Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OpsJAWS#4 CloudWatch Events Hands-on

Tmorinaga
March 01, 2016
Technology
3
1.5k

OpsJAWS#4 CloudWatch Events Hands-on

OpsJAWS#4 20160301

Tmorinaga

March 01, 2016
Tweet

More Decks by Tmorinaga

See All by Tmorinaga
OpsJAWS#13 IAMベストプラクティス
tmorinaga
1
3.3k
Developers.IO 2017 E3
tmorinaga
0
930
JAWS DAYS 2017 Security-JAWS発表資料
tmorinaga
2
3.7k
AWS WAFのログが3時間しか見れないのでなんとかしてみる
tmorinaga
3
3.8k
re:Growth 2016 in Tokyo
tmorinaga
0
1.9k
Developers.IO 2016 in Fukuoka
tmorinaga
1
610
【エンジニア編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
tmorinaga
1
3.6k
【ビジネス編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
tmorinaga
1
1.9k

Other Decks in Technology

See All in Technology
microCMSのエンジニア組織と文化
microcms
0
600
FaaS における Java 起動時間の比較 (AWS / Azure / GCP) #jjug_ccc #jjug_ccc_d
tacck
2
900
機械学習モデル性能向上への学習データからのアプローチ
okada_fuutass
0
170
Blueskyの「今」がわかる!Bot
lamrongol
0
130
When to use a Lambda function? And when not?!
jeromevdl
1
110
ChatGPTを活用した 便利ツールの紹介
hankehly
1
540
Transit Gatewayを使わなければならない場面を改めて考えてみる #dx_osarai
non97
0
3.2k
無理なく始めるGoでのユニットテストの並行化戦略
shohata
1
590
社内にアクセシビリティ改善を広める際に意識したこと
benevolent0505
0
270
データマイニングと機械学習 - ニューラルネットワーク
trycycle
0
170
Riverpodに機能追加したときの話
k9i
4
320
WWDC「間」を復習しよう
line_developers
PRO
0
350

Featured

See All Featured
Large-scale JavaScript Application Architecture
addyosmani
500
110k
We Have a Design System, Now What?
morganepeng
38
6.2k
Agile that works and the tools we love
rasmusluckow
322
20k
Reflections from 52 weeks, 52 projects
jeffersonlam
341
18k
Happy Clients
brianwarren
90
6k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
225
50k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
214
12k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
3.7k
Rebuilding a faster, lazier Slack
samanthasiow
70
7.7k
Optimising Largest Contentful Paint
csswizardry
2
790
Building Adaptive Systems
keathley
29
1.5k
The Cult of Friendly URLs
andyhume
70
5.2k

Transcript

  1. OpsJAWS#4
    CloudWatchEvents
    Hands-on
    Ϋϥεϝιουגࣜձࣾ
    ιϦϡʔγϣϯΞʔΩςΫτ ৿Ӭେࢤ

    View Slide

  2. ࣗݾ঺հ

    View Slide

  3. Morinaga Taishi(@morimoritaitai)
    AWS Solution Archetect
    ✦ झຯ : ήʔϜ(શൠ) / ञ / Χϝϥ
    ✦ ڵຯ : DevOps / Security
    ✦ ޷͖ͳαʔϏε:Config/CloudTrail/IAM
    AWS Certified
    Solutions Architect - Professional
    Developer -Associate
    SysOps Administorator - Associate

    View Slide

  4. ձࣾ঺հ

    View Slide

  5. Classmethod,Inc.

    View Slide

  6. Classmethod,Inc.
    AWSίϯαϧɾઃܭɾߏஙͱ
    ϞόΠϧ։ൃ͕ϝΠϯ

    View Slide

  7. ੈքதʹΦϑΟε
    جຊతʹਓ͕͍Δͱ͜ΖʹΦϑΟε͕ग़དྷ·͢

    View Slide

  8. Developers.IO

    View Slide

  9. Developers.IO
    5500ຊͷٕज़هࣄ
    2300ຊͷAWSهࣄ
    ݄ؒ100ສPV

    View Slide

  10. ϋϯζΦϯͷࢿྉ͸ͪ͜Β
    https://speakerdeck.com/tmorinaga
    https://gist.github.com/Tmorinaga

    View Slide

  11. Agenda
    • CloudWatchEventsͱ͸
    • ϋϯζΦϯͷ४උ
    • Built-in targetΛࢼͯ͠ΈΔ
    • Lambda functionΛࢼͯ͠ΈΔ
    • ͓ย͚ͮ

    View Slide

  12. CloudWatch Eventsͱ͸

    View Slide

  13. CloudWatchEventsͱ͸
    • ΠϕϯτʢϦιʔεͷঢ়ଶมԽͳͲʣΛݕ஌
    ͠ɺΠϕϯτυϦϒϯͰΞΫγϣϯΛ࣮ߦ͢
    ΔࣄͷͰ͖ΔαʔϏε
    • ౦ژϦʔδϣϯͰ࢖͑·͢ʂʂʂ

    View Slide

  14. ΠϕϯτυϦϒϯͬͯLambda
    ͱ͸Ͳ͏ҧ͏ͷʁ
    • CWE͸Lambdaͷ৽͍͠Πϕϯτιʔε
    • LambdaҎ֎ͷ࿈ܞʢSNSɺKinesisʣ΍Built-
    inͷ࢓૊Έ΋༻ҙ͞Ε͍ͯΔ

