCDK։ൃ࣌ʹ೰Ή࣌ؒΛݮΒͤΕ͹޾͍Ͱ͢ʂ
   ର৅ࢹௌऀ: CDK։ൃऀ͸ͲͳͨͰ΋
   (CDK׬શॳ৺ऀͷํ͸ɺগ͠׳Ε͖ͯͨࠒʹݟฦ͢ͷ͕Φεεϝ)
   ୠ͠ॻ͖
   • ίʔσΟϯά্ͷ׳श͸͠͹͠͹ਓʹΑΓҙݟ͕෼͔ΕΔ෦෼Ͱ͢
   • ίϯςΩετͷҧ͍ / ఆྔԽͮ͠Β͍
   • ࠓ೔ͷ಺༰΋౿·͑ͭͭɺݸผͷঢ়گʹԠͨ͡ద੾ͳ൑அΛ͍ͯͩ͘͠͞
   2
   AWS Cloud Development Kit
   (AWS CDK)
   

   View Slide

3. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   ࣗݾ঺հ
   ༑Ԭ խࢤ Prototyping Engineer @AWS Japan
   લ৬
   mBaaS։ൃŋӡ༻ (Rails, Sinatra, Ruby, MySQL)
   ϞόΠϧήʔϜΫϥΠΞϯτ։ൃ (Unity, C#)
   CDKܦݧ
   ্هmBaaSΛAWSҠߦ͢Δࡍʹ࠾༻ (2019/12 - 2020/10)
   ϓϩτλΠϓ։ൃʹར༻ (2020/11 -)
   AWSࣾ಺αʔϏεͷӡ༻։ൃ (2021/7 - 2022/3)
   ࠷ۙ࡞ͬͨ΋ͷ: aws-samples/jenkins-unity-build-on-aws Twitter: @tmokmss
   3
   

   View Slide

4. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   ͓඼ॻ͖
   • ͲͷϓϩάϥϛϯάݴޠΛ࢖͏΂͖ʁ
   • ελοΫ͸ͲͷΑ͏ʹ෼͚Δʁ
   • ελοΫ಺ͷίʔυ͕ࢄΒ͔͖ͬͯͨΜ͚ͩͲ…
   • L1 / L2 / L3ίϯετϥΫτɺͲΕΛ࢖͏΂͖ʁ
   • ؀ڥΛ૿΍͢ํ๏͸ʁ
   • ࣗಈςετͲ͏͢Δʁ
   4
   ؍఺ (FAQͷதͰ΋):
   • ൑அ͕೉͍͠΋ͷ
   • 1 way doorͳܾஅʹͳΔ΋ͷ
   • ஌Βͳ͍ͱଛ͢Δ஌ࣝ
   

   View Slide

5. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   TypeScript
   (JSؚΉ)
   Python
   Java
   .NET
   Go
   2022 CDK community survey
   CDKϢʔβʔͷར༻ݴޠൺ཰ n=122
   5
   Q. ͲͷݴޠΛ࢖͏΂͖͔
   • ಛผͳཧ༝͕ͳ͍ݶΓ͸ TypeScript ͕͓͢͢Ίɻཧ༝:
   1. Ϣʔβʔ਺͕࠷ଟ (ӈਤ) → ৘ใ͕ଟ͍ɺಓ͕੔උ͞Ε͍ͯΔ
   2. ίϯετϥΫτϥΠϒϥϦͷpublish਺͕࠷ଟ (constructs.dev)
   • TypeScriptΛ100%ͱͯ͠ Python: 80% .NET: 56% Java: 53% Go: 12% (2022/10࣌఺)
   • ཧ࿦্͸શݴޠͰ࢖͑Δ(jsii)ͷ͕ͩɺ୯ʹϥΠϒϥϦ࡞ऀ͕publish͍ͯ͠ͳ͍
   3. ֶशίετ͕ൺֱత௿͍ (Ϋηͷͳ͍จ๏ɻCDKΛॻ͘ఔ౓ͳΒ…)
   • ͨͩ͠: CDKͷػೳࣗମ͸ͲͷݴޠͰ΋ࠩͳ͠ (jsii͕ͦΕΛอূ)
   • ։ൃऀʹڧ͍޷Έ͕͋Δ৔߹͸ɺͦͷݴޠΛ࢖͏ͷ͸શવΞϦ (׳ΕͨݴޠΛ࢖͑Δͷ͕CDKͷັྗ)
   • ࢀߟ: TypeScriptͷCDKίʔυ͸ػցతʹଞݴޠ΁ॻ͖׵͑Մೳ Translating from TypeScript
   

