Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ECSとSQSでスケーラブルなバッチを作った
Search
Takafumi Yoshida
August 17, 2019
Technology
2
1.2k
ECSとSQSでスケーラブルなバッチを作った
Takafumi Yoshida
August 17, 2019
Tweet
Share
More Decks by Takafumi Yoshida
See All by Takafumi Yoshida
DynamoDB Step Zero to One
zephiransas
0
630
ECSとALBで始めるblue/greenデプロイメント
zephiransas
2
310
DynamoDB関連のアップデート紹介 #reinvent2018
zephiransas
0
740
CloudGarageでGitBucketサーバをたててみた
zephiransas
0
510
プログラマが知っておくといいかもしれないCSSのハナシ
zephiransas
1
1k
ラクして学ぶ英語(LT版)
zephiransas
0
190
あなたとCrystal、いますぐダウンロード
zephiransas
1
1.7k
使ってみようLombok
zephiransas
0
250
Modern Web Development with ninjaframework
zephiransas
0
3.1k
Other Decks in Technology
See All in Technology
(機械学習システムでも) SLO から始める信頼性構築 - ゆる SRE#9 2025/02/21
daigo0927
0
270
ExaDB-XSで利用されているExadata Exascaleについて
oracle4engineer
PRO
3
250
技術スタックだけじゃない、業務ドメイン知識のオンボーディングも同じくらいの量が必要な話
niftycorp
PRO
0
100
Aurora PostgreSQLがCloudWatch Logsに 出力するログの課金を削減してみる #jawsdays2025
non97
1
200
OPENLOGI Company Profile
hr01
0
60k
AWSアカウントのセキュリティ自動化、どこまで進める? 最適な設計と実践ポイント
yuobayashi
7
610
AWS Well-Architected Frameworkで学ぶAmazon ECSのセキュリティ対策
umekou
2
140
分解して理解する Aspire
nenonaninu
2
1.1k
AWSではじめる Web APIテスト実践ガイド / A practical guide to testing Web APIs on AWS
yokawasa
8
690
エンジニアリング価値を黒字化する バリューベース戦略を用いた 技術戦略策定の道のり
kzkmaeda
6
2.7k
【内製開発Summit 2025】イオンスマートテクノロジーの内製化組織の作り方/In-house-development-summit-AST
aeonpeople
2
670
IAMポリシーのAllow/Denyについて、改めて理解する
smt7174
2
210
Featured
See All Featured
Intergalactic Javascript Robots from Outer Space
tanoku
270
27k
Gamification - CAS2011
davidbonilla
80
5.2k
A Philosophy of Restraint
colly
203
16k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.7k
Embracing the Ebb and Flow
colly
84
4.6k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
570
Product Roadmaps are Hard
iamctodd
PRO
50
11k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
49
2.3k
Building Adaptive Systems
keathley
40
2.4k
Practical Orchestrator
shlominoach
186
10k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Transcript
&$4ͱ424Ͱ εέʔϥϒϧͳόονΛ࡞ͬͨ ٢ాوจ ![FQIJSBOTBT Ϋϥεϝιουגࣜձࣾ
εϥΠυޙͰೖख͢Δ͜ͱ͕ग़དྷ·͢ͷͰ ൃදதͷ༰ΛϝϞ͢Δඞཁ͋Γ·ͤΜɻ ࣸਅࡱӨΛ͢Δ߹ ϑϥογϡɾγϟολʔԻ͕ग़ͳ͍Α͏ʹྀ͍ͩ͘͝͞ Attention
#jawsug #jawsoka #soracomug
