Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS CDKのあるあるお悩みに答えたい

Masashi Tomooka
May 20, 2023
Programming
23
9.2k

AWS CDKのあるあるお悩みに答えたい

AWS CDKを開発する時、開発者は様々な意思決定に直面するでしょう。例えばどの言語を使うか、スタックの分け方、テスト方法、複数環境の定義方法などはその一例です。この発表ではそれらについて取りうる選択肢をメリット・デメリットとともに紹介し、各プロジェクトで最適な意思決定をするための考え方を整理することを目指します。

AWS CDK Conference Japan 2023で発表しました。https://jawsug-cdk.connpass.com/event/278205/

Masashi Tomooka

May 20, 2023
Tweet

More Decks by Masashi Tomooka

See All by Masashi Tomooka
AWS Lambda Web Adapterを活用する新しいサーバーレスの実装パターン
tmokmss
14
9.7k
LLMアプリ開発プラットフォームDifyをAWSで可能な限りマネージド化したかった
tmokmss
11
8.8k
今こそ始める、CDKコンストラクトライブラリ開発 ― 入門から実践まで
tmokmss
5
1.9k
Deploy web frontend apps with AWS CDK
tmokmss
1
1.2k

Other Decks in Programming

See All in Programming
DevNexus - Create AI Infused Java Apps with LangChain4j
kdubois
0
140
CSS Linter による Baseline サポートの仕組み
ryo_manba
1
160
ナレッジイネイブリングにAIを活用してみる ゆるSRE勉強会 #9
nealle
0
170
Visual StudioのGitHub Copilotでいろいろやってみる
tomokusaba
1
230
Lambdaの監視、できてますか?Datadogを用いてLambdaを見守ろう
nealle
2
820
読まないコードリーディング術
hisaju
1
140
AIプログラミング雑キャッチアップ
yuheinakasaka
20
5.3k
dbt Pythonモデルで実現するSnowflake活用術
trsnium
0
270
コミュニティ駆動 AWS CDK ライブラリ「Open Constructs Library」 / community-cdk-library
gotok365
2
260
CloudNativePGを布教したい
nnaka2992
0
120
Modern Angular with Signals and Signal Store New Rules for Your Architecture @bastacon 2025 in Frankfurt
manfredsteyer
PRO
0
110
Kotlinの開発でも AIをいい感じに使いたい / Making the Most of AI in Kotlin Development
kohii00
5
2k

Featured

See All Featured
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
120k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
193
16k
Why You Should Never Use an ORM
jnunemaker
PRO
55
9.2k
Measuring & Analyzing Core Web Vitals
bluesmoon
6
260
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
49
2.3k
Building an army of robots
kneath
303
45k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
129
19k
Designing on Purpose - Digital PM Summit 2013
jponch
117
7.1k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Statistics for Hackers
jakevdp
797
220k
Building Applications with DynamoDB
mza
93
6.2k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
59k

Transcript

  1. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk © 2023, Amazon Web Services, Inc. or its affiliates. AWS CDKͷ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ ։ൃ࣌ͷҙࢥܾఆΛߴ଎Խ͢ΔͨΊʹ ༑Ԭ խࢤ Prototyping Engineer Amazon Web Services Japan G.K.

  2. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ࠓ೔ͷ͓࿩ AWS CDK (ҎԼCDK) ։ൃʹؔ͢ΔFAQʹରͯ͠ ౴͑ ߟ͑ํͷےಓΛࣔ͢ Ͱ͖Δ͚ͩCDK։ൃ࣌ʹ೰Ή࣌ؒΛݮΒͤΕ͹޾͍Ͱ͢ʂ ର৅ࢹௌऀ: CDK։ൃऀ͸ͲͳͨͰ΋ (CDK׬શॳ৺ऀͷํ͸ɺগ͠׳Ε͖ͯͨࠒʹݟฦ͢ͷ͕Φεεϝ) ୠ͠ॻ͖ • ίʔσΟϯά্ͷ׳श͸͠͹͠͹ਓʹΑΓҙݟ͕෼͔ΕΔ෦෼Ͱ͢ • ίϯςΩετͷҧ͍ / ఆྔԽͮ͠Β͍ • ࠓ೔ͷ಺༰΋౿·͑ͭͭɺݸผͷঢ়گʹԠͨ͡ద੾ͳ൑அΛ͍ͯͩ͘͠͞ 2 ຊ೔ͷࢿྉ

  3. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ࣗݾ঺հ ༑Ԭ խࢤ Prototyping Engineer @AWS Japan લ৬ mBaaS։ൃŋӡ༻ (Rails, Sinatra, Ruby, MySQL) ϞόΠϧήʔϜΫϥΠΞϯτ։ൃ (Unity, C#) CDKܦݧ ্هmBaaSΛAWSҠߦ͢Δࡍʹ࠾༻ (2019/12 - 2020/10) ϓϩτλΠϓ։ൃʹར༻ (2020/11 -) AWSࣾ಺αʔϏεͷӡ༻։ൃ (2021/7 - 2022/3) ࠷ۙ࡞ͬͨ΋ͷ: aws-samples/jenkins-unity-build-on-aws Twitter: @tmokmss 3

