Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OpsJAWS#4 CloudWatch Events Hands-on

Avatar for Tmorinaga Tmorinaga
March 01, 2016
Technology
3
1.8k

OpsJAWS#4 CloudWatch Events Hands-on

OpsJAWS#4 20160301

Avatar for Tmorinaga

Tmorinaga

March 01, 2016
Tweet

More Decks by Tmorinaga

See All by Tmorinaga
OpsJAWS#13 IAMベストプラクティス
Avatar for Tmorinaga tmorinaga
1
3.9k
Developers.IO 2017 E3
Avatar for Tmorinaga tmorinaga
0
1.3k
JAWS DAYS 2017 Security-JAWS発表資料
Avatar for Tmorinaga tmorinaga
2
4.8k
AWS WAFのログが3時間しか見れないのでなんとかしてみる
Avatar for Tmorinaga tmorinaga
3
4.3k
re:Growth 2016 in Tokyo
Avatar for Tmorinaga tmorinaga
0
2.2k
Developers.IO 2016 in Fukuoka
Avatar for Tmorinaga tmorinaga
1
860
【エンジニア編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
Avatar for Tmorinaga tmorinaga
1
4.4k
【ビジネス編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
Avatar for Tmorinaga tmorinaga
1
2.3k

Other Decks in Technology

See All in Technology
スクラムガイドに載っていないスクラムのはじめかた - チームでスクラムをはじめるときに知っておきたい勘所を集めてみました! - / How to start Scrum that is not written in the Scrum Guide 2nd
Avatar for TAKAKING22 takaking22
1
160
AIエージェントで90秒の広告動画を制作!台本・音声・映像・編集をつなぐAWS最新アーキテクチャの実践
Avatar for Kiminori Yokoi nasuvitz
3
340
「その開発、認知負荷高すぎませんか?」Platform Engineeringで始める開発者体験カイゼン術
Avatar for SansanTech sansantech
PRO
2
440
Evolución del razonamiento matemático de GPT-4.1 a GPT-5 - Data Aventura Summit 2025 & VSCode DevDays
Avatar for Lautaro Carro lauchacarro
0
210
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
8.8k
普通のチームがスクラムを会得するたった一つの冴えたやり方 / the best way to scrum
Avatar for 岡本卓也 okamototakuyasr2
0
110
💡Ruby 川辺で灯すPicoRubyからの光
Avatar for bash0C7 bash0c7
0
120
Django's GeneratedField by example - DjangoCon US 2025
Avatar for Paolo Melchiorre pauloxnet
0
150
Unlocking the Power of AI Agents with LINE Bot MCP Server
Avatar for LINE Developers Thailand linedevth
0
110
Webアプリケーションにオブザーバビリティを実装するRust入門ガイド
Avatar for nwiizo nwiizo
7
880
複数サービスを支える マルチテナント型 Batch MLプラットフォーム
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
1
890
【NoMapsTECH 2025】AI Edge Computing Workshop
Avatar for ITO Akihiro akit37
0
230

Featured

See All Featured
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
59
9.5k
A better future with KSS
Avatar for Kyle Neath kneath
239
17k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
696
190k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
358
30k
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
236
140k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
368
19k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
53
8.9k
Building Applications with DynamoDB
Avatar for Matt Wood mza
96
6.6k
Fireside Chat
Avatar for paigeccino paigeccino
39
3.6k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
29
2.9k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
31
2.2k
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
54
11k

Transcript

  1. OpsJAWS#4 CloudWatchEvents Hands-on Ϋϥεϝιουגࣜձࣾ ιϦϡʔγϣϯΞʔΩςΫτ ৿Ӭେࢤ

  2. ࣗݾ঺հ

  3. Morinaga Taishi(@morimoritaitai) AWS Solution Archetect ✦ झຯ : ήʔϜ(શൠ) /

    ञ / Χϝϥ ✦ ڵຯ : DevOps / Security ✦ ޷͖ͳαʔϏε:Config/CloudTrail/IAM AWS Certified Solutions Architect - Professional Developer -Associate SysOps Administorator - Associate

  4. ձࣾ঺հ

  5. Classmethod,Inc.

  6. Classmethod,Inc. AWSίϯαϧɾઃܭɾߏஙͱ ϞόΠϧ։ൃ͕ϝΠϯ

  7. ੈքதʹΦϑΟε جຊతʹਓ͕͍Δͱ͜ΖʹΦϑΟε͕ग़དྷ·͢

  8. Developers.IO

  9. Developers.IO 5500ຊͷٕज़هࣄ 2300ຊͷAWSهࣄ ݄ؒ100ສPV

  10. ϋϯζΦϯͷࢿྉ͸ͪ͜Β https://speakerdeck.com/tmorinaga https://gist.github.com/Tmorinaga