   View Slide

6. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   Q. ελοΫ͸Ͳ͏෼͚Δͷ͕ྑ͍ʁ
   • جຊϧʔϧ: ඞཁ͕ͳ͍ͳΒ෼͚ͳ͍
   • ελοΫΛ෼͚Δͱେ఍ͷ৔߹ελοΫؒͷґଘؔ܎͕ੜ͡Δ (ελοΫؒࢀরͳͲ)
   • ελοΫؒࢀর͸։ൃŋӡ༻্͍͔ͭ͘ͷ໘౗ΛҾ͖ى͕ͪ͜͠ (ޙड़)
   • ελοΫΛ෼͚Δඞཁ͕͋Δ৔߹ͷ୅දྫ
   1. CloudFormationͷϋʔυϦϛοτʹ౰ͨΔͱ͖ (Ϧιʔε਺500ͳͲ)
   2. ΞΧ΢ϯτ΍ϦʔδϣϯΛލ͍ͩσϓϩΠ͕ඞཁͳͱ͖
   3. ϦιʔεΛσϓϩΠ͢ΔؒʹCloudFormation֎ͷૢ࡞͕ඞཁͳͱ͖
   • ྫ: όοΫΤϯυͷσϓϩΠ → ϑϩϯτΤϯυͷ؀ڥม਺ (Cognito Pool IDͳͲ) ΛຒΊࠐΜͰϏϧυ → ϑϩϯτΤϯυͷσϓϩΠ
   • ඞཁ͕͋Δ͔Ͳ͏͔Θ͔Βͳ͍ͱ͖ → ෼͚Δ͜ͱͰ۩ମతͳϝϦοτ͕͋Δ͔ߟ͑Δ
   • Ϧιʔεͷॴ༗ऀ͕ҟͳΔ৔߹ͳͲɺ্هͷඞཁੑ͕ͳͯ͘΋෼ׂ͕߹ཧతͳ৔߹΋͋Γ
   6
   νʔϜؒͷಠཱੑΛอͭखஈͱͯ͠ɺ
   App͝ͱ෼͚Δબ୒ࢶ΋͋Δ
   ※
   

   View Slide

7. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   ελοΫΛ෼͚Δ͜ͱͷσϝϦοτ
   1. ελοΫؒࢀরʹΑΓɺ॥؀ґଘ΍σϓϩΠ࣌ͷ޻෉ͳͲ௥Ճͷߟྀ͕ඞཁʹ (ҎԼ͸Ұྫ)
   • ӈਤͷঢ়ଶͰҎԼͷૢ࡞Λ͢ΔͱσϓϩΠ΍synthʹࣦഊ͢Δ
   1. Parent͔ΒChildͷϦιʔεΛࢀর
   (॥؀ґଘ)
   2. ChildStack಺ͷLambda FunctionΛ࡟আ
   (มߋͷڝ߹ɺཧ༝͸࣍ͷεϥΠυ)
   • ճආ͸Մೳ (ޙड़)ɻ։ൃମݧͷѱԽ͕՝୊
   2. σϓϩΠ͕ಷԽ
   • ґଘؔ܎ͷ͋ΔελοΫ͸ಉ࣌ʹσϓϩΠͰ͖ͳ͍ → σϓϩΠͷฒྻ౓੍͕ݶ͞ΕΔ
   3. ద੾ͳ෼͚ํΛઃܭ͢Δͷ͕େม
   7
   ParentStack
   DynamoDB Table
   Stack export: TableName
   ChildStack
   Lambda Function
   (ςʔϒϧ໊Λࢀর)
   Fn:ImportValue
   

   View Slide

8. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   ิ଍: ελοΫͷσϓϩΠʹࣦഊ͢Δ࢓૊Έ
   8
   ParentStack
   DynamoDB Table
   Stack export: TableName
   ChildStack
   Lambda Function
   (ςʔϒϧ໊Λࢀর)
   Fn:ImportValue
   ParentStack
   DynamoDB Table
   Stack export: TableName
   ChildStack
   Lambda Function
   (ςʔϒϧ໊Λࢀর)
   Fn:ImportValue
   લఏ
   ελοΫؒࢀরͷಛ௃:
   • ΤΫεϙʔτ͞ΕͨελοΫग़ྗ஋͕ਖ਼ମ
   • CDK͕ม਺ͷؔ܎ੑΛݟͯࣗಈͰ࡞੒
   • ࢀর͞Ε͍ͯΔग़ྗ஋͸࡟আͰ͖ͳ͍ (ڧ͍ࢀর)
   cdk deploy ͷॱং: Parent → Child
   ৽͍͠ParentStack͸Stack exportΛ࡟আ͠Α͏ͱ͢Δ͕ɺ
   ChildStack͸·ͩݹ͍΋ͷ͕σϓϩΠ͞Εͨ··
   ͭ·ΓTableName͸·ͩࢀর͞Ε͍ͯΔͷͰɺStack exportͷ࡟আʹࣦഊ͢Δ
   Lambdaؔ਺Λ࡟আͯ͠σϓϩΠΛࢼΈΔ
   σϓϩΠʹࣦഊʂ
   

