Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OpsJAWS#4 CloudWatch Events Hands-on

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Tmorinaga Tmorinaga
March 01, 2016
Technology
3
1.8k

OpsJAWS#4 CloudWatch Events Hands-on

OpsJAWS#4 20160301

Avatar for Tmorinaga

Tmorinaga

March 01, 2016
Tweet

More Decks by Tmorinaga

See All by Tmorinaga
OpsJAWS#13 IAMベストプラクティス
Avatar for Tmorinaga tmorinaga
1
4k
Developers.IO 2017 E3
Avatar for Tmorinaga tmorinaga
0
1.3k
JAWS DAYS 2017 Security-JAWS発表資料
Avatar for Tmorinaga tmorinaga
2
4.9k
AWS WAFのログが3時間しか見れないのでなんとかしてみる
Avatar for Tmorinaga tmorinaga
3
4.3k
re:Growth 2016 in Tokyo
Avatar for Tmorinaga tmorinaga
0
2.3k
Developers.IO 2016 in Fukuoka
Avatar for Tmorinaga tmorinaga
1
890
【エンジニア編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
Avatar for Tmorinaga tmorinaga
1
4.5k
【ビジネス編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
Avatar for Tmorinaga tmorinaga
1
2.4k

Other Decks in Technology

See All in Technology
「ストレッチゾーンに挑戦し続ける」ことって難しくないですか? メンバーの持続的成長を支えるEMの環境設計
Avatar for SansanTech sansantech
PRO
3
390
AWS SES VDMで 将来の配信事故を防げた話
Avatar for moyashi moyashi
0
170
kintone開発のプラットフォームエンジニアの紹介
Avatar for Cybozu cybozuinsideout
PRO
0
840
Dr. Werner Vogelsの14年のキーノートから紐解くエンジニアリング組織への処方箋@JAWS DAYS 2026
Avatar for Hiroshi Hayakawa (p0n) p0n
1
110
チームメンバー迷わないIaC設計
Avatar for hayama hayama17
5
4k
Evolution of Claude Code & How to use features
Avatar for Oikon oikon48
1
520
AWS DevOps Agent vs SRE俺 / AWS DevOps Agent vs me, the SRE
Avatar for SMS tech sms_tech
3
370
Databricksアシスタントが自分で考えて動く時代に! エージェントモード体験もくもく会
Avatar for Takaaki Yayoi taka_aki
0
350
IBM Bobを使って、PostgreSQLのToDoアプリをDb2へ変換してみよう/202603_Dojo_Bob
Avatar for Mayumi Hirano mayumihirano
1
220
元エンジニアPdM、IDEが恋しすぎてCursorに全業務を集約したら、スライド作成まで爆速になった話
Avatar for "doiko" chiaki_yamaguchi doiko123
1
470
モブプログラミング再入門 ー 基本から見直す、AI時代のチーム開発の選択肢 ー / A Re-introduction of Mob Programming
Avatar for TAKAKING22 takaking22
5
660
Oracle Database@Azure:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
4
1.1k

Featured

See All Featured
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
45
8.8k
Digital Ethics as a Driver of Design Innovation
Avatar for Per Axbom axbom
PRO
1
210
16th Malabo Montpellier Forum Presentation
Avatar for AKADEMIYA2063 akademiya2063
PRO
0
64
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
40k
Rails Girls Zürich Keynote
Avatar for Gregor Martynus gr2m
96
14k
Leo the Paperboy
Avatar for Maya Tellez mayatellez
4
1.5k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
3k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
Mind Mapping
Avatar for Hélio Medeiros helmedeiros
PRO
1
110
Money Talks: Using Revenue to Get Sh*t Done
Avatar for Nikki Halliwell nikkihalliwell
0
170
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
231
22k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
Avatar for Mike Taylor tmiket
0
280

Transcript

  1. OpsJAWS#4 CloudWatchEvents Hands-on Ϋϥεϝιουגࣜձࣾ ιϦϡʔγϣϯΞʔΩςΫτ ৿Ӭେࢤ

  2. ࣗݾ঺հ

  3. Morinaga Taishi(@morimoritaitai) AWS Solution Archetect ✦ झຯ : ήʔϜ(શൠ) /

    ञ / Χϝϥ ✦ ڵຯ : DevOps / Security ✦ ޷͖ͳαʔϏε:Config/CloudTrail/IAM AWS Certified Solutions Architect - Professional Developer -Associate SysOps Administorator - Associate

  4. ձࣾ঺հ

  5. Classmethod,Inc.

  6. Classmethod,Inc. AWSίϯαϧɾઃܭɾߏஙͱ ϞόΠϧ։ൃ͕ϝΠϯ

  7. ੈքதʹΦϑΟε جຊతʹਓ͕͍Δͱ͜ΖʹΦϑΟε͕ग़དྷ·͢

  8. Developers.IO

  9. Developers.IO 5500ຊͷٕज़هࣄ 2300ຊͷAWSهࣄ ݄ؒ100ສPV

  10. ϋϯζΦϯͷࢿྉ͸ͪ͜Β https://speakerdeck.com/tmorinaga https://gist.github.com/Tmorinaga

