¼õ¸³¤Ë¤Ä¤¤¤Æ †
- 2023ǯ¹ç³Ê
- »²¹Í½ñ ¥Ý¥±¥Ã¥È¥¹¥¿¥Ç¥£ AWSǧÄê ¥Ç¥Ù¥í¥Ã¥Ñ¡¼¥¢¥½¥·¥¨¥¤¥È (¥¢¥½¥·¥¨¥¤¥È»î¸³¥Ý¥±¥Ã¥È¥¹¥¿¥Ç¥£) ñ¹ÔËÜ – 2021/3/9
- »È¤¤Êý
- ¤¢¤ó¤Þ¤ê»î¸³Âкö»î¸³Âкö¤·¤Æ¤¤¤ë¤Èµ¤¤¬ÌÇÆþ¤ë¤Î¤Ç¡¢±©Æó½ÅÌߤÎÊñ¤ß»æ¤ÇÊñ¤à
- ÀâÌÀ¤òÆɤó¤Ç¡¢»î¸³Âкö¥á¥â¤òºî¤ë¡Ê¤³¤Î¥µ¥¤¥È¡Ë
- ÌäÂê¤ò²ò¤¤¤Æ¡¢Ãμ±¤Î·ê¤ò¸«¤Ä¤±¤ë
- Ʊ¤¸ÌäÂ꤬¤Ç¤¿¤é 100% Àµ²ò¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë
ºÇ¸å¤ÎºÇ¸å¤Î³Îǧ»ö¹à †
- CloudFormation?¤òºî¤ëWizard
BeanStalk? | SAM |
Web,SQL | Serverless(Lambda) |
ALB¤â¤Ç¤¤ë¤è | |
eb init | sam init |
eb create | sam build |
eb deploy | sam deploy |
- S3
- Glacer ÃÙ¤¤°Â¤¤
- Athena SQL
- Glue ¥Ç¡¼¥¿²Ã¹©
- Lake Athena, Glue¤òºî¤ë
- Redshift Îó»Ø¸þ
- Neptune ¥°¥é¥Õ»Ø¸þ
- Time Stream »þ·ÏÎó
- EC2¤òºî¤Ã¤¿»þ¤Ë¤Ç¤¤ë¤â¤Î
- ¥¤¥ó¥¹¥¿¥ó¥¹¤ò´ÉÍý¤Ç¤¤ë¥Ý¥ê¥·¡¼¡¡ ec2.amazon.com ¤Î sts:AsuumeRole?
- ¥¤¥ó¥¹¥¿¥ó¥¹¥×¥í¥Õ¥¡¥¤¥ë
- SQS
ɸ½à | FIFO |
1²ó°Ê¾å¤ÎÇÛ¿® | 1²óÇÛ¿®¤ÎÊÝ¾Ú |
̵À©¸Â | 3000tx/sec |
½ç½ø¤Ï¥Ù¥¹¥È¥¨¥Õ¥©¡¼¥È | First In First Out ¤òÊÝ¾Ú |
- VPC Flow log (VPCÆâ¤Î¥Ñ¥±¥Ã¥È¥¥ã¥×¥Á¥ã)
- Cloud Watch Logs vpc-flow-logs.amazon.com
- S3 delivery.logs.amazon.com
- ¥ê¥¢¥ë¥¿¥¤¥à
¥Ö¥é¥¦¥¶-GraphQL-AppSync-DynamoDB
¥Ö¥é¥¦¥¶-API Gateway-Lambda-DynamoDB
- Cognito ¤Ë¤Ï IAM ¥æ¡¼¥¶¤òÄɲäǤ¤Ê¤¤
- Cognito
¥æ¡¼¥¶¥×¡¼¥ë | ID¥×¡¼¥ë |
¥¢¥×¥ê | AWS¥µ¡¼¥Ó¥¹ |
- ¥¢¥×¥ê¥í¥°
+EC2--------------------------------+ filter
|¥¢¥×¥ê ¢ª ¥í¥° ¢ª CloudWatchAgent -|---> CloudWatch ---> SNS¤ÇÄÌÃÎ ---> SMS