   View Slide

9. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
   © 2023, Amazon Web Services, Inc. or its affiliates.
   Twitter: #jawsug_cdk
   αʔϏεछผʹΑΔ෼͚ํ ػೳʹΑΔ෼͚ํ
   • Ұͭͷࢦඪ: ελοΫؒࢀরΛͰ͖Δ͚ͩগͳ͘͢Δ
   • ϦιʔεؒͷґଘΛελοΫ಺Ͱ׬݁ͤ͞Δ
   • ֤ελοΫΛͰ͖Δ͚ͩಠཱͤ͞ΔΠϝʔδ
   ServiceB stack
   ServiceA stack
   Persistance stack
   Network stack
   Stateless stack
   ͦΕͰ΋ελοΫΛ෼͚͍ͨͱ͖͸
   ServiceA ServiceB
   Network
   Persistent
   Stateless
   1
   3
   1 (ελοΫؒࢀর਺)
   ※ ڽू౓ͷ࿩ʹ΋ؔ࿈
   ˙ ͸࿦ཧతڽूɺ˙ ͸ػೳతڽूʹ͍͔ۙ
   ελοΫؒࢀরͳ͠
   9
   

   View Slide

10. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ϚϧνελοΫ։ൃ࣌ͷTips – มߋͷڝ߹Λղফ͢Δ
    • -e, --exclusivelyϑϥάͰґଘؔ܎Λແࢹͯ͠σϓϩΠ͢Δ ࢀর
    • Stack.exportValueϝιουͰ໌ࣔతʹStack exportΛ࡞੒͢Δ
    • ελοΫؒࢀরΛ࢖Θͣʹ஋ΛελοΫؒͰड͚౉͢
    • SSMύϥϝʔλΛܦ༝͢Δɺ໋໊نଇʹԊͬͨ஋Λϋʔυίʔυ͢ΔͳͲ ↓
    • 2ஈ֊ʹ෼͚ͯσϓϩΠ͢Δ (࣍ͷϖʔδ)
    10
    ChildStackͷΈΛઌʹσϓϩΠ͢Ε͹ɺ
    Stack export͸ෆཁʹͳΓɺมߋ͸ڝ߹͠ͳ͍
    ChildStack͕ݩʑඞཁͱͨ͠஋Λ໌ࣔతʹexport
    Stack export͕อ࣋͞Εɺมߋ͸ڝ߹͠ͳ͍
    exclusive deploy
    CDKͰελοΫؒͷύϥϝʔλʔΛड͚౉͢5ͭͷํ๏ͱ
    έʔεผͷ࠷దղʹ͍ͭͯߟ͑ͯΈͨ
    

    View Slide

11. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    2ஈ֊σϓϩΠͷྫ
    ParentStack ChildStack
    DynamoDB
    Table v1
    Lambdaؔ਺
    TableNameΛࢀর
    ParentStack ChildStack
    DynamoDB
    Table v2
    Lambdaؔ਺
    TableNameΛࢀর
    DynamoDB
    Table v1
    11
    ParentStack ChildStack
    DynamoDB
    Table v2
    Lambdaؔ਺
    ͜ͷExport͸·ͩ࡟আͰ͖ͳ͍
    exportValueͰ໌ࣔతʹ࢒͢
    TableNameΛࢀর
    Deploy#1
    Deploy#2
    ॳظঢ়ଶ
    தؒঢ়ଶ
    ࠷ऴঢ়ଶ
    Deploy#2
    Ͱ࡟আ
    

    View Slide

12. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ϚϧνελοΫ։ൃ࣌ͷTips – ॥؀ґଘΛղফ͢Δ
    ελοΫͷ॥؀ґଘ: 2ͭͷελοΫ͕ޓ͍ͷStack exportΛࢀর͋͠͏ঢ়ଶ
    ParentStack ChildStack
    Security
    group
    Security
    group
    VPC Lambda
    Subnet IDΛࢀর
    Ingress rule
    Security group IDΛࢀর
    Ingress rule
    Error: 'Stack2' depends on 'Stack1' ({Stack2/Handler/ServiceRole/Resource}.addDependency({Stack1/Vpc/IsolatedSubnet1/RouteTableAssociation}),…
    ). Adding this dependency (Stack1 -> Stack2/Handler/SecurityGroup/Resource.GroupId) would create a cyclic reference.
    12
    ґଘؔ܎ͷํ޲Λҙ࣮ࣝͨ͠૷Ͱճආ
    ྫ: ͜ͷґଘ͸NG
    ґଘ͸ยํ޲ͷΈڐ͞ΕΔ
    ※ ্هͰ͸ճආͰ͖ͳ͍͜ͱ΋ɻGitHubͰIssueΛ୳͢ɾཱͯΔͷ΋खɻ
    

