Save 37% off PRO during our
Black Friday Sale! »
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
OpsJAWS#4 CloudWatch Events Hands-on
Tmorinaga
March 01, 2016
Technology
3
1.3k
OpsJAWS#4 CloudWatch Events Hands-on
OpsJAWS#4 20160301
Tmorinaga
March 01, 2016
Tweet
Share
More Decks by Tmorinaga
See All by Tmorinaga
tmorinaga
1
2.8k
tmorinaga
0
660
tmorinaga
2
3.1k
tmorinaga
3
3.6k
tmorinaga
0
1.7k
tmorinaga
1
520
tmorinaga
1
3k
tmorinaga
1
1.5k
Other Decks in Technology
See All in Technology
silmin_
0
180
noko
0
150
sankichi92
0
290
takipone
0
150
akakou
1
260
seputaratote
0
12k
larchanjo
0
140
timeseriesfr
0
260
y503unavailable
0
180
yulstat
0
320
takefumiyoshii
7
4.1k
rakus_dev
0
460
Featured
See All Featured
mza
82
4.5k
scottboms
253
11k
bkeepers
PRO
55
4.9k
roundedbygravity
85
8.2k
hatefulcrawdad
257
17k
chrisshort
6
28k
keathley
25
960
malarkey
396
61k
zakiwarfel
90
3.7k
shpigford
167
19k
philnash
23
1.2k
lemiorhan
634
50k
Transcript
OpsJAWS#4 CloudWatchEvents Hands-on Ϋϥεϝιουגࣜձࣾ ιϦϡʔγϣϯΞʔΩςΫτ Ӭେࢤ
ࣗݾհ
Morinaga Taishi(@morimoritaitai) AWS Solution Archetect ✦ झຯ : ήʔϜ(શൠ) /
ञ / Χϝϥ ✦ ڵຯ : DevOps / Security ✦ ͖ͳαʔϏε:Config/CloudTrail/IAM AWS Certified Solutions Architect - Professional Developer -Associate SysOps Administorator - Associate
ձࣾհ
Classmethod,Inc.
Classmethod,Inc. AWSίϯαϧɾઃܭɾߏஙͱ ϞόΠϧ։ൃ͕ϝΠϯ
ੈքதʹΦϑΟε جຊతʹਓ͕͍Δͱ͜ΖʹΦϑΟε͕ग़དྷ·͢
Developers.IO
Developers.IO 5500ຊͷٕज़هࣄ 2300ຊͷAWSهࣄ ݄ؒ100ສPV
ϋϯζΦϯͷࢿྉͪ͜Β https://speakerdeck.com/tmorinaga https://gist.github.com/Tmorinaga
Agenda • CloudWatchEventsͱ • ϋϯζΦϯͷ४උ • Built-in targetΛࢼͯ͠ΈΔ • Lambda
functionΛࢼͯ͠ΈΔ • ͓ย͚ͮ
CloudWatch Eventsͱ
CloudWatchEventsͱ • ΠϕϯτʢϦιʔεͷঢ়ଶมԽͳͲʣΛݕ ͠ɺΠϕϯτυϦϒϯͰΞΫγϣϯΛ࣮ߦ͢ ΔࣄͷͰ͖ΔαʔϏε • ౦ژϦʔδϣϯͰ͑·͢ʂʂʂ
ΠϕϯτυϦϒϯͬͯLambda ͱͲ͏ҧ͏ͷʁ • CWELambdaͷ৽͍͠Πϕϯτιʔε • LambdaҎ֎ͷ࿈ܞʢSNSɺKinesisʣBuilt- inͷΈ༻ҙ͞Ε͍ͯΔ
CloudWatchEventsͷߏཁૉ • Πϕϯτιʔε • λʔήοτ • ϧʔϧ
Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔελΠϛϯά • ݱࡏબͰ͖ΔͷҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷ִ̑ؒʣ
• API CallʢCloudTrailͰर͑Δͷ͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ
Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔελΠϛϯά • ݱࡏબͰ͖ΔͷҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷ִ̑ؒʣ
• API CallʢCloudTrailͰर͑Δͷ͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ
CloudWatchEvents͕ API CallΛΠϕϯτιʔεʹͭ
Lambda͕ CWEΛΠϕϯτιʔεʹͭ
΄΅ͯ͢ͷAPI CallΛ ؆୯ʹLambda࿈ܞͰ͖Δʂ
λʔήοτ • ࣮ߦ͢ΔΞΫγϣϯ • ݱࡏબͰ͖ΔͷҎԼ • Lambda Function • SNS
Topic • Kinesis Stream • Built-in Targetʢsnapshot࡞ͳͲͷػೳʣ
ϧʔϧ • ΠϕϯτιʔεͱλʔήοτͷΈ߹Θͤ • ͲΜͳϦιʔε͕Ͳ͏ͳͬͨΒʢΠϕϯτιʔ εʣɺͲ͏͢Δ͔ʢλʔήοτʣ
ϋϯζΦϯͷ४උ