  4. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ͓඼ॻ͖ • ͲͷϓϩάϥϛϯάݴޠΛ࢖͏΂͖ʁ • ελοΫ͸ͲͷΑ͏ʹ෼͚Δʁ • ελοΫ಺ͷίʔυ͕ࢄΒ͔͖ͬͯͨΜ͚ͩͲ… • L1 / L2 / L3ίϯετϥΫτɺͲΕΛ࢖͏΂͖ʁ • ؀ڥΛ૿΍͢ํ๏͸ʁ • ࣗಈςετͲ͏͢Δʁ 4 ؍఺ (FAQͷதͰ΋): OR৚݅ • ൑அ͕೉͍͠΋ͷ • 1 way doorͳܾஅʹͳΔ΋ͷ • ஌Βͳ͍ͱଛ͢Δ஌ࣝ

  5. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk TypeScript (JSؚΉ) Python Java .NET Go 2022 CDK community survey CDKϢʔβʔͷར༻ݴޠൺ཰ n=122 5 Q. ͲͷݴޠΛ࢖͏΂͖͔ • ಛผͳཧ༝͕ͳ͍ݶΓ͸ TypeScript ͕͓͢͢Ίɻཧ༝: 1. Ϣʔβʔ਺͕࠷ଟ (ӈਤ) → ৘ใ͕ଟ͍ɺಓ͕੔උ͞Ε͍ͯΔ 2. ίϯετϥΫτϥΠϒϥϦͷpublish਺͕࠷ଟ (constructs.dev) • TypeScriptΛ100%ͱͯ͠ Python: 80% .NET: 56% Java: 53% Go: 12% (2022/10࣌఺) • ཧ࿦্͸શݴޠͰ࢖͑Δ(jsii)ͷ͕ͩɺ୯ʹϥΠϒϥϦ࡞ऀ͕publish͍ͯ͠ͳ͍ 3. ֶशίετ͕ൺֱత௿͍ (Ϋηͷͳ͍จ๏ɻCDKΛॻ͘ఔ౓ͳΒ…) • ͨͩ͠: CDKͷػೳࣗମ͸ͲͷݴޠͰ΋ࠩͳ͠ (jsii͕ͦΕΛอূ) • ։ൃऀʹڧ͍޷Έ͕͋Δ৔߹͸ɺͦͷݴޠΛ࢖͏ͷ͸શવΞϦ (׳ΕͨݴޠΛ࢖͑Δͷ͕CDKͷັྗ) • ࢀߟ: TypeScriptͷCDKίʔυ͸ػցతʹଞݴޠ΁ॻ͖׵͑Մೳ Translating from TypeScript • ࣗಈ຋༁: AWS CDK Translator

  6. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk Q. ελοΫ͸Ͳ͏෼͚Δͷ͕ྑ͍ʁ • جຊϧʔϧ: ඞཁ͕ͳ͍ͳΒ෼͚ͳ͍ • ελοΫΛ෼͚Δͱେ఍ͷ৔߹ελοΫؒͷґଘؔ܎͕ੜ͡Δ (ελοΫؒࢀরͳͲ) • ελοΫؒࢀর͸։ൃŋӡ༻্͍͔ͭ͘ͷ໘౗ΛҾ͖ى͕ͪ͜͠ (ޙड़) • ελοΫΛ෼͚Δඞཁ͕͋Δ৔߹ͷ୅දྫ 1. CloudFormationͷϋʔυϦϛοτʹ౰ͨΔͱ͖ (Ϧιʔε਺500ͳͲ) 2. ΞΧ΢ϯτ΍ϦʔδϣϯΛލ͍ͩσϓϩΠ͕ඞཁͳͱ͖ 3. ϦιʔεΛσϓϩΠ͢ΔؒʹCloudFormation֎ͷૢ࡞͕ඞཁͳͱ͖ • ྫ: όοΫΤϯυͷσϓϩΠ → ϑϩϯτΤϯυͷ؀ڥม਺ (Cognito Pool IDͳͲ) ΛຒΊࠐΜͰϏϧυ → ϑϩϯτΤϯυͷσϓϩΠ • ඞཁ͕͋Δ͔Ͳ͏͔Θ͔Βͳ͍ͱ͖ → ෼͚Δ͜ͱͰ۩ମతͳϝϦοτ͕͋Δ͔ߟ͑Δ • Ϧιʔεͷॴ༗ऀ͕ҟͳΔ৔߹ͳͲɺ্هͷඞཁੑ͕ͳͯ͘΋෼ׂ͕߹ཧతͳ৔߹΋͋Γ 6 νʔϜؒͷಠཱੑΛอͭखஈͱͯ͠ɺ App͝ͱ෼͚Δબ୒ࢶ΋͋Δ ※