  11. Agenda • CloudWatchEventsͱ͸ • ϋϯζΦϯͷ४උ • Built-in targetΛࢼͯ͠ΈΔ • Lambda

    functionΛࢼͯ͠ΈΔ • ͓ย͚ͮ

  12. CloudWatch Eventsͱ͸

  13. CloudWatchEventsͱ͸ • ΠϕϯτʢϦιʔεͷঢ়ଶมԽͳͲʣΛݕ஌ ͠ɺΠϕϯτυϦϒϯͰΞΫγϣϯΛ࣮ߦ͢ ΔࣄͷͰ͖ΔαʔϏε • ౦ژϦʔδϣϯͰ࢖͑·͢ʂʂʂ

  14. ΠϕϯτυϦϒϯͬͯLambda ͱ͸Ͳ͏ҧ͏ͷʁ • CWE͸Lambdaͷ৽͍͠Πϕϯτιʔε • LambdaҎ֎ͷ࿈ܞʢSNSɺKinesisʣ΍Built- inͷ࢓૊Έ΋༻ҙ͞Ε͍ͯΔ

  15. CloudWatchEventsͷߏ੒ཁૉ • Πϕϯτιʔε • λʔήοτ • ϧʔϧ

  16. Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷୹̑෼ִؒʣ

    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ

  17. Πϕϯτιʔε • ΠϕϯτͷݩͱͳΔϦιʔε΍λΠϛϯά • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • EC2ͷStatusมԽʢRunning,Stopped etcʣ • εέδϡʔϧʢ࠷୹̑෼ִؒʣ

    • API CallʢCloudTrailͰर͑Δ΋ͷ͸͍͍ͩͨʣ • AutoScalingͷมԽʢLaunch Successful etcʣ

  18. CloudWatchEvents͕ API CallΛΠϕϯτιʔεʹ΋ͭ

  19. Lambda͕ CWEΛΠϕϯτιʔεʹ΋ͭ

  20. ΄΅͢΂ͯͷAPI CallΛ ؆୯ʹLambda࿈ܞͰ͖Δʂ

  21. λʔήοτ • ࣮ߦ͢ΔΞΫγϣϯ • ݱࡏબ୒Ͱ͖Δͷ͸ҎԼ • Lambda Function • SNS

    Topic • Kinesis Stream • Built-in Targetʢsnapshot࡞੒ͳͲͷػೳʣ

  22. ϧʔϧ • Πϕϯτιʔεͱλʔήοτͷ૊Έ߹Θͤ • ͲΜͳϦιʔε͕Ͳ͏ͳͬͨΒʢΠϕϯτιʔ εʣɺͲ͏͢Δ͔ʢλʔήοτʣ

  23. ϋϯζΦϯͷ४උ

  24. ҎԼͷࣄΛ֬ೝͯ͠Լ͍͞ • IAMͷPolicyઃఆ • ࠓճ͸ AdminݖݶͰ΍Γ·͢ʢIAM͍͡ΔͨΊʣ • STSʢSecurity Token ServiceʣͷEndpoint

    • IAM→Account Settings→Security Token Service RegionsͰઃఆ • σϑΥϧτ͸ON • Stoppedঢ়ଶͷΠϯελϯεΛͻͱͭ

  25. CWEʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action":

    "events:*", "Resource": "*" }, { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "*" } ] }

  26. Ϧʔδϣϯͷ ΤϯυϙΠϯτ༗ޮԽ

  27. Πϯελϯεͷ४උ t2.nanoͰ΋ͳΜͰ΋͍͍Ͱ͢

  28. Built-in TargetΛ ࢼͯ͠ΈΔ

  29. ࢼͯ͠ΈΔ͜ͱ • InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • ҙຯ͸ಛʹແ͍Ͱ͕͢ɺಈ͖Λݟͯ௖͚Ε͹

  30. Ruleͷ࡞੒ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

  31. Πϕϯτιʔεͷબ୒

  32. EC2Πϯελϯεͷঢ়ଶΛબ୒

  33. λʔήοτͷ௥Ճ

  34. Built-in targetΛબ୒

  35. ΞΫγϣϯͷબ୒

  36. Πϯελϯεͷબ୒ ͜Ε * ͰࢦఆͰ͖ΔΑ͏ʹͳΓ·ͤΜ͔Ͷ…ʁ

  37. ϧʔϧͷ໊લΛೖྗ

  38. IAM RoleΛ࡞੒ طʹ࡞੒͞Ε͍ͯΔํ͸ͦͪΒΛબ୒

  39. IAM Roleͷ࡞੒ ಛʹઃఆ͸ཁΒͳ͍ͷͰڐՄ

  40. built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",

    "Action": [ "ec2:Describe*", "ec2:RebootInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateSnapshot" ], "Resource": "*" } ] }