+-----------------------------------+\
- LambdaÀÚ¤êÂؤ¨
- API Gateway
- 4xx ¥¯¥é¥¤¥¢¥ó¥È¥¨¥é¡¼ = ¥½¡¼¥¹½ñ¤Ä¾¤»
- 5xx ¥µ¡¼¥Ð¥¨¥é¡¼ = ºÆ»î¹Ô¤·¤í
- DynamoDB²Ý¶âñ°Ì
- WCU 1KB/sec X1²ó
- RCU ·ë²ÌÀ°¹ç 4KB/sec X2
- RCU ¶¯¤¤À°¹ç 4KB/sec X1
- Æɤ߹þ¤ß 1.5KB/sec ¤Î¾ì¹ç¤Ï¡¢WCU2¸Ä¾ÃÈñ
- DynamoDB
¥°¥í¡¼¥Ð¥ë¥»¥«¥ó¥À¥ê¥¤¥ó¥Ç¥Ã¥¯¥¹ | ¥í¡¼¥«¥ë¥»¥«¥ó¥À¥ê¥¤¥ó¥Ç¥Ã¥¯¥¹ |
±¿ÍÑÃæ | ¿·µ¬ |
¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼ À©Ìó¤Ê¤· | ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼ ¥Æ¡¼¥Ö¥ë¤ÈƱ¤¸ |
¥½¡¼¥È¥¡¼ À©Ìó¤Ê¤· | ¥½¡¼¥È¥¡¼ À©Ìó¤Ê¤· |
- API Gateway ÆÃÄê¤Î¥¯¥é¥¤¥¢¥ó¥È
- ¥¥ã¥Ã¥·¥å¤·¤Ê¤¤
- ¥¡¼¤´¤È¤Î¥¥ã¥·¥å̵¸ú²½ execute.api.invalidate.cache
- ¥¥ã¥Ã¥·¥å¤¹¤ë¤Ê cache-control:max-age=0
- Lambda upload
50MB ----+---->S3----->Lambda
ZIP | Tokyo Reginon
|
+---->S3----->Lambda
Singapore Reginon
- S3°Å¹æ²½
- SSE-S3 : Æä˲¿¤â¤·¤Ê¤¤
- SSE-KMS : Condition ¤Ç AES256»ØÄê¡¢CMK°Ê³°¤òµñÈÝ
- Lambda@Edge
- ¸½»þÅÀ¤Ç¤Ï ¥Ð¡¼¥¸¥Ë¥¢¥ê¡¼¥¸¥ç¥ó¡Êus-east-1¡Ë¤Î¤ß¤Ç¤·¤«»È¤¨¤Ê¤¤ (2023/4¸½ºß) ¢¨¥Æ¥¹¥È¤Ë½Ð¤ë
- Cloud Front ¤Ç Lambda ¤òÆ°¤«¤¹¡£Single Page Application ¤Î¤¦¤Á¥æ¡¼¥¶¾ðÊó¤ò°·¤¦¥³¡¼¥É¤ò Lambda@Edge ¤Ë°Ü¤¹
ÁÛÄêÌäÂê¤ÇÉÔÀµ²ò¤À¤Ã¤¿¥¡¼¥ï¡¼¥É †
- ¿ô¥¯¥ê¥Ã¥¯¤ÇCI/CD¥Ñ¥¤¥×¥é¥¤¥ó¤òºî¤ë (Code Pipeline)
- CodeCommit?¤Î¸¢¸Â
- ¡û IAM ¥æ¡¼¥¶¤Ë¥¢¥¿¥Ã¥Á¤¹¤ë IAM ¥Ý¥ê¥·¡¼ (AWSCodeCommitPoweruserPolicy?)
- ✕ CodeCommit?¤Ë¤Ï¡¢¥ê¥½¡¼¥¹¥Ý¥ê¥·¡¼¤Ï¤Ê¤¤
- CodePipeline?, CodeCommit?, CodeBuild?, CodeDeploy?