  7. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ελοΫΛ෼͚Δ͜ͱͷσϝϦοτ 1. ελοΫؒࢀরʹΑΓɺ॥؀ґଘ΍σϓϩΠ࣌ͷ޻෉ͳͲ௥Ճͷߟྀ͕ඞཁʹ (ҎԼ͸Ұྫ) • ӈਤͷঢ়ଶͰҎԼͷૢ࡞Λ͢ΔͱσϓϩΠ΍synthʹࣦഊ͢Δ 1. Parent͔ΒChildͷϦιʔεΛࢀর (॥؀ґଘ) 2. ChildStack಺ͷLambda FunctionΛ࡟আ (มߋͷڝ߹ɺཧ༝͸࣍ͷεϥΠυ) • ճආ͸Մೳ (ޙड़)ɻ։ൃମݧͷѱԽ͕՝୊ 2. σϓϩΠ͕ಷԽ • ґଘؔ܎ͷ͋ΔελοΫ͸ಉ࣌ʹσϓϩΠͰ͖ͳ͍ → σϓϩΠͷฒྻ౓੍͕ݶ͞ΕΔ 3. ద੾ͳ෼͚ํΛઃܭ͢Δͷ͕େม 7 ParentStack DynamoDB Table Stack export: TableName ChildStack Lambda Function (ςʔϒϧ໊Λࢀর) Fn:ImportValue

  8. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ิ଍: ελοΫͷσϓϩΠʹࣦഊ͢Δ࢓૊Έ 8 ParentStack DynamoDB Table Stack export: TableName ChildStack Lambda Function (ςʔϒϧ໊Λࢀর) Fn:ImportValue ParentStack DynamoDB Table Stack export: TableName ChildStack Lambda Function (ςʔϒϧ໊Λࢀর) Fn:ImportValue લఏ ελοΫؒࢀরͷಛ௃: • ΤΫεϙʔτ͞ΕͨελοΫग़ྗ஋͕ਖ਼ମ • CDK͕ม਺ͷؔ܎ੑΛݟͯࣗಈͰ࡞੒ • ࢀর͞Ε͍ͯΔग़ྗ஋͸࡟আͰ͖ͳ͍ (ڧ͍ࢀর) cdk deploy ͷॱং: Parent → Child ৽͍͠ParentStack͸Stack exportΛ࡟আ͠Α͏ͱ͢Δ͕ɺ ChildStack͸·ͩݹ͍΋ͷ͕σϓϩΠ͞Εͨ·· ͭ·ΓTableName͸·ͩࢀর͞Ε͍ͯΔͷͰɺStack exportͷ࡟আʹࣦഊ͢Δ Lambdaؔ਺Λ࡟আͯ͠σϓϩΠΛࢼΈΔ σϓϩΠʹࣦഊʂ

  9. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk αʔϏεछผʹΑΔ෼͚ํ ػೳʹΑΔ෼͚ํ • Ұͭͷࢦඪ: ελοΫؒࢀরΛͰ͖Δ͚ͩগͳ͘͢Δ • ϦιʔεؒͷґଘΛελοΫ಺Ͱ׬݁ͤ͞Δ • ֤ελοΫΛͰ͖Δ͚ͩಠཱͤ͞ΔΠϝʔδ ServiceB stack ServiceA stack Persistance stack Network stack Stateless stack ͦΕͰ΋ελοΫΛ෼͚͍ͨͱ͖͸ ServiceA ServiceB Network Persistent Stateless 1 3 1 (ελοΫؒࢀর਺) ※ ڽू౓ͷ࿩ʹ΋ؔ࿈ ˙ ͸࿦ཧతڽूɺ˙ ͸ػೳతڽूʹ͍͔ۙ ελοΫؒࢀরͳ͠ 9

  10. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ϚϧνελοΫ։ൃ࣌ͷTips – มߋͷڝ߹Λղফ͢Δ • -e, --exclusivelyϑϥάͰґଘؔ܎Λແࢹͯ͠σϓϩΠ͢Δ ࢀর • Stack.exportValueϝιουͰ໌ࣔతʹStack exportΛ࡞੒͢Δ • ελοΫؒࢀরΛ࢖Θͣʹ஋ΛελοΫؒͰड͚౉͢ • SSMύϥϝʔλΛܦ༝͢Δɺ໋໊نଇʹԊͬͨ஋Λϋʔυίʔυ͢ΔͳͲ ↓ • 2ஈ֊ʹ෼͚ͯσϓϩΠ͢Δ (࣍ͷϖʔδ) 10 ChildStackͷΈΛઌʹσϓϩΠ͢Ε͹ɺ Stack export͸ෆཁʹͳΓɺมߋ͸ڝ߹͠ͳ͍ ChildStack͕ݩʑඞཁͱͨ͠஋Λ໌ࣔతʹexport Stack export͕อ࣋͞Εɺมߋ͸ڝ߹͠ͳ͍ exclusive deploy CDKͰελοΫؒͷύϥϝʔλʔΛड͚౉͢5ͭͷํ๏ͱ έʔεผͷ࠷దղʹ͍ͭͯߟ͑ͯΈͨ

