Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
それでも俺はAWS CDKが作るリソースに物理名を付けたい 〜CDKのベストプラクティスは本当...
Search
tomoki10
April 09, 2022
Technology
1
8.1k
それでも俺はAWS CDKが作るリソースに物理名を付けたい 〜CDKのベストプラクティスは本当にベストなのか〜 / AWS CDK resource name can be a physical name
AWS CDK Conference Japan で発表した内容です。
https://jawsug.connpass.com/event/240422/
tomoki10
April 09, 2022
Tweet
Share
More Decks by tomoki10
See All by tomoki10
今年のアップデートで振り返るCDKセキュリティのシフトレフト/2024-cdk-security-shift-left
tomoki10
0
280
あの日俺達が夢見たサーバレスアーキテクチャ/the-serverless-architecture-we-dreamed-of
tomoki10
0
520
re:Invent2024のIaC周りのアップデート&セッションの共有/around-re-invent-2024-iac-updates
tomoki10
0
1.1k
Classmethod流のPlatform Engineering / classmethod-platform-engineering-devio2024
tomoki10
1
1.3k
AWS CDK Conference Japan 2024 OP
tomoki10
0
720
TypeScripterに送るIaCの世界への招待〜AWS CDKと共に〜/inviting-typescripters-to-the-world-of-iac-with-aws-cdk
tomoki10
0
750
AWSでもBuildpacksを使ってDockerfileレスに出来るのか!?/can-i-use-buildpacks-to-go-dockerfile-less-in-aws
tomoki10
0
2.8k
ECS on Fargate のセキュリティ対策は何をやるべき?開発者目線で考える/security-for-ecs-on-fargate-secjawsdays
tomoki10
14
11k
AWS CDKの最強の書き方を実践してみる 2023年版/practice-the-strongest-writing-method-of-aws-cdk-2023-edition
tomoki10
4
6.8k
Other Decks in Technology
See All in Technology
GitHub Copilot のテクニック集/GitHub Copilot Techniques
rayuron
39
17k
[トレノケ雲の会 mod.13] 3回目のre:Inventで気づいたこと -CloudOperationsを添えて-
shintaro_fukatsu
0
110
Fanstaの1年を大解剖! 一人SREはどこまでできるのか!?
syossan27
2
320
Storage Browser for Amazon S3
miu_crescent
1
300
「完全に理解したTalk」完全に理解した
segavvy