    View Slide

13. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ϚϧνελοΫ։ൃ࣌ͷTips – ॥؀ґଘΛղফ͢Δ
    ελοΫͷ॥؀ґଘ: 2ͭͷελοΫ͕ޓ͍ͷStack exportΛࢀর͋͠͏ঢ়ଶ
    ParentStack ChildStack
    Security
    group
    Security
    group
    VPC Lambda
    Subnet IDΛࢀর
    Ingress rule
    Security group IDΛࢀর
    Ingress rule
    Error: 'Stack2' depends on 'Stack1' ({Stack2/Handler/ServiceRole/Resource}.addDependency({Stack1/Vpc/IsolatedSubnet1/RouteTableAssociation}),…
    ). Adding this dependency (Stack1 -> Stack2/Handler/SecurityGroup/Resource.GroupId) would create a cyclic reference.
    13
    ґଘؔ܎ͷํ޲Λҙ࣮ࣝͨ͠૷Ͱճආ
    ྫ: ͜ͷґଘ͸NG
    ґଘ͸ยํ޲ͷΈڐ͞ΕΔ
    ΠςϨʔςΟϒͳ։ൃͰ͸
    ͋·Γߟ͑ͨ͘ͳ͍൥Θ͠͞
    ͤΊͯ։ൃ؀ڥͰ͸γϯάϧελοΫʹ
    อͬͯ͸͍͔͕ʁ
    ※ ্هͰ͸ճආͰ͖ͳ͍͜ͱ΋ɻGitHubͰIssueΛ୳͢ɾཱͯΔͷ΋खɻ
    

    View Slide

14. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    Q. Stackͷίʔυ͕ࢄΒ͔͖ͬͯͨ
    • ϦιʔεΛϑϥοτʹϕλॻ͖͢Δͱɺೝ஌ෛՙ͕ߴ·Δ
    • Ϧιʔεͷґଘؔ܎͕Θ͔ΓͮΒ͔ͬͨΓɺεΫϩʔϧྔ͕૿͑ͨΓ
    • OOPʹ͓͚ΔΫϥεઃܭͷॏཁੑʹ΋ྨࣅ
    • ந৅ → ۩ମ ͷॱΛ෼͔Γ΍͍͢ͱײ͡Δਓ͸ଟ͍ (Օ৚ॻ͖ͱಉ͡)
    • ίϯετϥΫτΛ࢖ͬͯߏ଄Խ͢Δͷ͕͓͢͢Ί
    ü Ϧιʔεͷू߹Λҙຯͷ͋Δ୯ҐͰ·ͱΊΔ
    ü ϞδϡʔϧԽͷར఺Λڗड (࠶ར༻ੑɺந৅ԽͳͲ)
    ü ID (ୈ2Ҿ਺) ͷָ໋໊͕ʹ (ҰҙੑΛอͭείʔϓ͕ڱ·ΔͨΊ)
    14
    ೝূ
    Storage
    Lambda
    API
    ID
    

    View Slide

15. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ೝূ
    Storage
    Lambda
    API
    ίϯετϥΫτͰίʔυΛߏ଄Խ͢Δ
    15
    ↑ίϨ͘Β͍ͷཻ౓Ͱ·ͱ·͍ͬͯΔͱύοτݟͰߏ଄͕Θ͔Γ΍͍͢
    ͋ΔҙຯͰෳࡶ͞͸૿͢ͷͰɺํ਑͸νʔϜͰٞ࿦͢Δͱ 🙆
    vs
    ίʔυྫ
    

    View Slide

16. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    CloudFormationίϯιʔϧͷTree View΋ݟ΍͘͢
    16
    ࢿྉ
    

    View Slide

17. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    খωλ: ແ໊ίϯετϥΫτ (ͱɺݺΜͰΈΔ)
    • ίϯετϥΫτπϦʔͷ֓೦Λཧղ͢ΔͱḿΔ
    • ϑΝΠϧγεςϜͷσΟϨΫτϦπϦʔͰྨਪ͢Δͱָ
    • είʔϓ(ୈ1Ҿ਺)=਌σΟϨΫτϦ, ID(ୈ2Ҿ਺)=σΟϨΫτϦ໊
    • ͋ΔσΟϨΫτϦ(είʔϓ)ͷதʹಉ໊͡લ(ID)͸ଘࡏͰ͖ͳ͍
    • είʔϓ͸ඞͣ͠΋ this Ͱ͋Δඞཁ͸ͳ͍
    • ۭͷίϯετϥΫτΛͦͷ৔Ͱ࡞੒͠ɺ
    ଞͷίϯετϥΫτ͸ͦΕΛ਌ʹͰ͖Δ
    • ແ໊Ϋϥε΍ແ໊ؔ਺ʹྨࣅͯ͠·ͤΜʁ
    • Ϋϥεఆٛ͢Δ΄ͲͰ͸ͳ͍Μ͚ͩͲɺɺ
    ͱ͍͏ঢ়گʹ͸ศརʹ࢖͑Δ͔
    17
    Pro tip: ϒϥέοτ{} Ͱม਺ͷείʔϓ΋੍ޚՄೳ
    είʔϓ͕ҧ͏ͷͰಉ͡IDΛ࢖͑Δ
    ۭͷίϯετϥΫτ
    είʔϓͷࢦఆ
    