  11. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk 2ஈ֊σϓϩΠͷྫ ParentStack ChildStack DynamoDB Table v1 Lambdaؔ਺ TableNameΛࢀর ParentStack ChildStack DynamoDB Table v2 Lambdaؔ਺ TableNameΛࢀর DynamoDB Table v1 11 ParentStack ChildStack DynamoDB Table v2 Lambdaؔ਺ ͜ͷExport͸·ͩ࡟আͰ͖ͳ͍ exportValueͰ໌ࣔతʹ࢒͢ TableNameΛࢀর Deploy#1 Deploy#2 ॳظঢ়ଶ தؒঢ়ଶ ࠷ऴঢ়ଶ Deploy#2 Ͱ࡟আ ※ ࠓճ͸৽چςʔϒϧؒͷσʔλҠߦΛߟྀ͍ͯ͠ͳ͍

  12. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ϚϧνελοΫ։ൃ࣌ͷTips – ॥؀ґଘΛղফ͢Δ ελοΫͷ॥؀ґଘ: 2ͭͷελοΫ͕ޓ͍ͷStack exportΛࢀর͋͠͏ঢ়ଶ ParentStack ChildStack Security group Security group VPC Lambda Subnet IDΛࢀর Ingress rule Security group IDΛࢀর Ingress rule Error: 'Stack2' depends on 'Stack1' ({Stack2/Handler/ServiceRole/Resource}.addDependency({Stack1/Vpc/IsolatedSubnet1/RouteTableAssociation}),… ). Adding this dependency (Stack1 -> Stack2/Handler/SecurityGroup/Resource.GroupId) would create a cyclic reference. 12 ґଘؔ܎ͷํ޲Λҙ࣮ࣝͨ͠૷Ͱճආ ྫ: ͜ͷґଘ͸NG ґଘ͸ยํ޲ͷΈڐ͞ΕΔ ※ ্هͰ͸ճආͰ͖ͳ͍͜ͱ΋ɻGitHubͰIssueΛ୳͢ɾཱͯΔͷ΋खɻ

  13. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ϚϧνελοΫ։ൃ࣌ͷTips – ॥؀ґଘΛղফ͢Δ ελοΫͷ॥؀ґଘ: 2ͭͷελοΫ͕ޓ͍ͷStack exportΛࢀর͋͠͏ঢ়ଶ ParentStack ChildStack Security group Security group VPC Lambda Subnet IDΛࢀর Ingress rule Security group IDΛࢀর Ingress rule Error: 'Stack2' depends on 'Stack1' ({Stack2/Handler/ServiceRole/Resource}.addDependency({Stack1/Vpc/IsolatedSubnet1/RouteTableAssociation}),… ). Adding this dependency (Stack1 -> Stack2/Handler/SecurityGroup/Resource.GroupId) would create a cyclic reference. 13 ґଘؔ܎ͷํ޲Λҙ࣮ࣝͨ͠૷Ͱճආ ྫ: ͜ͷґଘ͸NG ґଘ͸ยํ޲ͷΈڐ͞ΕΔ ΠςϨʔςΟϒͳ։ൃͰ͸ ͋·Γߟ͑ͨ͘ͳ͍൥Θ͠͞ ͤΊͯ։ൃ؀ڥͰ͸γϯάϧελοΫʹ อͬͯ͸͍͔͕ʁ ※ ্هͰ͸ճආͰ͖ͳ͍͜ͱ΋ɻGitHubͰIssueΛ୳͢ɾཱͯΔͷ΋खɻ

  14. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk Q. Stackͷίʔυ͕ࢄΒ͔͖ͬͯͨ • ϦιʔεΛϑϥοτʹϕλॻ͖͢Δͱɺೝ஌ෛՙ͕ߴ·Δ • Ϧιʔεͷґଘؔ܎͕Θ͔ΓͮΒ͔ͬͨΓɺεΫϩʔϧྔ͕૿͑ͨΓ • OOPʹ͓͚ΔΫϥεઃܭͷॏཁੑʹ΋ྨࣅ • ந৅ → ۩ମ ͷॱΛ෼͔Γ΍͍͢ͱײ͡Δਓ͸ଟ͍ (Օ৚ॻ͖ͱಉ͡) • ίϯετϥΫτΛ࢖ͬͯߏ଄Խ͢Δͷ͕͓͢͢Ί ü Ϧιʔεͷू߹Λҙຯͷ͋Δ୯ҐͰ·ͱΊΔ ü ϞδϡʔϧԽͷར఺Λڗड (࠶ར༻ੑɺந৅ԽͳͲ) ü ID (ୈ2Ҿ਺) ͷָ໋໊͕ʹ (ҰҙੑΛอͭείʔϓ͕ڱ·ΔͨΊ) 14 ೝূ Storage Lambda API ID

  15. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ೝূ Storage Lambda API ίϯετϥΫτͰίʔυΛߏ଄Խ͢Δ 15 ↑ίϨ͘Β͍ͷཻ౓Ͱ·ͱ·͍ͬͯΔͱύοτݟͰߏ଄͕Θ͔Γ΍͍͢ ͋ΔҙຯͰෳࡶ͞͸૿͢ͷͰɺํ਑͸νʔϜͰٞ࿦͢Δͱ 🙆 vs ίʔυྫ