1
180
スケールし続ける事業とサービスを支える組織とアーキテクチャの生き残り戦略 / The survival strategy for Money Forward’s engineering.
moneyforward
0
110
事業貢献を考えるための技術改善の目標設計と改善実績 / Targeted design of technical improvements to consider business contribution and improvement performance
oomatomo
0
170
DevFest 2024 Incheon / Songdo - Compose UI 조합 심화
wisemuji
0
190
Server-Side Engineer of LINE Sukimani
lycorp_recruit_jp
0
420
AWS re:Invent 2024 ふりかえり勉強会
yhana
0
610
社内イベント管理システムを1週間でAKSからACAに移行した話し
shingo_kawahara
0
220
AWS re:Invent 2024で発表された コードを書く開発者向け機能について
maruto
0
220
Featured
See All Featured
Faster Mobile Websites
deanohume
305
30k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.4k
Side Projects
sachag
452
42k
Mobile First: as difficult as doing things right
swwweet
222
9k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.6k
How GitHub (no longer) Works
holman
311
140k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.2k
Navigating Team Friction
lara
183
15k
Unsuck your backbone
ammeep
669
57k
Designing for humans not robots
tammielis
250
25k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.6k
Transcript
AWS CDK Conference Japan ͦΕͰԶAWS CDK͕࡞ΔϦιʔεʹཧ໊Λ͚͍ͨ ʙCDKͷϕετϓϥΫςΟεຊʹϕετͳͷ͔ʙ CXࣄۀຊ෦ IoTࣄۀ෦ 2022/04/09
ࠤ౻ஐथ 1
ࣗݾհ @tmk2154 @tomoki10 • ࠤ౻ஐथ • Ϋϥεϝιουגࣜձࣾ • CXࣄۀຊ෦ IoTࣄۀ෦
• ݱࡏɿαʔόʔαΠυ݉ΠϯϑϥΤϯδχΞ ݉QAͱ͔AWSΞΧϯτͷηΩϡϦςΟ • झຯɿAPEXɺࢄา • ͖ͳAWSαʔϏεɿLambdaɺCDK
AWS CDKͷϕετϓϥΫςΟεͰϦιʔεͷࣗಈ໊͚͕ਪ͞Εͯ·͢ ͚Ͳɺࣗಈ໊͚ͷϦιʔε໊ਏ͘ͳ͍Ͱ͔͢ʁʁ 3 ఏى Fargate Cluster/ServiceͱConstructͷidʹڥ໊+ݻఆ໊+Ϧιʔε໊Λઃఆͨ͠߹ͷදࣔྫ