    View Slide

  15. CloudWatchEventsͷߏ੒ཁૉ
    • Πϕϯτιʔε
    • λʔήοτ
    • ϧʔϧ

    View Slide

  16. Πϕϯτιʔε
    • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά
    • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ
    • EC2ͷStatusมԽʢRunning,Stopped etcʣ
    • εέδϡʔϧʢ࠷୹̑෼ִؒʣ
    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ
    • AutoScalingͷมԽʢLaunch Successful etcʣ

    View Slide

  17. Πϕϯτιʔε
    • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά
    • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ
    • EC2ͷStatusมԽʢRunning,Stopped etcʣ
    • εέδϡʔϧʢ࠷୹̑෼ִؒʣ
    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ
    • AutoScalingͷมԽʢLaunch Successful etcʣ

    View Slide

  18. CloudWatchEvents͕
    API CallΛΠϕϯτιʔεʹ΋ͭ

    View Slide

  19. Lambda͕
    CWEΛΠϕϯτιʔεʹ΋ͭ

    View Slide

  20. ΄΅͢΂ͯͷAPI CallΛ
    ؆୯ʹLambda࿈ܞͰ͖Δʂ

    View Slide

  21. λʔήοτ
    • ࣮ߦ͢ΔΞΫγϣϯ
    • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ
    • Lambda Function
    • SNS Topic
    • Kinesis Stream
    • Built-in Targetʢsnapshot࡞੒ͳͲͷػೳʣ

    View Slide

  22. ϧʔϧ
    • Πϕϯτιʔεͱλʔήοτͷ૊Έ߹Θͤ
    • ͲΜͳϦιʔε͕Ͳ͏ͳͬͨΒʢΠϕϯτιʔ
    εʣɺͲ͏͢Δ͔ʢλʔήοτʣ

    View Slide

  23. ϋϯζΦϯͷ४උ

    View Slide

  24. ҎԼͷࣄΛ֬ೝͯ͠Լ͍͞
    • IAMͷPolicyઃఆ
    • ࠓճ͸ AdminݖݶͰ΍Γ·͢ʢIAM͍͡ΔͨΊʣ
    • STSʢSecurity Token ServiceʣͷEndpoint
    • IAM→Account Settings→Security Token Service
    RegionsͰઃఆ
    • σϑΥϧτ͸ON
    • Stoppedঢ়ଶͷΠϯελϯεΛͻͱͭ

    View Slide

  25. CWEʹඞཁͳPolicy
    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Effect": "Allow",
    "Action": "events:*",
    "Resource": "*"
    },
    {
    "Effect": "Allow",
    "Action": "iam:PassRole",
    "Resource": "*"
    }
    ]
    }

    View Slide

  26. Ϧʔδϣϯͷ
    ΤϯυϙΠϯτ༗ޮԽ

    View Slide

  27. Πϯελϯεͷ४උ
    t2.nanoͰ΋ͳΜͰ΋͍͍Ͱ͢

    View Slide

  28. Built-in TargetΛ
    ࢼͯ͠ΈΔ

    View Slide

  29. ࢼͯ͠ΈΔ͜ͱ
    • InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ
    • ҙຯ͸ಛʹແ͍Ͱ͕͢ɺಈ͖Λݟͯ௖͚Ε͹

    View Slide

  30. Ruleͷ࡞੒
    https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

    View Slide

  31. Πϕϯτιʔεͷબ୒

    View Slide

  32. EC2Πϯελϯεͷঢ়ଶΛબ୒

    View Slide

  33. λʔήοτͷ௥Ճ

    View Slide

  34. Built-in targetΛબ୒

    View Slide

  35. ΞΫγϣϯͷબ୒

    View Slide

  36. Πϯελϯεͷબ୒
    ͜Ε * ͰࢦఆͰ͖ΔΑ͏ʹͳΓ·ͤΜ͔Ͷ…ʁ

    View Slide

  37. ϧʔϧͷ໊લΛೖྗ

    View Slide

  38. IAM RoleΛ࡞੒
    طʹ࡞੒͞Ε͍ͯΔํ͸ͦͪΒΛબ୒

    View Slide

  39. IAM Roleͷ࡞੒
    ಛʹઃఆ͸ཁΒͳ͍ͷͰڐՄ

    View Slide

  40. built-in targetʹඞཁͳPolicy
    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Effect": "Allow",
    "Action": [
    "ec2:Describe*",
    "ec2:RebootInstances",
    "ec2:StopInstances",
    "ec2:TerminateInstances",
    "ec2:CreateSnapshot"
    ],
    "Resource": "*"
    }
    ]
    }