  11. Agenda • CloudWatchEventsͱ͸ • ϋϯζΦϯͷ४උ • Built-in targetΛࢼͯ͠ΈΔ • Lambda

    functionΛࢼͯ͠ΈΔ • ͓ย͚ͮ

  12. CloudWatch Eventsͱ͸

  13. CloudWatchEventsͱ͸ • ΠϕϯτʢϦιʔεͷঢ়ଶมԽͳͲʣΛݕ஌ ͠ɺΠϕϯτυϦϒϯͰΞΫγϣϯΛ࣮ߦ͢ ΔࣄͷͰ͖ΔαʔϏε • ౦ژϦʔδϣϯͰ࢖͑·͢ʂʂʂ

  14. ΠϕϯτυϦϒϯͬͯLambda ͱ͸Ͳ͏ҧ͏ͷʁ • CWE͸Lambdaͷ৽͍͠Πϕϯτιʔε • LambdaҎ֎ͷ࿈ܞʢSNSɺKinesisʣ΍Built- inͷ࢓૊Έ΋༻ҙ͞Ε͍ͯΔ

  15. CloudWatchEventsͷߏ੒ཁૉ • Πϕϯτιʔε • λʔήοτ • ϧʔϧ

  16. Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷୹̑෼ִؒʣ

    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ

  17. Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷୹̑෼ִؒʣ

    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ

  18. CloudWatchEvents͕ API CallΛΠϕϯτιʔεʹ΋ͭ

  19. Lambda͕ CWEΛΠϕϯτιʔεʹ΋ͭ

  20. ΄΅͢΂ͯͷAPI CallΛ ؆୯ʹLambda࿈ܞͰ͖Δʂ

  21. λʔήοτ • ࣮ߦ͢ΔΞΫγϣϯ • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • Lambda Function • SNS

    Topic • Kinesis Stream • Built-in Targetʢsnapshot࡞੒ͳͲͷػೳʣ

  22. ϧʔϧ • Πϕϯτιʔεͱλʔήοτͷ૊Έ߹Θͤ • ͲΜͳϦιʔε͕Ͳ͏ͳͬͨΒʢΠϕϯτιʔ εʣɺͲ͏͢Δ͔ʢλʔήοτʣ

  23. ϋϯζΦϯͷ४උ

  24. ҎԼͷࣄΛ֬ೝͯ͠Լ͍͞ • IAMͷPolicyઃఆ • ࠓճ͸ AdminݖݶͰ΍Γ·͢ʢIAM͍͡ΔͨΊʣ • STSʢSecurity Token ServiceʣͷEndpoint

    • IAM→Account Settings→Security Token Service RegionsͰઃఆ • σϑΥϧτ͸ON • Stoppedঢ়ଶͷΠϯελϯεΛͻͱͭ

  25. CWEʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action":

    "events:*", "Resource": "*" }, { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "*" } ] }

  26. Ϧʔδϣϯͷ ΤϯυϙΠϯτ༗ޮԽ

  27. Πϯελϯεͷ४උ t2.nanoͰ΋ͳΜͰ΋͍͍Ͱ͢

  28. Built-in TargetΛ ࢼͯ͠ΈΔ

  29. ࢼͯ͠ΈΔ͜ͱ • InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • ҙຯ͸ಛʹແ͍Ͱ͕͢ɺಈ͖Λݟͯ௖͚Ε͹

  30. Ruleͷ࡞੒ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

  31. Πϕϯτιʔεͷબ୒

  32. EC2Πϯελϯεͷঢ়ଶΛબ୒

  33. λʔήοτͷ௥Ճ

  34. Built-in targetΛબ୒

  35. ΞΫγϣϯͷબ୒

  36. Πϯελϯεͷબ୒ ͜Ε * ͰࢦఆͰ͖ΔΑ͏ʹͳΓ·ͤΜ͔Ͷ…ʁ

  37. ϧʔϧͷ໊લΛೖྗ

  38. IAM RoleΛ࡞੒ طʹ࡞੒͞Ε͍ͯΔํ͸ͦͪΒΛબ୒

  39. IAM Roleͷ࡞੒ ಛʹઃఆ͸ཁΒͳ͍ͷͰڐՄ

  40. built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",

    "Action": [ "ec2:Describe*", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot" ], "Resource": "*" } ] }