4 ઌਓͷݴ༿ https://www.amazon.co.jp/ιϑτΣΞΞʔΩςΫνϟͷجૅ-—ΤϯδχΞϦϯάʹجͮ͘ମܥతΞϓϩʔν-Mark-Richards/dp/4873119820/ ʮΞʔΩςΫτʹաڈͷ͔࣌Β͞Ε͍ͯΔ લఏެཧΛٙ͏ͱ͍͏ॏཁͳ͕͋Δʯ P.viiΑΓ
5 ࣍ • AWS CDKϕετϓϥΫςΟεͱ • ࠓճऔΓ্͛Δ߲ • Ϧιʔεͷࣗಈ໊͚ͷ֓ཁ •
ͱߟ͑Δཧ༝ • ղܾࡦ
6 AWS CDKϕετϓϥΫςΟεͱ AWS CDKͷϕετϓϥΫςΟεʹ͍ͭͯॻ͔ΕͨAWSϒϩά https://aws.amazon.com/jp/blogs/news/best-practices-for-developing-cloud-applications-with-aws-cdk/ ओͳ༰ • CDKͷֶ •
৫ͰͷऔΓΉࡍͷ৺ಘ • ίʔυཧํ๏ • ConstructϥΠϒϥϦͷϕετϓϥΫςΟε • AWS CDK ΞϓϦέʔγϣϯͷ ϕετϓϥΫςΟε
7 AWS CDKϕετϓϥΫςΟεͱ AWS CDKͷϕετϓϥΫςΟεʹ͍ͭͯॻ͔ΕͨAWSϒϩά https://aws.amazon.com/jp/blogs/news/best-practices-for-developing-cloud-applications-with-aws-cdk/ ओͳ༰ • CDKͷֶ •
৫ͰͷऔΓΉࡍͷ৺ಘ • ίʔυཧํ๏ • ConstructϥΠϒϥϦͷϕετϓϥΫςΟε • AWS CDK ΞϓϦέʔγϣϯͷ ϕετϓϥΫςΟε
8 ϕετϓϥΫςΟε·ͩૣ͍ͱײͨ͡Β ॳ~தڃऀ͚ͷͰҎલొஃͨ͠ͷͰͪ͜Βݟ͍ͯͩ͘͞(એ) https://dev.classmethod.jp/articles/aws-devday-online-japan-know-how-from-initial-development-to-operation-on-how-to-use-aws-cdk/ ओͳ༰ • CDKͷ෦ߏͷུ֓ • ։ൃ࣌Α͘Ή෦ͷิ •
։ൃ࣌ͷϊϋ • ύΠϓϥΠϯߏங࣌ͷબࢶ • ӡ༻࣌ͷϊϋ
9 AWS CDK ΞϓϦέʔγϣϯͷϕετϓϥΫςΟε ॻ͔Ε͍߲ͯͨ(Օॻ͖ɿ໊߲ɺվߦԼͷίϝϯτɿࣗͷղऍ) • σϓϩΠ࣌Ͱͳ͘ɺ߹࣌ʹܾఆ͢Δ CfnͷύϥϝʔλͰͳ͘CDKͷςϯϓϨʔτੜ࣌ʹΛຒΊࠐ͏ • ࣗಈͰੜ͞ΕΔϦιʔε໊Λ༻͠ɺཧతͳ໊લΛ༻͠ͳ͍
• σϓϩΠཁ݅ʹԠͯ͡ɺΞϓϦέʔγϣϯͷStageΛෳͷStackʹׂ͢Δ ᘳͳਖ਼ղͳ͍͕ελοΫঢ়گʹԠׂͯ͡ • cdk.context.jsonΛίϛοτͯ͠ɺ֎෦తͳཁҼͰ߹݁Ռ͕มΘͬͯ͠·͏͜ͱΛආ͚Δ ҙਤͤͣϦιʔεͷߋ৽͕ൃੜ͠ͳ͍Α͏ʹ͢ΔͨΊͷܙ • AWS CDKͰϩʔϧͱηΩϡϦςΟάϧʔϓΛཧͰ͖ΔΑ͏ʹ͢Δ CDKͰҰ෦ఏڙ͞Ε͍ͯΔϩʔϧηΩϡϦςΟάϧʔϓੜػೳΛ͏ͱ࠷খݖݶͰ࣮͍͢͠ • શͯͷStageΛίʔυͰϞσϧԽ͢Δ ڥ͝ͱʹStackϑΝΠϧΛ࡞Βͣɺڥ͝ͱͷύϥϝʔλͰΓସ͑Δͱڥࠩҟ͕࠷খʹͳΔ • શͯΛଌఆ͢Δ ϝτϦΫεμογϡϘʔυͳͲΛ࡞ΕΔϝιουΛ׆༻͠Α͏
10 AWS CDK ΞϓϦέʔγϣϯͷϕετϓϥΫςΟε ॻ͔Ε͍߲ͯͨ(Օॻ͖ɿ໊߲ɺվߦԼͷίϝϯτɿࣗͷղऍ) • σϓϩΠ࣌Ͱͳ͘ɺ߹࣌ʹܾఆ͢Δ CfnͷύϥϝʔλͰͳ͘CDKͷςϯϓϨʔτੜ࣌ʹΛຒΊࠐ͏ • ࣗಈͰੜ͞ΕΔϦιʔε໊Λ༻͠ɺཧతͳ໊લΛ༻͠ͳ͍ɹɹˡ