ࣗݾհ ٢ాوจ ![FQIJSBOTBT wΫϥεϝιουגࣜձࣾ w$9ࣄۀຊ෦αʔόαΠυΤϯδχΞ wԬࢁ+BWBϢʔβձදΦʔϓϯη ϛφʔԬࢁ࣮ߦҕһ
w͖ͳ"84ͷαʔϏε w&$4 %ZOBNP%#
ΞδΣϯμ wΞʔΩςΫνϟ֓ཁ w4XJUDI3PMFʹ͍ͭͯ w424Ͱͬͨ͜ͱ w&$4Ͱͬͨ͜ͱ wͬͯΈͨ
ΞʔΩςΫνϟ֓ཁ
Γ͍ͨ͜ͱ wσʔλͷҰׅߋ৽ wݩσʔλ$47 wσʔλྔेສ݅ఔ w*%ͱɺߋ৽༰͕ೖ͍ͬͯΔ wߋ৽ʹ֎෦ͷ"1*Λୟ͘
Switch RoleͰ ͬͨ͜ͱ
w424ͷσʔλૹ৴ॲཧͰ4XJUDI3PMF͍ͨ͠ w4XJUDI3PMF͢Δʹ.'"ඞਢ wBXTDMJͰ͋Ε్தͰτʔΫϯΛೖྗͰ͖Δ w4%,ͩͱࣗલͰΫϨσϯγϟϧΛऔಘͯ͠ Δඞཁ͕͋Δ
BXTDPOpH [default] region = ap-northeast-1 output = json
[profile hoge] region = ap-northeast-1 source_profile = default role_arn = arn:aws:iam::ACCOUNT_ID:role/john-doe mfa_serial = arn:aws:iam::ACCOUNT_ID:mfa/john-doe
BXTDMJͰ4XJUDI3PMF͢Δ߹ $ AWS_PROFILE=hoge aws s3 ls Enter MFA
code for arn:aws:iam::ACCOUNT_ID:mfa/john-doe [MFAτʔΫϯΛೖྗ͢Δ]
"3/ɺ.'"τʔΫϯɺTUTΫϥΠΞϯτ sts_client = Aws::STS::Client.new(region: 'ap-northeast-1') role_arn = `aws
configure get role_arn --profile hoge`.chomp serial_number = `aws configure get mfa_serial --profile hoge`.chomp puts "Input MFA token code..." token_code = gets.chomp
ΫϨσϯγϟϧੜ͠424ΫϥΠΞϯτΛ࡞ role_credentials = Aws::AssumeRoleCredentials.new( client: sts_client, role_arn: role_arn,
role_session_name: "hoge_session", serial_number: serial_number, token_code: token_code) Aws::SQS::Client.new(credentials: role_credentials)
wڥม"84@130'*-&ར༻͠ͳ͍ wBXTDPOpHVSFHFUͰඞཁͳ"3/Λऔಘ͢Δ w.'"τʔΫϯผ్ɺೖྗͤ͞Δ wTUTΫϥΠΞϯτΛ࡞͠ɺ "TTVNF3PMF$SFEFOUJBMTͰɺΫϨσϯγϟϧ Λऔಘ͢Δ
SQSͰͬͨ͜ͱ
wෳͷλεΫ͔ΒΞΫηε͞ΕΔͷͰɺ͜ΕΛ ͍͍ײ͡ʹॲཧͰ͖Δ wॲཧͰ͖ͳ͔ͬͨσʔλΛɺผΩϡʔʹҠͯ͠ ϦτϥΠ͘͢͢͠Δ w424ͷ%FBE-FUUFS2VFVFͷΈΛ͏
#PEZ 3FDFJWF$PVOU 7JTJCMF 536&
#PEZ 3FDFJWF$PVOU 7JTJCMF '"-4&
#PEZ 3FDFJWF$PVOU 7JTJCMF 536& VisibilityTimeoutΛա͗ͯDelete͞Εͳ͔ͬͨ߹
#PEZ 3FDFJWF$PVOU 7JTJCMF Receive Count͕࠷େReceive CountΛ͑ͨ߹ #PEZ 3FDFJWF$PVOU
7JTJCMF 536& DLQҠಈ
ECSͰͬͨ͜ͱ
w'BSHBUFͰϦιʔεཧͷखؒΛݮΒ͍ͨ͠ wฒྻͰ࣮ߦͰ͖ΔΑ͏ʹ͍ͨ͠ wঢ়گʹԠͯ͡ɺλεΫͷΛௐ͍ͨ͠ w$MJFOU4FDSFUͳͲΛ҆શʹѻ͍͍ͨ
ύϥϝʔλετΞʹઃఆΛ֨ೲ aws ssm put-parameter \ --name /ClientId \
--value CLIENT_ID_XXXX \ --type String
λεΫఆ͔ٛΒࢀর ContainerDefinitions: - Name: app ... Secrets: -
Name: CLIENT_ID ValueFrom: !Sub "arn:aws:ssm:ap-northeast-1:${AWS::AccountId}:parameter/ClientId" - Name: CLIENT_SECRET ValueFrom: !Sub "arn:aws:ssm:ap-northeast-1:${AWS::AccountId}:parameter/ClientSecret" λεΫͷڥมͰΛऔಘͰ͖Δ
ͬͯΈͨ
wରσʔλສ݅ w424ͷσʔλૹ৴ʹ࣌ؒ wʢͳΜ͔վળ͍ͨ͠ؾ͕͢Δ w&$4ͷόονॲཧ͕࣌ؒະຬͰऴྃ
w4%,Ͱ4XJUDI3PMF͢Δʹͻͱखؒඞཁ w424ΈΛཧղ͔ͯͭ͑͠ɺ͘͢͝ศ ར w&$4ͷฒྻλεΫΛͬͯɺεέʔϥϒϧʹ͠ Α͏
None