    View Slide

18. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ίϯετϥΫτΛ࡞Δͱ͖ͷTips
    ࢀর: AWS CDK Tips: ίϯετϥΫτͰߏ଄Խ͠Α͏
    1. ίϯετϥΫτͷ෼͚ํ
    • ελοΫͷ෼͚ํ΄ͲηϯγςΟϒͳ࿩୊Ͱ͸ͳ͍ (Լखʹ෼͚ͯ΋σϝϦοτ͕࿐ఄͮ͠Β͍)
    • ͨͩ͠εςʔτϑϧͳϦιʔε͸ޙ͔ΒϦϑΝΫλͮ͠Β͍ͷͰɺ৻ॏʹ
    • ਓ͕෼͔Γ΍͍͢୯ҐͰ·ͱΊΕ͹Ұ୴े෼ (จষ΍ΞʔΩਤॻ͘ͱ͖ͳͲ΋ࣗવͱҙࣝͯ͠Δ͸ͣ)
    2. ID=‘Default’ ʹΑΓ Logical IDΛ୹ॖ͢Δ Shorter AWS CDK Logical IDs
    • CFnʹΑΔࣗಈ໋໊ΛΘ͔Γ΍͘͢อͭͨΊ
    • ϦϑΝΫλͷͱ͖΋LogicalIDͷมߋΛ๷͙ͨΊʹ໾ཱͬͨΓ
    3. IDͷ໋໊͸PascalCase͕͓͢͢Ί Construct ID͸ύεΧϧέʔεͰ໋໊͢Δͷ͕ྑ͍
    • CFnʹΑΔࣗಈ໋໊ΛΘ͔Γ΍͘͢อͭͨΊ
    18
    ID
    

    View Slide

19. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    Q. L1 / L2 / L3 ίϯετϥΫτ ͲΕΛ࢖͏ʁ
    • ந৅౓ʹΑΓίϯετϥΫτ͸L1~L3ʹେผ͞ΕΔ (ӈਤ)
    • جຊతʹ͸L2+Λੵۃతʹ࢖͏΄͏͕CDKͷར఺Λڗड͠΍͍͢
    • grantXxx, allowFromͳͲʹΑΔந৅Խ΋ڧྗ
    • ந৅ԽʹΑͬͯॊೈੑΛࣦΘͳ͍ͨΊʹ
    1. ࣗ૊৫ͰίϯετϥΫτΛ࡞੒ɾ؅ཧ͢Δ
    • ࣗ༝ʹमਖ਼Մೳͳͷ͕ڧΈɻεχϖοτͱͯ͠࢖͍ճ͢΋͋Γ
    2. ެࣜɾαʔυύʔςΟͷίϯετϥΫτ͸…
    • ϑΥʔΫ͢Δ or ίϯτϦϏϡʔτ (Pull RequestΛૹΔ)
    • ޙऀ͸ΤίγεςϜͷڧԽͱ͍͏ҙຯͰ͸ཧ૝త (࣌ʹେม)
    3. Escape hatch ʹΑΔΦʔόʔϥΠυ (࠷ޙʹͯ͠࠷ڧͷํ๏)
    • ࣍ͷεϥΠυͰৄ͘͠঺հ 19
    ந৅౓௿
    ॊೈੑ
    ந৅౓ߴ
    ੜ࢈ੑ
    L1 L2 L3
    

    View Slide

20. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    L2 / L3ίϯετϥΫτͰॊೈੑΛऔΓ໭͢ - Escape hatchฤ
    • ·ΕʹΑ͘ඞཁͳΠϯλʔϑΣʔεΛL2+Ͱ͸ར༻Ͱ͖ͳ͍৔߹͕͋Δ
    • ͜ͷ఺Λཧ༝ʹCFnͷ΄͏͕CDKΑΓྑ͍ͱݴΘΕΔ͜ͱ΋͋Δ͕ɺඞͣ͠΋ͦ͏Ͱ͸ͳ͍
    • Escape hatchΛ࢖͑͹ɺL1ͱಉϨϕϧʹॊೈͳૢ࡞͕Մೳ
    20
    ྫ: Lambda RoleͷPolicy໊Λมߋ͢Δ
    Escape hatchͰL1 constructΛ௚઀৮ΔCDKίʔυ
    MetadataΛݟΕ͹Ϧιʔεͷύε͕෼͔Δ
    ߹੒ޙͷCloudFormationςϯϓϨʔτ
    ύεʹԊͬͯίϯετϥΫτπϦʔΛ۷Δ
    ৄࡉ: Abstractions and escape hatches
    ೚ҙͷϓϩύςΟΛΦʔόʔϥΠυͰ͖ΔΠϯλʔϑΣʔε
    