ʂʂʂʂʂʂʂʂʂʂʂʂ • σϓϩΠཁ݅ʹԠͯ͡ɺΞϓϦέʔγϣϯͷStageΛෳͷStackʹׂ͢Δ ᘳͳਖ਼ղͳ͍͕ελοΫঢ়گʹԠׂͯ͡ • cdk.context.jsonΛίϛοτͯ͠ɺ֎෦తͳཁҼͰ߹݁Ռ͕มΘͬͯ͠·͏͜ͱΛආ͚Δ ҙਤͤͣϦιʔεͷߋ৽͕ൃੜ͠ͳ͍Α͏ʹ͢ΔͨΊͷܙ • AWS CDKͰϩʔϧͱηΩϡϦςΟάϧʔϓΛཧͰ͖ΔΑ͏ʹ͢Δ CDKͰҰ෦ఏڙ͞Ε͍ͯΔϩʔϧηΩϡϦςΟάϧʔϓੜػೳΛ͏ͱ࠷খݖݶͰ࣮͍͢͠ • શͯͷStageΛίʔυͰϞσϧԽ͢Δ ڥ͝ͱʹStackϑΝΠϧΛ࡞Βͣɺڥ͝ͱͷύϥϝʔλͰΓସ͑Α͏ • શͯΛଌఆ͢Δ ϝτϦΫεμογϡϘʔυͳͲΛ࡞ΕΔϝιουΛ׆༻͠Α͏
11 ϕετϓϥΫςΟεͷৄࡉ ࣗಈͰੜ͞ΕΔϦιʔε໊Λ༻͠ɺཧతͳ໊લΛ༻͠ͳ͍
ཧ໊Λ͏߹ͷσϝϦοτ • ΠϯϑϥͷҰ෦ΛෳσϓϩΠ͢Δ͜ͱ͕Ͱ͖ͳ͍ • Ϧιʔεʹഁյతมߋ͕͏߹ɺ࠶࡞ʹࣦഊ͢Δ 12 ϕετϓϥΫςΟεͷৄࡉ Amazon DynamoDB AWS
CDK Table A Hoge Table A Fuga Amazon DynamoDB AWS CDK Table A ཧ໊Λݻఆ͠ͳ͍߹ ཧ໊Λݻఆ͢Δ߹ 1ճ 2ճ ςʔϒϧ ࡞ ςʔϒϧ ࡞ 1ճ 2ճ
ܦݧ͔Βཧ໊Λ͏߹ͷσϝϦοτ • আ࣌ͷϙϦγʔΛอޢ(RemovalPolicy.RETAIN)Ͱઃఆͨ͠/͞ΕͯΔ߹ ελοΫআޙɺ࠶σϓϩΠ࣌ʹલճ࣮ߦͨ͠Ϧιʔε͕ॏෳࣦ͠ഊ͢Δ ҙਤͤͣอޢઃఆʹͳ͍ͬͯΔϦιʔε͕͋ΔͱσϓϩΠ͢Δ·Ͱؾ͚ͮͳ͍ 13 ཧ໊ͷσϝϦοτ AWS CDK AWS
CDK ཧ໊Λݻఆ͠ͳ͍߹ ཧ໊Λݻఆ͢Δ߹ 1ճ 2ճ Lambda ࡞࣌ Lambda ࡞࣌ 1ճ 2ճ Amazon CloudWatch Amazon CloudWatch Logs Hoge Logs Fuga Logs
14 ຊʹͦ͏͔ࠓҰٙͬͯΈΔ
ཧ໊Λ͏߹ͷσϝϦοτ • ΠϯϑϥͷҰ෦ΛෳσϓϩΠ͢Δ͜ͱͰ͖ͳ͍ →ෳਓ։ൃ࣌ͷఆ?Ϧιʔε໋໊نଇCDKͷίʔυͱCfnͷ༷Λಡ·ͳ͍ͱ͔Βͣ ɹࣅͨΑ͏ͳ໊લͷϦιʔε͕ෳͰ͖Δͱؔ࿈͕͔ΒͣٯʹෆศͰʁ →Ϧιʔε໊ͷিಥ໋໊نଇ(ex.Ϧιʔεʹݸਓ͝ͱͷڥ໊Λ͚Δ)ͰճආՄೳ →ͦͦStack໊͕ҟͳͬͯConstructͷid͕ಉͩ͡ͱॏෳ͢ΔϦιʔε͕Ұ෦ଘࡏ͢Δ • Ϧιʔεʹഁյతมߋ͕͏߹ɺ࠶࡞ʹࣦഊ͢Δ →ྫʹ͋ΔDynamoDBͷKeySchemaͷมߋςʔϒϧ͕Ұഁغ͞ΕΔ
ɹϢʔβଆͦͷةݥੑʹؾ͚ͮΔΑ͏ʹ࡞ʹࣦഊͨ͠ํ͕ྑ͍ͷͰʁ 15 ϕετϓϥΫςΟεͷৄࡉ
ࢀরΕϩά ࢀরΕϩά • ࠶σϓϩΠ࣌ʹલճ࣮ߦͨ͠Ϧιʔε໊͕ॏෳ͠ͳ͍ →ҎલͷϦιʔεΔͷͰ͜·Ίʹআ͠ͳ͍ͱେྔʹϦιʔε͕Γ ɹͲΕ͕ݟ͍ͨͷ͔ɺআͯ͠ྑ͍ͷ͔͕͔ΓͮΒ͘ͳΔ 16 ϕετϓϥΫςΟεͷৄࡉ AWS CDK
1ճ Logs AWS CDK 2ճ࠶σϓϩΠ Logs Logs AWS CDK nճ࠶σϓϩΠ Logs Logs Logs Logs Logs Logs Logs Logs ;͏ɺ៉ྷʹͳͬͨͧʂ ͲͷϩάΛ ݟΕྑ͍ͷʁ ։ൃऀ
17 ผελοΫͰಉ͡ϦιʔεΛ࡞Δܙ https://speakerdeck.com/tomoki10/know-how-from-initial-development-to-operation-on-how-to-use-aws-cdk?slide=11