  41. ϧʔϧ࡞੒׬ྃ

  42. ಈ࡞֬ೝ

  43. ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ

  44. ࣍ͷϋϯζΦϯͷͨΊʹ… ࢒͍ͯ͠Δͱ͕࣍͏·͍͖͘·ͤΜ

  45. Lambda FunctionΛ ࢼͯ͠ΈΔ

  46. ࢼͯ͠ΈΔ͜ͱ • ࢦఆ͞ΕͨλάʮCostʯ͕͍͍ͭͯͳ͍ InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • λάͷ͚ͭ๨Εͬͯଟ͍Ͱ͢ΑͶ…

  47. Lambda Function࡞੒

  48. blueprint͸࢖Θͳ͍ͷͰSkip

  49. ໊લͱ࢖༻ݴޠΛࢦఆ

  50. ίʔυΛίϐϖ https://gist.github.com/Tmorinaga/5b1df9e90e20fe173685

  51. ίʔυʹ͍ͭͯ • ΤϥʔϋϯυϦϯάͳͲ͍ͯ͠·ͤΜͷͰɺ ຊ൪ར༻ͳͲ͢Δ৔߹͸࡞Γ͜ΜͰԼ͍͞ɻ • ͍͍΋ͷ͕Ͱ͖ͨΒڭ͑ͯԼ͍͞m(_ _)m

  52. Lambda༻IAM Role࡞੒

  53. Policyඍௐ੔

  54. Policyඍௐ੔

  55. built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",

    "Action": [ . . . ], "Resource": "arn:aws:logs:*:*:*" }, { "Effect": "Allow", "Action": [ "ec2:StopInstances", "ec2:DescribeInstances" ], "Resource": "*" } ] } ←͜ͷ෦෼Λ௥Ճ https://gist.github.com/Tmorinaga/678cd280c1702c9c5233

  56. Advanced settings͸ͦͷ··

  57. Review

  58. Ruleͷ࡞੒ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

  59. Πϕϯτιʔεͷબ୒

  60. EC2Πϯελϯεͷঢ়ଶΛબ୒

  61. λʔήοτͷ௥Ճ

  62. Lambda functionΛબ୒

  63. Lambda functionΛબ୒

  64. ϧʔϧͷ໊લΛೖྗ

  65. ϧʔϧ࡞੒׬ྃ

  66. λά෇͚ͳ͠ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ

  67. λάʮCostʯΛ௥Ճ

  68. λά෇͚͋Γಈ࡞֬ೝ ↓ runningʹͪΌΜͱͳΔʂ

  69. ͓ย͚ͮ

  70. ϧʔϧΛ࡟আ ফ͓͔ͯ͠ͳ͍ͱΠϯελϯε͕ ىಈͰ͖ͳ͍ݱ৅͕͓͖·͢ɻ

  71. Lambda functionΛ࡟আ ফ͞ͳͯ͘΋ѱ͞͸͠·ͤΜͷͰɺ ࢒͍ͯͯ͠΋ߏ͍·ͤΜ

  72. Πϯελϯεͷఀࢭ or ࡟আ

  73. ·ͱΊ

  74. ·ͱΊ • CloudWatch Events͸AWSϦιʔεͷঢ়ଶม ԽʹϦΞϧλΠϜʹରԠͰ͖Δ • pendingͰࢭΊΕ͹՝ۚͳ͠ʂ • ݁ہLambda͸ඞཁͳͷͰ֮͑·͠ΐ͏ •

    ؤுΓ·͢

  75. OpsJAWS͝঺հ • AWSӡ༻؅ཧͷϊ΢ϋ΢Λ޿͘ൃ৴ • Partner SAϒϩάʹӡ༻TipsهࣄΛܝࡌத ؂ࢹɺϩάӡ༻ɺίετ؅ཧɺδϣϒӡ༻ɺߏ੒؅ཧɺΠϕϯτ௨஌etc . . .

    http://aws.typepad.com/aws_partner_sa/2015/06/aws-ops.html ɹɹɹɹɹɹɹɹɹɹɹɹ·ͨ͸ɺɹɹɹɹɹɹɹɹɹ ɹɹɹͰݕࡧ • Doorkeeper(OpsJAWS)

  76. ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ

  77. None