AWS Cloud9 -+-> CodeCommit -+-> CodeBuild -+-> S3 -+-> CodeDeploy -+-> EC2
Git Command -+ | | | +-> ECS (Amazon Elastic Container Service = Docker)
S3 -+ +-> GitHub -+ +-> Lambda
BitBucket -+ | +-> ¥ª¥ó¥×¥ì¥ß¥¹
GitHub -+ |
| |
ECR -+-> Jenkins -+
(Container Registory = Docker Registory)
- ✕°ú¤Ã³Ý¤± GitLab? ¤Ë¤ÏÂбþ¤·¤Æ¤¤¤Ê¤¤
- Cloud Formation
- JSON¤Þ¤¿¤Ï¡¢YAML·Á¼°¤Ç¡¢¼Â¹Ô´Ä¶ (¥¹¥¿¥Ã¥¯) ¤òÄêµÁ¤¹¤ë
- ËÜÈִĶ¡¢³«È¯´Ä¶¤òʬ¤±¤ë ¢Í Condition ¥»¥¯¥·¥ç¥ó¤ò»È¤¦
- Ê£¿ô¥ê¡¼¥¸¥ç¥ó ¢Í Mappings¥»¥¯¥·¥ç¥ó¤Ë¥ê¡¼¥¸¥ç¥ó¸ÇͤÎÀßÄê¤ò¹Ô¤¤¡¢!Refs ¤Ç»²¾È¤¹¤ë (Î㤨¤Ð ImageId? ¤Ê¤É)
- ¥Í¥Ã¥È¥ï¡¼¥¯¤È¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ÎÏ¢·È
- ¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥Æ¥ó¥×¥ì¡¼¥È¤Ç Output ¥»¥¯¥·¥ç¥ó¤Ë Export ¤òÄêµÁ¤·¤Æ¡¢¼«Æ°ÀßÄê¤ÎÆâÍƤò¥Õ¥¡¥¤¥ë½ÐÎϤ¹¤ë
- ¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¥ì¥¤¥ä¤Ç¤Ï ImportValue? ´Ø¿ô¤ò»È¤Ã¤Æ¡¢¥Í¥Ã¥È¥ï¡¼¥¯Â¦¤Ç Export ¤·¤¿¥µ¥Ö¥Í¥Ã¥ÈID¤ò¼è¤ê¹þ¤à
- ✕ ľÀܵ½Ò
- ✕ Parameters ¥»¥¯¥·¥ç¥ó¤«¤é¼è¤ê¹þ¤à¡á¤³¤ì¤ÏAWS¤Î´ÉÍý¥³¥ó¥½¡¼¥ë¤ÎÃͤò¼è¤ê¹þ¤à¥»¥¯¥·¥ç¥ó¤Ê¤Î¤Ç¡¢´ÉÍý¥³¥ó¥½¡¼¥ë¤Ë¥µ¥Ö¥Í¥Ã¥ÈID¤ò¿Í¼ê¤ÇÆþÎϤ·¤í¤È¤¤¤¦¤³¤È
- Elastic Beanstalk
- Web¥¢¥×¥ê Queue¥¢¥×¥ê¤Î Cloud Formation ¤ò Wizard ¤Çºî¤ì¤ë
- ¥Ø¥ë¥¹¥¹¥Æ¡¼¥¿¥¹¤ò´Æ»ë¤¹¤ë¤¿¤á¤Î¸¢¸Â
- ´Æ»ë¤¹¤ë¥¢¥×¥ê/¿Í¤ÎIAM¥í¡¼¥ë¤Ë AWSElasticBeanstalkEnhancedHealth? ¤È AWSElasticBeanStalkService? ¤ò¥¢¥¿¥Ã¥Á¤¹¤ë
- ✕°ú¤Ã³Ý¤± ¡ÖElastic Beanstalk ´Ä¶¤òºîÀ®¤·¤¿ IAM ¥æ¡¼¥¶¤Ë ¡¦¡¦¡¦¡×AWS´ÉÍý¥Ý¥ê¥·¡¼¤ò³ä¤êÅö¤Æ¤¿°Õ¤Î¥æ¡¼¥¶/¥¢¥×¥ê¤«¤é´Æ»ë¤Ç¤¤ë