    View Slide

  41. ϧʔϧ࡞੒׬ྃ

    View Slide

  42. ಈ࡞֬ೝ

    View Slide

  43. ಈ࡞֬ೝ
    ↓ pending͔Β͙͢ʹstoppedʹʂ

    View Slide

  44. ࣍ͷϋϯζΦϯͷͨΊʹ…
    ࢒͍ͯ͠Δͱ͕࣍͏·͍͖͘·ͤΜ

    View Slide

  45. Lambda FunctionΛ
    ࢼͯ͠ΈΔ

    View Slide

  46. ࢼͯ͠ΈΔ͜ͱ
    • ࢦఆ͞ΕͨλάʮCostʯ͕͍͍ͭͯͳ͍
    InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ
    • λάͷ͚ͭ๨Εͬͯଟ͍Ͱ͢ΑͶ…

    View Slide

  47. Lambda Function࡞੒

    View Slide

  48. blueprint͸࢖Θͳ͍ͷͰSkip

    View Slide

  49. ໊લͱ࢖༻ݴޠΛࢦఆ

    View Slide

  50. ίʔυΛίϐϖ
    https://gist.github.com/Tmorinaga/5b1df9e90e20fe173685

    View Slide

  51. ίʔυʹ͍ͭͯ
    • ΤϥʔϋϯυϦϯάͳͲ͍ͯ͠·ͤΜͷͰɺ
    ຊ൪ར༻ͳͲ͢Δ৔߹͸࡞Γ͜ΜͰԼ͍͞ɻ
    • ͍͍΋ͷ͕Ͱ͖ͨΒڭ͑ͯԼ͍͞m(_ _)m

    View Slide

  52. Lambda༻IAM Role࡞੒

    View Slide

  53. Policyඍௐ੔

    View Slide

  54. Policyඍௐ੔

    View Slide

  55. built-in targetʹඞཁͳPolicy
    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Effect": "Allow",
    "Action": [
    . . .
    ],
    "Resource": "arn:aws:logs:*:*:*"
    },
    {
    "Effect": "Allow",
    "Action": [
    "ec2:StopInstances",
    "ec2:DescribeInstances"
    ],
    "Resource": "*"
    }
    ]
    }
    ←͜ͷ෦෼Λ௥Ճ
    https://gist.github.com/Tmorinaga/678cd280c1702c9c5233

    View Slide

  56. Advanced settings͸ͦͷ··

    View Slide

  57. Review

    View Slide

  58. Ruleͷ࡞੒
    https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

    View Slide

  59. Πϕϯτιʔεͷબ୒

    View Slide

  60. EC2Πϯελϯεͷঢ়ଶΛબ୒

    View Slide

  61. λʔήοτͷ௥Ճ

    View Slide

  62. Lambda functionΛબ୒

    View Slide

  63. Lambda functionΛબ୒

    View Slide

  64. ϧʔϧͷ໊લΛೖྗ

    View Slide

  65. ϧʔϧ࡞੒׬ྃ

    View Slide

  66. λά෇͚ͳ͠ಈ࡞֬ೝ
    ↓ pending͔Β͙͢ʹstoppedʹʂ

    View Slide

  67. λάʮCostʯΛ௥Ճ

    View Slide

  68. λά෇͚͋Γಈ࡞֬ೝ
    ↓ runningʹͪΌΜͱͳΔʂ

    View Slide

  69. ͓ย͚ͮ

    View Slide

  70. ϧʔϧΛ࡟আ
    ফ͓͔ͯ͠ͳ͍ͱΠϯελϯε͕
    ىಈͰ͖ͳ͍ݱ৅͕͓͖·͢ɻ

    View Slide

  71. Lambda functionΛ࡟আ
    ফ͞ͳͯ͘΋ѱ͞͸͠·ͤΜͷͰɺ
    ࢒͍ͯͯ͠΋ߏ͍·ͤΜ

    View Slide

  72. Πϯελϯεͷఀࢭ or ࡟আ

    View Slide

  73. ·ͱΊ

    View Slide

  74. ·ͱΊ
    • CloudWatch Events͸AWSϦιʔεͷঢ়ଶม
    ԽʹϦΞϧλΠϜʹରԠͰ͖Δ
    • pendingͰࢭΊΕ͹՝ۚͳ͠ʂ
    • ݁ہLambda͸ඞཁͳͷͰ֮͑·͠ΐ͏
    • ؤுΓ·͢

    View Slide

  75. OpsJAWS͝঺հ
    • AWSӡ༻؅ཧͷϊ΢ϋ΢Λ޿͘ൃ৴
    • Partner SAϒϩάʹӡ༻TipsهࣄΛܝࡌத
    ؂ࢹɺϩάӡ༻ɺίετ؅ཧɺδϣϒӡ༻ɺߏ੒؅ཧɺΠϕϯτ௨஌etc . . .
    http://aws.typepad.com/aws_partner_sa/2015/06/aws-ops.html
    ɹɹɹɹɹɹɹɹɹɹɹɹ·ͨ͸ɺɹɹɹɹɹɹɹɹɹ ɹɹɹͰݕࡧ
    • Doorkeeper(OpsJAWS)

    View Slide

  76. ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ

    View Slide

  77. View Slide