    View Slide

21. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    Q. ෳ਺؀ڥ޲͚ʹςϯϓϨʔτͷఆٛΛ͢Δʹ͸ʁ
    Dev/Staging/ProdͳͲෳ਺ͷ؀ڥΛͲ͏͏·͘ఆٛ͢Δ͔ʁ
    ࠷௿ݶɺҎԼΛͲ͏͢Δ͔ߟ͍͑ͨ:
    1. ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏
    • ྫ: Auroraʹ͍ͭͯɺDev؀ڥ͸ t3ΠϯελϯεɾProd؀ڥ͸m6gΠϯελϯεΛ࢖͏
    2. ؀ڥ͝ͱʹελοΫఆٛΛग़͠෼͚Δํ๏
    • ҰͭͷCDKίʔυ͔Βෳ਺ͷ؀ڥ༻ελοΫΛsynth͍ͨ͠
    • ྫ: Dev؀ڥ༻ɺProd؀ڥ༻ͷελοΫΛͲ͏ఆٛ͢Δ͔
    21
    

    View Slide

22. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏
    • ύϥϝʔλΛ؅ཧ͢Δ৔ॴΛܾΊΔ
    • ӈ͸୅දྫ5ͭ (ଞʹ΋ແݶʹߟ͑ΒΕΔ)
    • ࣍ϖʔδʹৄ͍͠ൺֱදΛهࡌ
    • ಡΈࠐΜͩύϥϝʔλΛελοΫ΍
    ίϯετϥΫτͷPropsʹ౉͢૝ఆ
    22
    

    View Slide

23. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏ - ൺֱද
    23
    (ॱෆಉ) ֓ཁ Pros Cons
    1.
    Context variable
    cdk.json΍ –c ΦϓγϣϯͰ
    ࢦఆ
    cdk deploy –c env=dev
    CDKඪ४ؔ਺ (tryGetContext) Ͱ஋
    ΛऔಘͰ͖Δ͜ͱͷެࣜײ
    JSONʹΑΔinteroperabilityͷߴ͞
    (ଞπʔϧͰJSONΛੜ੒ͨ͠ΓͳͲ)
    ஋ͷValidationʹҰ޻෉ඞཁ (JSON
    SchemaͳͲ)
    JSONͷදݱྗʹറΒΕΔ (CDKͷܕ
    DurationͳͲ͸࢖͑ͳ͍)
    2. ؀ڥม਺ CDKίϚϯυ࣮ߦ࣌ʹ؀ڥ
    ม਺Λࢦఆ
    ENV=dev cdk deploy
    CDKҎ֎ͷք۾Ͱ΋ඪ४తͳํ๏
    CIπʔϧͷઃఆͰ্ॻ͖Ͱ͖ΔͳͲ
    Ԡ༻ํ๏͸ଟ͍͔΋
    ؀ڥม਺͸จࣈྻܕͷΈ
    ؀ڥม਺Λ؅ཧ͢Δ৔ॴΛߟ͑Δ
    ඞཁ͋Γ
    3. ֤ݴޠͷ
    ΦϒδΣΫτ
    CDKͷݴޠͰύϥϝʔλΛ
    ϋʔυίʔυ͢Δ
    (e.g. TypeScriptͷobject)
    จࣈྻŋ਺ࣈҎ֎ͷܕ͕࢖͑Δ
    (Duration΍ec2.InstanceTypeͳͲ)
    खܰʹܕ҆શ
    ݴޠ͕ݻఆ͞ΕΔɺಈతͳੜ੒ʹෆ
    ޲͖ͳͲinteroperability͕ඞཁͳঢ়
    گͰ͸೉͍͕͠ɺك
    4. Secrets Manager
    ParameterStore
    CDK֎ͰύϥϝʔλΛ࡞੒
    deploy࣌ʹCFn͕஋Λಡࠐ
    ൿಗ৘ใ(API keyͳͲ)ΛCDKίʔυ
    ΍CFnςϯϓϨʔτ͔ΒӅṭͰ͖Δ
    ύϥϝʔλͷॳظԽʹ௥Ճखॱඞཁ
    ύϥϝʔλͷARNͷ؅ཧ΋ඞཁ
    5. CfnParameter CloudFormationͷ
    ParameterػೳΛ࢖͏
    synthޙʹσϓϩΠ಺༰ΛมߋՄೳ
    ߹੒ͨ͠CFnςϯϓϨʔτΛ഑෍͠
    ͍ͨ৔߹ʹ͸༗ޮ
    CFnΛҙࣝ͢Δඞཁ͕͋ΓɺૉͷCDK
    ΑΓॻ͖ʹ͍͘
    ಛघͳঢ়گΛআ͍ͯϝϦοτ͸ബ͍
    ݸਓతͳ࢖͍෼͚: σϑΥϧτ͸3ɺඞཁʹԠͯ͡2/4/5
    