  16. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk CloudFormationίϯιʔϧͷTree View΋ݟ΍͘͢ 16 ࢿྉ

  17. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk খωλ: ແ໊ίϯετϥΫτ (ͱɺݺΜͰΈΔ) • ίϯετϥΫτπϦʔͷ֓೦Λཧղ͢ΔͱḿΔ • ϑΝΠϧγεςϜͷσΟϨΫτϦπϦʔͰྨਪ͢Δͱָ • είʔϓ(ୈ1Ҿ਺)=਌σΟϨΫτϦ, ID(ୈ2Ҿ਺)=σΟϨΫτϦ໊ • ͋ΔσΟϨΫτϦ(είʔϓ)ͷதʹಉ໊͡લ(ID)͸ଘࡏͰ͖ͳ͍ • είʔϓ͸ඞͣ͠΋ this Ͱ͋Δඞཁ͸ͳ͍ • ۭͷίϯετϥΫτΛͦͷ৔Ͱ࡞੒͠ɺ ଞͷίϯετϥΫτ͸ͦΕΛ਌ʹͰ͖Δ • ແ໊Ϋϥε΍ແ໊ؔ਺ʹྨࣅͯ͠·ͤΜʁ • Ϋϥεఆٛ͢Δ΄ͲͰ͸ͳ͍Μ͚ͩͲɺɺ ͱ͍͏ঢ়گʹ͸ศརʹ࢖͑Δ͔ 17 Pro tip: ϒϥέοτ{} Ͱม਺ͷείʔϓ΋੍ޚՄೳ είʔϓ͕ҧ͏ͷͰಉ͡IDΛ࢖͑Δ ۭͷίϯετϥΫτ είʔϓͷࢦఆ

  18. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ίϯετϥΫτΛ࡞Δͱ͖ͷTips ࢀর: AWS CDK Tips: ίϯετϥΫτͰߏ଄Խ͠Α͏ 1. ίϯετϥΫτͷ෼͚ํ • ελοΫͷ෼͚ํ΄ͲηϯγςΟϒͳ࿩୊Ͱ͸ͳ͍ (Լखʹ෼͚ͯ΋σϝϦοτ͕࿐ఄͮ͠Β͍) • ͨͩ͠εςʔτϑϧͳϦιʔε͸ޙ͔ΒϦϑΝΫλͮ͠Β͍ͷͰɺ৻ॏʹ • ਓ͕෼͔Γ΍͍͢୯ҐͰ·ͱΊΕ͹Ұ୴े෼ (จষ΍ΞʔΩਤॻ͘ͱ͖ͳͲ΋ࣗવͱҙࣝͯ͠Δ͸ͣ) 2. ID=‘Default’ ʹΑΓ Logical IDΛ୹ॖ͢Δ Shorter AWS CDK Logical IDs • CFnʹΑΔࣗಈ໋໊ΛΘ͔Γ΍͘͢อͭͨΊ • ϦϑΝΫλͷͱ͖΋LogicalIDͷมߋΛ๷͙ͨΊʹ໾ཱͬͨΓ 3. IDͷ໋໊͸PascalCase͕͓͢͢Ί Construct ID͸ύεΧϧέʔεͰ໋໊͢Δͷ͕ྑ͍ • CFnʹΑΔࣗಈ໋໊ΛΘ͔Γ΍͘͢อͭͨΊ 18 ID

  19. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk Q. L1 / L2 / L3 ίϯετϥΫτ ͲΕΛ࢖͏ʁ • ந৅౓ʹΑΓίϯετϥΫτ͸L1~L3ʹେผ͞ΕΔ (ӈਤ) • جຊతʹ͸L2+Λੵۃతʹ࢖͏΄͏͕CDKͷར఺Λڗड͠΍͍͢ • grantXxx, allowFromͳͲʹΑΔந৅Խ΋ڧྗ • ந৅ԽʹΑͬͯॊೈੑΛࣦΘͳ͍ͨΊʹ 1. ࣗ૊৫ͰίϯετϥΫτΛ࡞੒ɾ؅ཧ͢Δ • ࣗ༝ʹमਖ਼Մೳͳͷ͕ڧΈɻεχϖοτͱͯ͠࢖͍ճ͢΋͋Γ 2. ެࣜɾαʔυύʔςΟͷίϯετϥΫτ͸… • ϑΥʔΫ͢Δ or ίϯτϦϏϡʔτ (Pull RequestΛૹΔ) • ޙऀ͸ΤίγεςϜͷڧԽͱ͍͏ҙຯͰ͸ཧ૝త (࣌ʹେม) 3. Escape hatch ʹΑΔΦʔόʔϥΠυ (࠷ޙʹͯ͠࠷ڧͷํ๏) • ࣍ͷεϥΠυͰৄ͘͠঺հ 19 ந৅౓௿ ॊೈੑ ந৅౓ߴ ੜ࢈ੑ L1 L2 L3