- Beanstalk ¤Çºî¤Ã¤¿¥¢¥×¥ê¤«¤é S3 ¤ËÀܳ¤¹¤ë¤¿¤á¤Î¸¢¸Â
- IAM¥í¡¼¥ë¤òºîÀ®
- IAM¥í¡¼¥ë¤Ë¡¢S3 ¤Î¥¢¥Ã¥×¥í¡¼¥É¡¿¥À¥¦¥ó¥í¡¼¥É¤ò²Äǽ¤È¤¹¤ë IAM ¥Ý¥ê¥·¡¼¤ò¥¢¥¿¥Ã¥Á¤¹¤ë
- EC2 ¤Ë IAM ¥í¡¼¥ë¤ò¥¢¥¿¥Ã¥Á¤¹¤ë
- ✕ °ú¤Ã³Ý¤± ¼Â¹Ô´Ä¶¤¬¤Ç¤¤¿¸å¤Ï BeanStalk? (¤Î¥µ¡¼¥Ó¥¹¥í¡¼¥ë) ´Ø·¸¤Ê¤¤
- eb¥³¥Þ¥ó¥É
- eb init
- eb create
- eb deploy
- AWS SAM (Serverless Application Model)
- ¥µ¡¼¥Ð¥ì¥¹¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Î Cloud Formation ¤ò ¥³¥Þ¥ó¥É¤Çºî¤ì¤ë
- sam¥³¥Þ¥ó¥É
- sam init
- sam build
- sam deploy
- ¥í¡¼¥«¥ë´Ä¶
- ¥Í¥Ã¥È¥ï¡¼¥¯
VPC (Virtual Private Cloud)
Internet Gateway (¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Ø¤Î½Ð¸ý)
VGP=VPC Endpoint (²¾Áۥץ饤¥Ù¡¼¥È¥²¡¼¥È¥¦¥§¥¤ = ¥ª¥ó¥×¥ì¥ß¥¹¤Ø¤Î½Ð¸ý)
Availability Zone
Subnet
Nat Gateway
Instance (Linux¥µ¡¼¥Ð) -- ENI (Elastic Network Interface¡£²¾ÁÛNIC)
Interface Endpoint (¥µ¡¼¥Ð¥ì¥¹ (lambda ¤Ê¤É)¤Ø¤ÎÆþ¤ê¸ý¡£Subnet¤Ë·Ò¤¬¤Ã¤Æ¤¤¤ëNIC ¤Ë¸«¤¨¤ë)
Gateway Endpoint (S3, DynamoDB¤Ø¤ÎÆþ¤ê¸ý)
- ¶¦ÍÀÕǤ¥â¥Ç¥ë
- S3¤Î°Å¹æ²½¤Ï¥æ¡¼¥¶ÀÕǤ
- SSE-S3 (S3¤¬´ÉÍý¤¹¤ë¸°¤Ç°Å¹æ²½)
- SSE-KMS (KMS¤¬´ÉÍý¤¹¤ë¸°¤Ç°Å¹æ²½)
- SSE-C (¥æ¡¼¥¶»ØÄê¤Î¸°¤Ç°Å¹æ²½)
- RDS¡¢SQS ¤Î°Å¹æ²½¤â
- EC2¾å¤Ëºî¤Ã¤¿Web¥µ¡¼¥Ð¤Ë¥¢¥¯¥»¥¹¤Ç¤¤Ê¤¤
- ¥»¥¥å¥ê¥Æ¥£¥°¥ë¡¼¥×
- ¥¤¥ó¥Ð¥¦¥ó¥É¥ë¡¼¥ë¤Ç 80 ÈÖ¤¬µö²Ä¤µ¤ì¤Æ¤ë¤«Ä´¤Ù¤ë
- ✕ °ú¤Ã³Ý¤± ¥¢¥¦¥È¥Ð¥¦¥ó¥É¤Î°ì»þ¥Ý¡¼¥È¤ÎÀßÄê¤ÏɬÍפʤ¤
- ✕ °ú¤Ã³Ý¤± ¥»¥¥å¥ê¥Æ¥£¥°¥ë¡¼¥×¤Ç¤Ï ¥Ý¡¼¥È¤ÎµñÈݤÏÀßÄê¤Ç¤¤Ê¤¤
- NACL(¥Í¥Ã¥È¥ï¡¼¥¯ACL)
- ¥¤¥ó¥Ð¥¦¥ó¥É¤Î80 ¤È ¥¢¥¦¥È¥Ð¥¦¥ó¥É¤Î °ì»þ¥Ý¡¼¥È¤¬µö²Ä¤µ¤ì¤Æ¤¤¤ë¤³¤È¤òÄ´¤Ù¤ë