  41. ϧʔϧ࡞੒׬ྃ

  42. ಈ࡞֬ೝ

  43. ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ

  44. ࣍ͷϋϯζΦϯͷͨΊʹ… ࢒͍ͯ͠Δͱ͕࣍͏·͍͖͘·ͤΜ

  45. Lambda FunctionΛ ࢼͯ͠ΈΔ

  46. ࢼͯ͠ΈΔ͜ͱ • ࢦఆ͞ΕͨλάʮCostʯ͕͍͍ͭͯͳ͍ InstanceΛىಈͨ͠ΒPendingঢ়ଶͰڧ੍ఀࢭ • λάͷ͚ͭ๨Εͬͯଟ͍Ͱ͢ΑͶ…

  47. Lambda Function࡞੒

  48. blueprint͸࢖Θͳ͍ͷͰSkip

  49. ໊લͱ࢖༻ݴޠΛࢦఆ

  50. ίʔυΛίϐϖ https://gist.github.com/Tmorinaga/5b1df9e90e20fe173685

  51. ίʔυʹ͍ͭͯ • ΤϥʔϋϯυϦϯάͳͲ͍ͯ͠·ͤΜͷͰɺ ຊ൪ར༻ͳͲ͢Δ৔߹͸࡞Γ͜ΜͰԼ͍͞ɻ • ͍͍΋ͷ͕Ͱ͖ͨΒڭ͑ͯԼ͍͞m(_ _)m

  52. Lambda༻IAM Role࡞੒

  53. Policyඍௐ੔

  54. Policyඍௐ੔

  55. built-in targetʹඞཁͳPolicy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",

    "Action": [ . . . ], "Resource": "arn:aws:logs:*:*:*" }, { "Effect": "Allow", "Action": [ "ec2:StopInstances", "ec2:DescribeInstances" ], "Resource": "*" } ] } ←͜ͷ෦෼Λ௥Ճ https://gist.github.com/Tmorinaga/678cd280c1702c9c5233

  56. Advanced settings͸ͦͷ··

  57. Review

  58. Ruleͷ࡞੒ https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#events:

  59. Πϕϯτιʔεͷબ୒

  60. EC2Πϯελϯεͷঢ়ଶΛબ୒

  61. λʔήοτͷ௥Ճ

  62. Lambda functionΛબ୒

  63. Lambda functionΛબ୒

  64. ϧʔϧͷ໊લΛೖྗ

  65. ϧʔϧ࡞੒׬ྃ

  66. λά෇͚ͳ͠ಈ࡞֬ೝ ↓ pending͔Β͙͢ʹstoppedʹʂ

  67. λάʮCostʯΛ௥Ճ

  68. λά෇͚͋Γಈ࡞֬ೝ ↓ runningʹͪΌΜͱͳΔʂ

  69. ͓ย͚ͮ

  70. ϧʔϧΛ࡟আ ফ͓͔ͯ͠ͳ͍ͱΠϯελϯε͕ ىಈͰ͖ͳ͍ݱ৅͕͓͖·͢ɻ

  71. Lambda functionΛ࡟আ ফ͞ͳͯ͘΋ѱ͞͸͠·ͤΜͷͰɺ ࢒͍ͯͯ͠΋ߏ͍·ͤΜ

  72. Πϯελϯεͷఀࢭ or ࡟আ

  73. ·ͱΊ

  74. ·ͱΊ • CloudWatch Events͸AWSϦιʔεͷঢ়ଶม ԽʹϦΞϧλΠϜʹରԠͰ͖Δ • pendingͰࢭΊΕ͹՝ۚͳ͠ʂ • ݁ہLambda͸ඞཁͳͷͰ֮͑·͠ΐ͏ •

    ؤுΓ·͢

  75. OpsJAWS͝঺հ • AWSӡ༻؅ཧͷϊ΢ϋ΢Λ޿͘ൃ৴ • Partner SAϒϩάʹӡ༻TipsهࣄΛܝࡌத ؂ࢹɺϩάӡ༻ɺίετ؅ཧɺδϣϒӡ༻ɺߏ੒؅ཧɺΠϕϯτ௨஌etc . . .

    http://aws.typepad.com/aws_partner_sa/2015/06/aws-ops.html ɹɹɹɹɹɹɹɹɹɹɹɹ·ͨ͸ɺɹɹɹɹɹɹɹɹɹ ɹɹɹͰݕࡧ • Doorkeeper(OpsJAWS)

  76. ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ

  77. None