ҎԼͷࣄΛ֬ೝͯ͠Լ͍͞ • IAMͷPolicyઃఆ • ࠓճ AdminݖݶͰΓ·͢ʢIAM͍͡ΔͨΊʣ • STSʢSecurity Token ServiceʣͷEndpoint
• IAM→Account Settings→Security Token Service RegionsͰઃఆ • σϑΥϧτON • Stoppedঢ়ଶͷΠϯελϯεΛͻͱͭ
CWEʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action":
"events:*", "Resource": "*" }, { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "*" } ] }
Ϧʔδϣϯͷ ΤϯυϙΠϯτ༗ޮԽ
Πϯελϯεͷ४උ t2.nanoͰͳΜͰ͍͍Ͱ͢
Built-in TargetΛ ࢼͯ͠ΈΔ
ࢼͯ͠ΈΔ͜ͱ • InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • ҙຯಛʹແ͍Ͱ͕͢ɺಈ͖Λݟ͚ͯΕ
Ruleͷ࡞ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:
Πϕϯτιʔεͷબ
EC2Πϯελϯεͷঢ়ଶΛબ
λʔήοτͷՃ
Built-in targetΛબ
ΞΫγϣϯͷબ
Πϯελϯεͷબ ͜Ε * ͰࢦఆͰ͖ΔΑ͏ʹͳΓ·ͤΜ͔Ͷ…ʁ
ϧʔϧͷ໊લΛೖྗ
IAM RoleΛ࡞ طʹ࡞͞Ε͍ͯΔํͦͪΒΛબ
IAM Roleͷ࡞ ಛʹઃఆཁΒͳ͍ͷͰڐՄ
built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",
"Action": [ "ec2:Describe*", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot" ], "Resource": "*" } ] }
ϧʔϧ࡞ྃ
ಈ࡞֬ೝ
ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ
࣍ͷϋϯζΦϯͷͨΊʹ… ͍ͯ͠Δͱ͕࣍͏·͍͖͘·ͤΜ
Lambda FunctionΛ ࢼͯ͠ΈΔ
ࢼͯ͠ΈΔ͜ͱ • ࢦఆ͞ΕͨλάʮCostʯ͕͍͍ͭͯͳ͍ InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • λάͷ͚ͭΕͬͯଟ͍Ͱ͢ΑͶ…
Lambda Function࡞
blueprintΘͳ͍ͷͰSkip
໊લͱ༻ݴޠΛࢦఆ
ίʔυΛίϐϖ https://gist.github.com/Tmorinaga/5b1df9e90e20fe173685
ίʔυʹ͍ͭͯ • ΤϥʔϋϯυϦϯάͳͲ͍ͯ͠·ͤΜͷͰɺ ຊ൪ར༻ͳͲ͢Δ߹࡞Γ͜ΜͰԼ͍͞ɻ • ͍͍ͷ͕Ͱ͖ͨΒڭ͑ͯԼ͍͞m(_ _)m
Lambda༻IAM Role࡞
Policyඍௐ
Policyඍௐ
built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",
"Action": [ . . . ], "Resource": "arn:aws:logs:*:*:*" }, { "Effect": "Allow", "Action": [ "ec2:StopInstances", "ec2:DescribeInstances" ], "Resource": "*" } ] } ←͜ͷ෦ΛՃ https://gist.github.com/Tmorinaga/678cd280c1702c9c5233
Advanced settingsͦͷ··
Review
Ruleͷ࡞ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:
Πϕϯτιʔεͷબ
EC2Πϯελϯεͷঢ়ଶΛબ
λʔήοτͷՃ
Lambda functionΛબ
Lambda functionΛબ
ϧʔϧͷ໊લΛೖྗ
ϧʔϧ࡞ྃ
λά͚ͳ͠ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ
λάʮCostʯΛՃ
λά͚͋Γಈ࡞֬ೝ ↓ runningʹͪΌΜͱͳΔʂ
͓ย͚ͮ
ϧʔϧΛআ ফ͓͔ͯ͠ͳ͍ͱΠϯελϯε͕ ىಈͰ͖ͳ͍ݱ͕͓͖·͢ɻ
Lambda functionΛআ ফ͞ͳͯ͘ѱ͞͠·ͤΜͷͰɺ ͍ͯͯ͠ߏ͍·ͤΜ
Πϯελϯεͷఀࢭ or আ
·ͱΊ
·ͱΊ • CloudWatch EventsAWSϦιʔεͷঢ়ଶม ԽʹϦΞϧλΠϜʹରԠͰ͖Δ • pendingͰࢭΊΕ՝ۚͳ͠ʂ • ݁ہLambdaඞཁͳͷͰ֮͑·͠ΐ͏ •
ؤுΓ·͢
OpsJAWS͝հ • AWSӡ༻ཧͷϊϋΛ͘ൃ৴ • Partner SAϒϩάʹӡ༻TipsهࣄΛܝࡌத ࢹɺϩάӡ༻ɺίετཧɺδϣϒӡ༻ɺߏཧɺΠϕϯτ௨etc . . .
http://aws.typepad.com/aws_partner_sa/2015/06/aws-ops.html ɹɹɹɹɹɹɹɹɹɹɹɹ·ͨɺɹɹɹɹɹɹɹɹɹ ɹɹɹͰݕࡧ • Doorkeeper(OpsJAWS)
͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ
None
tmorinaga
silmin_
noko
sankichi92
takipone
akakou
seputaratote
larchanjo
timeseriesfr
y503unavailable
yulstat
takefumiyoshii
rakus_dev
mza
scottboms
bkeepers
roundedbygravity
hatefulcrawdad
chrisshort
keathley
malarkey
zakiwarfel
shpigford
philnash
lemiorhan