  20. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk L2 / L3ίϯετϥΫτͰॊೈੑΛऔΓ໭͢ - Escape hatchฤ • ·ΕʹΑ͘ඞཁͳΠϯλʔϑΣʔεΛL2+Ͱ͸ར༻Ͱ͖ͳ͍৔߹͕͋Δ • ͜ͷ఺Λཧ༝ʹCFnͷ΄͏͕CDKΑΓྑ͍ͱݴΘΕΔ͜ͱ΋͋Δ͕ɺඞͣ͠΋ͦ͏Ͱ͸ͳ͍ • Escape hatchΛ࢖͑͹ɺL1ͱಉϨϕϧʹॊೈͳૢ࡞͕Մೳ 20 ྫ: Lambda RoleͷPolicy໊Λมߋ͢Δ Escape hatchͰL1 constructΛ௚઀৮ΔCDKίʔυ MetadataΛݟΕ͹Ϧιʔεͷύε͕෼͔Δ ߹੒ޙͷCloudFormationςϯϓϨʔτ ύεʹԊͬͯίϯετϥΫτπϦʔΛ۷Δ ৄࡉ: Abstractions and escape hatches ೚ҙͷϓϩύςΟΛΦʔόʔϥΠυͰ͖ΔΠϯλʔϑΣʔε

  21. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk Q. ෳ਺؀ڥ޲͚ʹςϯϓϨʔτͷఆٛΛ͢Δʹ͸ʁ Dev/Staging/ProdͳͲෳ਺ͷ؀ڥΛͲ͏͏·͘ఆٛ͢Δ͔ʁ ࠷௿ݶɺҎԼΛͲ͏͢Δ͔ߟ͍͑ͨ: 1. ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏ • ྫ: Auroraʹ͍ͭͯɺDev؀ڥ͸ t3ΠϯελϯεɾProd؀ڥ͸m6gΠϯελϯεΛ࢖͏ 2. ؀ڥ͝ͱʹελοΫఆٛΛग़͠෼͚Δํ๏ • ҰͭͷCDKίʔυ͔Βෳ਺ͷ؀ڥ༻ελοΫΛsynth͍ͨ͠ • ྫ: Dev؀ڥ༻ɺProd؀ڥ༻ͷελοΫΛͲ͏ఆٛ͢Δ͔ 21

  22. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏ • ύϥϝʔλΛ؅ཧ͢Δ৔ॴΛܾΊΔ • ӈ͸୅දྫ5ͭ (ଞʹ΋ແݶʹߟ͑ΒΕΔ) • ࣍ϖʔδʹৄ͍͠ൺֱදΛهࡌ • ಡΈࠐΜͩύϥϝʔλΛελοΫ΍ ίϯετϥΫτͷPropsʹ౉͢૝ఆ 22

  23. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏ - ൺֱද 23 (ॱෆಉ) ֓ཁ Pros Cons 1. Context variable cdk.json΍ –c ΦϓγϣϯͰ ࢦఆ cdk deploy –c env=dev CDKඪ४ؔ਺ (tryGetContext) Ͱ஋ ΛऔಘͰ͖Δ͜ͱͷެࣜײ JSONʹΑΔinteroperabilityͷߴ͞ (ଞπʔϧͰJSONΛੜ੒ͨ͠ΓͳͲ) ஋ͷValidationʹҰ޻෉ඞཁ (JSON SchemaͳͲ) JSONͷදݱྗʹറΒΕΔ (CDKͷܕ DurationͳͲ͸࢖͑ͳ͍) 2. ؀ڥม਺ CDKίϚϯυ࣮ߦ࣌ʹ؀ڥ ม਺Λࢦఆ ENV=dev cdk deploy CDKҎ֎ͷք۾Ͱ΋ඪ४తͳํ๏ CIπʔϧͷઃఆͰ্ॻ͖Ͱ͖ΔͳͲ Ԡ༻ํ๏͸ଟ͍͔΋ ؀ڥม਺͸จࣈྻܕͷΈ ؀ڥม਺Λ؅ཧ͢Δ৔ॴΛߟ͑Δ ඞཁ͋Γ 3. ֤ݴޠͷ ΦϒδΣΫτ CDKͷݴޠͰύϥϝʔλΛ ϋʔυίʔυ͢Δ (e.g. TypeScriptͷobject) จࣈྻŋ਺ࣈҎ֎ͷܕ͕࢖͑Δ (Duration΍ec2.InstanceTypeͳͲ) खܰʹܕ҆શ ݴޠ͕ݻఆ͞ΕΔɺಈతͳੜ੒ʹෆ ޲͖ͳͲinteroperability͕ඞཁͳঢ় گͰ͸೉͍͕͠ɺك 4. Secrets Manager ParameterStore CDK֎ͰύϥϝʔλΛ࡞੒ deploy࣌ʹCFn͕஋Λಡࠐ ൿಗ৘ใ(API keyͳͲ)ΛCDKίʔυ ΍CFnςϯϓϨʔτ͔ΒӅṭͰ͖Δ ύϥϝʔλͷॳظԽʹ௥Ճखॱඞཁ ύϥϝʔλͷARNͷ؅ཧ΋ඞཁ 5. CfnParameter CloudFormationͷ ParameterػೳΛ࢖͏ synthޙʹσϓϩΠ಺༰ΛมߋՄೳ ߹੒ͨ͠CFnςϯϓϨʔτΛ഑෍͠ ͍ͨ৔߹ʹ͸༗ޮ CFnΛҙࣝ͢Δඞཁ͕͋ΓɺૉͷCDK ΑΓॻ͖ʹ͍͘ ಛघͳঢ়گΛআ͍ͯϝϦοτ͸ബ͍ ݸਓతͳ࢖͍෼͚: σϑΥϧτ͸3ɺඞཁʹԠͯ͡2/4/5