    View Slide

24. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    Q. ෳ਺؀ڥ޲͚ʹςϯϓϨʔτͷఆٛΛ͢Δʹ͸ʁ
    Dev/Staging/ProdͳͲෳ਺ͷ؀ڥΛͲ͏͏·͘ఆٛ͢Δ͔ʁ
    ࠷௿ݶɺҎԼΛͲ͏͢Δ͔ߟ͍͑ͨ:
    1. ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏
    • ྫ: Auroraʹ͍ͭͯɺDev؀ڥ͸ t3ΠϯελϯεɾProd؀ڥ͸m6gΠϯελϯεΛ࢖͏
    2. ؀ڥ͝ͱʹελοΫఆٛΛग़͠෼͚Δํ๏
    • ҰͭͷCDKίʔυ͔Βෳ਺ͷ؀ڥ༻ελοΫΛsynth͍ͨ͠
    • ྫ: Dev؀ڥ༻ɺProd؀ڥ༻ͷελοΫΛͲ͏ఆٛ͢Δ͔
    24
    

    View Slide

25. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ؀ڥ͝ͱʹελοΫఆٛΛग़͠෼͚Δํ๏
    ελοΫఆٛํ๏ͷ୅දྫ (௨ৗ bin/xxx.ts ʹॻ͘ΞϨ)
    • Dynamicύλʔϯ
    • 1ͭͷελοΫఆٛΛ࢖͍ճ͢ StackͷID͸֎෦͔Β஫ೖ
    • Staticύλʔϯ1
    • ؀ڥͷ਺͚ͩελοΫΛϋʔυίʔυ͢Δ
    • DynamicΑΓApp಺ͷελοΫߏ੒͕෼͔Γ΍͍͢
    • Staticύλʔϯ2
    • ελοΫͷΫϥεఆٛࣗମΛ؀ڥ͝ͱʹ࢖͍෼͚Δ
    • ؀ڥ͝ͱʹϦιʔεͷߏ੒ŋελοΫ෼ׂΛม͍͑ͨ࣌ͳͲʹ༗ޮ
    • ؀ڥͷҰக౓͕௿Լ͢ΔϦεΫ͋Γ
    25
    ※ Staticύλʔϯ͸synthͷ͕࣌ؒ௕͘ͳΓ͕ͪɻ
    ؀ڥม਺౳Ͱ৚݅෼ذ͠ɺෆཁͳnew Stack()Λ
    ඈ͹͢ͳͲͰճආ͸Մೳɻ
    ※ CDK PipelinesΛ࢖͏৔߹͸ɺ
    εςʔδͱ͍͏֓೦Ͱ͞Βʹϥοϓ͞ΕΔ
    

    View Slide

26. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    Q. ࣗಈςετ͸Ͳ͏͢Δʁ࠷௿ݶ͸…
    • ඞਢ: εφοϓγϣοτςετ (synthޙͷCFnςϯϓϨʔτΛൺֱ͢Δςετ)
    • CDKͷόʔδϣϯΞοϓ࣌ͳͲʹɺҙਤ͠ͳ͍มߋ͕ੜ͍ͯ͡ͳ͍͜ͱΛݕূ͢ΔͨΊ
    • ࣮૷΋ۃΊͯ؆୯ (※ ݴޠ͝ͱͷςετϥΠϒϥϦΛ׆༻) ࣮૷ྫ: Testing constructs – Snapshot test
    • ೚ҙ: ΠϯςάϨʔγϣϯςετ (࣮ࡍʹAWS؀ڥʹσϓϩΠ͢Δςετ)
    • ΧελϜϦιʔεͷ࣮૷΍CloudFormationଆͷόϦσʔγϣϯΛݕূ͢ΔͨΊ
    • ςετ༻AWS؀ڥΛ༻ҙͯ͠౎౓σϓϩΠ͢Δͷ͕खܰͳखஈ (dev؀ڥΛ࢖͏ͳͲ)
    • Integ-runner ΍ integ-tests ͱ͍ͬͨϥΠϒϥϦ΋ఏڙ͞Ε͍ͯΔ (·ͩalpha)
    • ೚ҙ: Fine-grained assertions (ςϯϓϨʔτʹର͢Δࡉ΍͔ͳݕূ)
    • ࣗࣾϙϦγʔ΁ͷίϯϓϥΠΞϯεΛݕূ͢ΔͳͲ cdk-nagͳͲͰҰൠతͳ੬ऑੑݕࠪ͸Մೳ
    26
    ※ pdk-nag: ϓϩτλΠϐϯά޲͚ͷɺΑΓ؇͍ϧʔϧηοτ
    