18 ผελοΫͰಉ͡ϦιʔεΛ࡞Δܙ ը૾Ҿ༻ݩɿ https://aws.amazon.com/jp/blogs/aws/boost-your-infrastructure-with-cdk/ new dynamodb.Table(this, `${id}-items`, { tableName: `${id}-items`,
partitionKey: { name: "itemId", type: dynamodb.AttributeType.STRING, }, }); const app = new cdk.App(); new UserAStack(app, `${envName}-${projectName}-UserAStack`, {} ); ໋໊نଇ͕ϦιʔεͰҟͳΓҰ෦(Aurora/WAFͳͲ) ελοΫ໊͕ҟͳͬͯϦιʔε໊͕ಉ͜͡ͱ͋Δ ͷͰ id Λ͚ͭΔ͜ͱͰॏෳΛճආͰ͖Δ envNameͱprojectNamecdk.json͔Βೖ͢Δ envNameݸਓ͝ͱ projectNamePJΛࣝผ͢ΔͨΊઃఆ
ௐࠪ/ӡ༻ͰԿ֬ೝ͢Δ߹ɺରͷϦιʔε͕͔Γʹͯ͘͘ਏ͍ 19 ܦݧ͔Βࣗಈ໊͚ͷ߹ͷਏ͍෦ Fargate Cluster/ServiceͱConstructͷidʹڥ໊+ݻఆ໊+Ϧιʔε໊Λઃఆͨ͠߹ͷදࣔྫ
• ೝෛՙͷதͷࡏੑೝ(ࠓճௐࠪʹඞཁͳهԱ)ෛՙ͕ߴ͘ͳΔ →։ൃௐࠪͳͲຊདྷ࣮ࢪ͍ͨ͠࡞ۀ༻ͷϫʔΩϯάϝϞϦ͕গͳ͘ͳΔ →ർฐ͠ੜ࢈ੑԼ(ݸਓͷײͰ͢) • ҰͭϦιʔεΛࣗಈͰ͚ͭΔͱCloudWatch LogsͷϩάάϧʔϓͳͲ ؔ࿈͢ΔϦιʔεࣗಈͰ໊͚͞ΕΔ 20 ܦݧ͔Βࣗಈ໊͚ͷ߹ͷਏ͍෦
͍͍ͨ ϦιʔεA ϦιʔεAͷ ϋογϡ໊ ϦιʔεA͕ ؔ࿈ͯ͠ੜ ͨ͠ϦιʔεB ϦιʔεBͷ ϋογϡ໊
21 ϕετϓϥΫςΟεΛ͋ΒͨΊͯݟฦ͢
22 ϕετϓϥΫςΟεΛ͋ΒͨΊͯݟฦ͢
23 Ͱ͖·ͤΜͰͨ͠ʂ
24 ݁ہϦιʔε໊Ͳ͏͖͔͢ ࣗͳΓͷ݁ • ։ൃ/ௐࠪ/ӡ༻ͳͲͰΑ֬͘ೝ͢ΔϦιʔε໊લΛݻఆ͢Δ αʔϏεͷྫ • ECSLambdaͳͲͷίϯϐϡʔςΟϯάαʔϏε • DynamoDBS3ͳͲͷετϨʔδ
• μογϡϘʔυ໊Ξϥʔτ໊ • ্هҎ֎ͷαʔϏεͰ͖Δ͚ͩݻఆ͠ͳ͍
25 ·ͱΊ • CDKͷϕετϓϥΫςΟε͕ຊ͔վΊͯߟ͑ͯΈͨ • ެཧΛٙ͏͜ͱΞʔΩςΫτͷ • ࣗಈͰੜ͞ΕΔϦιʔε໊Λ༻͠ɺཧతͳ໊લΛ༻͠ͳ͍ • ϕετϓϥΫςΟεͰड़ΒΕ͍ͯΔརΛվΊͯ֬ೝ
• ϕετͰͳ͔ͬͨܦݧͷհ • ζϘϥͳਓؒ(ࢲ)ͷ߹ɺෆཁϦιʔε͕େྔʹΔ • ࣗಈϦιʔε໊Ͱೝෛՙ͕ߴ͘ͳΔ • Ϧιʔε໊ͷࣗಈੜ΄Ͳ΄Ͳʹɻਏ͍࣌ݻఆԽ͠Α͏
26 additional JAWS CDK Λ্ཱ͍͖͍ͪ͛ͯͨʂͬͱݟΛڞ༗͍ͨ͠ʂ CDKͷݟΛൃද͍ͨ͠ํCDKΛΓ্͍͛ͨํืूʂʂ CDK @tmk2154 #jawsug-cdk νϟϯωϧ
https://jaws-ug.jp/jaws-ug-slack/
tomoki10
rayuron
shintaro_fukatsu
syossan27
miu_crescent
segavvy
moneyforward
oomatomo
wisemuji
lycorp_recruit_jp
yhana
shingo_kawahara
maruto
deanohume
geoffreycrofte
sachag
swwweet
dougneiner
holman
marcelosomers
eileencodes
lara
ammeep
tammielis
kastner