  24. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk Q. ෳ਺؀ڥ޲͚ʹςϯϓϨʔτͷఆٛΛ͢Δʹ͸ʁ Dev/Staging/ProdͳͲෳ਺ͷ؀ڥΛͲ͏͏·͘ఆٛ͢Δ͔ʁ ࠷௿ݶɺҎԼΛͲ͏͢Δ͔ߟ͍͑ͨ: 1. ؀ڥ͝ͱʹύϥϝʔλΛઃఆ͢Δํ๏ • ྫ: Auroraʹ͍ͭͯɺDev؀ڥ͸ t3ΠϯελϯεɾProd؀ڥ͸m6gΠϯελϯεΛ࢖͏ 2. ؀ڥ͝ͱʹελοΫఆٛΛग़͠෼͚Δํ๏ • ҰͭͷCDKίʔυ͔Βෳ਺ͷ؀ڥ༻ελοΫΛsynth͍ͨ͠ • ྫ: Dev؀ڥ༻ɺProd؀ڥ༻ͷελοΫΛͲ͏ఆٛ͢Δ͔ 24

  25. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ؀ڥ͝ͱʹελοΫఆٛΛग़͠෼͚Δํ๏ ελοΫఆٛํ๏ͷ୅දྫ (௨ৗ bin/xxx.ts ʹॻ͘ΞϨ) • Dynamicύλʔϯ • 1ͭͷελοΫఆٛΛ࢖͍ճ͢ StackͷID͸֎෦͔Β஫ೖ • Staticύλʔϯ1 • ؀ڥͷ਺͚ͩελοΫΛϋʔυίʔυ͢Δ • DynamicΑΓApp಺ͷελοΫߏ੒͕෼͔Γ΍͍͢ • Staticύλʔϯ2 • ελοΫͷΫϥεఆٛࣗମΛ؀ڥ͝ͱʹ࢖͍෼͚Δ • ؀ڥ͝ͱʹϦιʔεͷߏ੒ŋελοΫ෼ׂΛม͍͑ͨ࣌ͳͲʹ༗ޮ • ؀ڥͷҰக౓͕௿Լ͢ΔϦεΫ͋Γ 25 ※ Staticύλʔϯ͸synthͷ͕࣌ؒ௕͘ͳΓ͕ͪɻ ؀ڥม਺౳Ͱ৚݅෼ذ͠ɺෆཁͳnew Stack()Λ ඈ͹͢ͳͲͰճආ͸Մೳɻ ※ CDK PipelinesΛ࢖͏৔߹͸ɺ εςʔδͱ͍͏֓೦Ͱ͞Βʹϥοϓ͞ΕΔ

  26. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk Q. ࣗಈςετ͸Ͳ͏͢Δʁ࠷௿ݶ͸… • ඞਢ: εφοϓγϣοτςετ (synthޙͷCFnςϯϓϨʔτΛൺֱ͢Δςετ) • CDKͷόʔδϣϯΞοϓ࣌ͳͲʹɺҙਤ͠ͳ͍มߋ͕ੜ͍ͯ͡ͳ͍͜ͱΛݕূ͢ΔͨΊ • ࣮૷΋ۃΊͯ؆୯ (※ ݴޠ͝ͱͷςετϥΠϒϥϦΛ׆༻) ࣮૷ྫ: Testing constructs – Snapshot test • ೚ҙ: ΠϯςάϨʔγϣϯςετ (࣮ࡍʹAWS؀ڥʹσϓϩΠ͢Δςετ) • ΧελϜϦιʔεͷ࣮૷΍CloudFormationଆͷόϦσʔγϣϯΛݕূ͢ΔͨΊ • ςετ༻AWS؀ڥΛ༻ҙͯ͠౎౓σϓϩΠ͢Δͷ͕खܰͳखஈ (dev؀ڥΛ࢖͏ͳͲ) • Integ-runner ΍ integ-tests ͱ͍ͬͨϥΠϒϥϦ΋ఏڙ͞Ε͍ͯΔ (·ͩalpha) • ೚ҙ: Fine-grained assertions (ςϯϓϨʔτʹର͢Δࡉ΍͔ͳݕূ) • ࣗࣾϙϦγʔ΁ͷίϯϓϥΠΞϯεΛݕূ͢ΔͳͲ cdk-nagͳͲͰҰൠతͳ੬ऑੑݕࠪ͸Մೳ 26 ※ pdk-nag: ϓϩτλΠϐϯά޲͚ͷɺΑΓ؇͍ϧʔϧηοτ