    View Slide

27. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    CDK։ൃαΠΫϧͷҰྫ
    ݸਓతʹΑ͋͘ΔCDK։ൃͷྲྀΕΛࢀߟ·Ͱʹ (non-TDD):
    • ࣮૷ → σϓϩΠ → ಈ࡞֬ೝ͕جຊαΠΫϧ
    • σϓϩΠͯ͠खಈͷݕূΛ͢Δεςοϓ͸Ͳ͏ͯ͠΋ඞཁ
    • ͢΂ͯ֬ೝͰ͖ͨΒɺεφοϓγϣοτΛ࡞Δ
    • Ҏޙ͸εφοϓγϣοτͱͷࠩ෼ΛϨϏϡʔ͢Ε͹มԽΛ௥͑Δ
    • ςετࣗಈԽͷॏཁੑ͸IaCͷมߋස౓ʹԠͯ͡΋มΘΔ
    • ҆ఆޙ΋εφοϓγϣοτͷࠩ෼ϨϏϡʔ͕ͭΒ͍Ϩϕϧͩͱɺ
    ͦͷଞͷςετΛࣗಈԽ͢ΔΞϓϩʔν΋߹ཧతʹͳΔ͔
    27
    CDK࣮૷
    σϓϩΠ
    ಈ࡞֬ೝ
    εφοϓγϣοτ࡞੒
    ϝϯςφϯε
    ͋Δػೳ։ൃͷϥΠϑαΠΫϧ
    

    View Slide

28. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    Key Takeaways
    • AWS CDK։ൃʹ൐͏ҙࢥܾఆͷϙΠϯτɺFAQ΁ͷߟ͑ํΛ·ͱΊ·ͨ͠
    • ͦΕͧΕͷPros/ConsΛߟ্͑ͨͰదٓ࠷దͳํ๏Λߟ͑Δ͜ͱ͕͓͢͢Ί
    • ͨͩ͠ɺ೰Έଓ͚ͯ։ൃ͕ࢭ·Δ͘Β͍ͳΒɺͱΓ͋͑ͣࢼ͠ͳ͕Βߟ͑Δํ͕ྑ͍Ͱ͢Ͷʂ
    • IaC࢖Θ(͑)ͳ͍ <<< (ӽ͑ΒΕͳ͍น) <<< CDK࢖͑Δ < CDK͏·͘࢖͑Δ
    • جຊͷߟ͑ํ: ඞཁͷͳ͍ݶΓෳࡶԽ͸͠ͳ͍
    • ίϨΛҙࣝ͢Δͱଟ͘ͷ৔߹ແବͷͳ͍ίʔυʹͳΔ͸ͣʂ
    ຅ωλ
    • CDKίʔυΛϦϑΝΫλ͍ͨ͠
    • طଘͷϦιʔεΛCDK؅ཧԼʹऔΓࠐΉ
    • σΟϨΫτϦߏ੒ɺetc…
    28
    ࠓޙ AWS Black BeltγϦʔζ ͰΧόʔ͞ΕΔ༧ఆͰ͢ʂ
    

    View Slide

29. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ܦݧஊ΋ฉ͖͍ͨ
    AWS Dev Day 2023ͰBLEAνʔϜ͔Βൃද༧ఆ
    օ༷ͷAWS CDKܦݧஊɾۤ࿑࿩΋ͥͻ͝ڞ༗͍ͩ͘͞ʂ
    29
    

    View Slide

30. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    ࢀߟࢿྉ
    • Best practices for developing and deploying cloud infrastructure with the AWS CDK
    • CDKʹؔ͢ΔϕετϓϥΫςΟεͷݪయɻ
    • JAWS CDKࢧ෦ͷΠϕϯτ࿥ը
    • ࠃ಺։ൃऀͷ஌ݟڞ༗ͷ৔ɻ೔ຊͷCDKίϛϡχςΟ͸ੈքతʹݟͯ΋׆ൃʂ
    • cdk.dev
    • άϩʔόϧͷCDKίϛϡχςΟSlackɻͪ͜Β΋׆ൃͰɺ೔໷࣭໰΍ٞ࿦͕ඈͼަ͍ͬͯ·͢
    • Twitter CDK JP Community
    • ίϛϡχςΟࢀՃऀΛϑΥϩʔ͢Δͱ͍Ζ͍Ζͳҙݟ͕࢕͑·͢ɻ։ൃऀͷϒϩά͸ಛʹࢀߟʹͳΔʂ
    • The CDK Book
    • CDKʹؔ͢Δ஌͕ࣝ໢ཏతʹ·ͱ·ͬͨॻ੶ɻCDKϚχΞͳΒങͬͯ΋ଛ͸ͳ͍͸ͣ
    30
    

    View Slide

31. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ
    © 2023, Amazon Web Services, Inc. or its affiliates.
    Twitter: #jawsug_cdk
    Thank you!
    © 2022, Amazon Web Services, Inc. or its affiliates.
    Masashi Tomooka
    [email protected]
    tmokmss
    

    View Slide