  27. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk CDK։ൃαΠΫϧͷҰྫ ݸਓతʹΑ͋͘ΔCDK։ൃͷྲྀΕΛࢀߟ·Ͱʹ (non-TDD): • ࣮૷ → σϓϩΠ → ಈ࡞֬ೝ͕جຊαΠΫϧ • σϓϩΠͯ͠खಈͷݕূΛ͢Δεςοϓ͸Ͳ͏ͯ͠΋ඞཁ • ͢΂ͯ֬ೝͰ͖ͨΒɺεφοϓγϣοτΛ࡞Δ • Ҏޙ͸εφοϓγϣοτͱͷࠩ෼ΛϨϏϡʔ͢Ε͹มԽΛ௥͑Δ • ςετࣗಈԽͷॏཁੑ͸IaCͷมߋස౓ʹԠͯ͡΋มΘΔ • ҆ఆޙ΋εφοϓγϣοτͷࠩ෼ϨϏϡʔ͕ͭΒ͍Ϩϕϧͩͱɺ ͦͷଞͷςετΛࣗಈԽ͢ΔΞϓϩʔν΋߹ཧతʹͳΔ͔ 27 CDK࣮૷ σϓϩΠ ಈ࡞֬ೝ εφοϓγϣοτ࡞੒ ϝϯςφϯε ͋Δػೳ։ൃͷϥΠϑαΠΫϧ

  28. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ·ͱΊ • AWS CDK։ൃʹ൐͏ҙࢥܾఆͷϙΠϯτɺFAQ΁ͷߟ͑ํΛ·ͱΊ·ͨ͠ • ͦΕͧΕͷPros/ConsΛߟ্͑ͨͰదٓ࠷దͳํ๏Λߟ͑Δ͜ͱ͕͓͢͢Ί • ͨͩ͠ɺ೰Έଓ͚ͯ։ൃ͕ࢭ·Δ͘Β͍ͳΒɺͱΓ͋͑ͣࢼ͠ͳ͕Βߟ͑Δํ͕ྑ͍Ͱ͢Ͷʂ • IaC࢖Θ(͑)ͳ͍ <<< (ӽ͑ΒΕͳ͍น) <<< CDK࢖͑Δ < CDK͏·͘࢖͑Δ • جຊͷߟ͑ํ: ඞཁͷͳ͍ݶΓෳࡶԽ͸͠ͳ͍ • ίϨΛҙࣝ͢Δͱଟ͘ͷ৔߹ແବͷͳ͍ίʔυʹͳΔ͸ͣʂ ຅ωλ • CDKίʔυΛϦϑΝΫλ͍ͨ͠ • طଘͷϦιʔεΛCDK؅ཧԼʹऔΓࠐΉ • σΟϨΫτϦߏ੒ɺetc… 28 ࠓޙ AWS Black BeltγϦʔζ ͰΧόʔ͞ΕΔ༧ఆͰ͢ʂ

  29. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ܦݧஊ΋ฉ͖͍ͨ AWS Dev Day 2023ͰBLEAνʔϜ͔Βൃද༧ఆ օ༷ͷAWS CDKܦݧஊɾۤ࿑࿩΋ͥͻ͝ڞ༗͍ͩ͘͞ʂ 29

  30. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk ࢀߟࢿྉ • Best practices for developing and deploying cloud infrastructure with the AWS CDK • CDKʹؔ͢ΔϕετϓϥΫςΟεͷݪయɻ • JAWS CDKࢧ෦ͷΠϕϯτ࿥ը • ࠃ಺։ൃऀͷ஌ݟڞ༗ͷ৔ɻ೔ຊͷCDKίϛϡχςΟ͸ੈքతʹݟͯ΋׆ൃʂ • cdk.dev • άϩʔόϧͳCDKίϛϡχςΟSlackɻͪ͜Β΋׆ൃͰɺ೔໷࣭໰΍ٞ࿦͕ඈͼަ͍ͬͯ·͢ • Twitter CDK JP Community • ίϛϡχςΟࢀՃऀΛϑΥϩʔ͢Δͱ͍Ζ͍Ζͳҙݟ͕࢕͑·͢ɻ։ൃऀͷϒϩά͸ಛʹࢀߟʹͳΔʂ • The CDK Book • CDKʹؔ͢Δ஌͕ࣝ໢ཏతʹ·ͱ·ͬͨॻ੶ɻCDKϚχΞͳΒങͬͯ΋ଛ͸ͳ͍͸ͣ 30

  31. 2023/05/20 AWS CDK CONFERENCE JAPAN ͋Δ͋Δ͓೰Έʹ౴͍͑ͨ © 2023, Amazon Web

    Services, Inc. or its affiliates. Twitter: #jawsug_cdk Thank you! © 2022, Amazon Web Services, Inc. or its affiliates. Masashi Tomooka mtomooka@amazon.co.jp tmokmss