- ¥ª¥ó¥×¥ì¥ß¥¹ -(VPN)-> VPC ¤Ç S3¤ò»È¤¤¤¿¤¤¤È¤
- S3 Endpoint
- KMS Endpoint
- S3 Endpoint ¤Ø¤Î¥ë¡¼¥È¤ò¥µ¥Ö¥Í¥Ã¥È¤Ë´ØÏ¢ÉÕ¤±¤é¤ì¤¿¥ë¡¼¥È¥Æ¡¼¥Ö¥ë¤ËÄɵ
- CloudFront? ¤«¤é¤·¤« S3 ¤Ë¥¢¥¯¥»¥¹¤Ç¤¤Ê¤¤¤è¤¦¤Ë¤¹¤ë
- OAI (Origin Access Identity) ¤ò S3¥Ð¥±¥Ã¥È¥Ý¥ê¥·¡¼ ¤Î GetObject? ¥¢¥¯¥·¥ç¥ó¤ËÀßÄꤹ¤ë
- ✕ ½ð̾ÉÕ¤URL
- ✕ CloudFront? ¦¤«¤é¤ÎÀßÄê¤Ç¤Ï¼Â¸½¤Ç¤¤Ê¤¤
- ¥Ý¥ê¥·¡¼
- ¥¢¥¤¥Ç¥ó¥Æ¥£¥Æ¥£¡¼¥Ù¡¼¥¹¤Î¥Ý¥ê¥·¡¼
- ¥«¥¹¥¿¥Þ¡¼´ÉÍý¥Ý¥ê¥·¡¼ : ŬÍÑÈϰϤ䡢͸ú²½¤¹¤ëÆü»þ¤ÎÀßÄ꤬¤Ç¤¤ë¡£¤Þ¤È¤á¤Æ̵¸ú²½¤â¤Ç¤¤ë
- ¥¤¥ó¥é¥¤¥ó¥Ý¥ê¥·¡¼ : ¥¢¥«¥¦¥ó¥È¤Ëľ¤ËÀßÄꡣľ¤Á¤Ë͸ú²½¤µ¤ì¤ë
- AWS´ÉÍý¥Ý¥ê¥·¡¼ ¡§AWS¤¬Í½¤áÍÑ°Õ¤·¤Æ¤ª¤¤¤¿¥Ý¥ê¥·¡¼¡£¥æ¡¼¥¶¤Ï µö²Ä¡¦µñÈݤòÀßÄꤹ¤ë¤À¤±
- ¥ê¥½¡¼¥¹¥Ù¡¼¥¹¤Î¥Ý¥ê¥·¡¼
- EC2 ¤«¤é DynamoDB ¤Ø¤Î¥¢¥¯¥»¥¹
- IAM¥í¡¼¥ë¤ò»ÈÍѤ¹¤ë
- GetRole?, PassRole?
- ✕ AssumeRole? (¤³¤ó¤Ê¤Î¤Ê¤¤)
- ¥¢¥¯¥»¥¹¥¡¼ID¡¢¥·¡¼¥¯¥ì¥Ã¥È¥¢¥¯¥»¥¹¥¡¼¤ò»È¤Ã¤Æ¤â¤è¤¤¤¬ IAM¥í¡¼¥ë¤ò»È¤¦¤Ù¤
- ¥³¡¼¥É¤Ë´Þ¤á¤ë
- .aws/credentials ¤Ë´Þ¤á¤ë
- ´Ä¶ÊÑ¿ô¤ËÀßÄꤹ¤ë
- EC2ÍÑ¤Ë IAM¥í¡¼¥ë¤ò¤Ä¤¯µ®¤¤Ëºî¤é¤ì¤ë¤â¤Î
- sts:AssumeRole?¤òµö²Ä¤·¤¿¿®Íê¥Ý¥ê¥·¡¼ (Secure Token Service °ì»þŪ¤Ë¸¢¸Â¤òÍ¿¤¨¤ë)
- ¥¤¥ó¥¹¥¿¥ó¥¹¥×¥í¥Õ¥¡¥¤¥ë
- EC2¤Ë¥¢¥¿¥Ã¥Á¤¹¤ë¤È¤Ç¤¤ë¤â¤Î
- ¥¢¥¯¥»¥¹¥¡¼ID
- ¥·¡¼¥¯¥ì¥Ã¥È¥¢¥¯¥»¥¹¥¡¼
- ¥È¡¼¥¯¥ó
- Cognito
- ¥Ñ¥¹¥ï¡¼¥Éϳ±Ì»þ¤Ë¥Ö¥í¥Ã¥¯ ¢Í ¥¢¥É¥Ð¥ó¥¹¥È¥»¥¥å¥ê¥Æ¥£¤ò͸ú¤Ë¤¹¤ë
- ¾Í×ÁÇǧ¾Ú ¢Í MFA¥ª¥×¥·¥ç¥ó¤ò͸ú¤Ë¤¹¤ë
- System Manager
- KMS ¤Ë¡¢DB¤ÎIP¥¢¥É¥ì¥¹¡¢¥æ¡¼¥¶Ì¾¡¢¥Ñ¥¹¥ï¡¼¥É¡¢¥Ý¡¼¥È¤Ê¤É¤ò³ÊǼ¤¹¤ë
- ¸ÇÄê¾ðÊó
- ¿Í´Ö¤Ë¤â¤ï¤«¤é¤Ê¤¤¤è¤¦¤Ë¤¹¤ë¤¿¤á¤Ë¤Ï SecureString? ·Á¼°¤ÇÊݸ¤¹¤ë
- Secure Manager
- KMS ¤Ë¡¢DB¤ÎIP¥¢¥É¥ì¥¹¡¢¥æ¡¼¥¶Ì¾¡¢¥Ñ¥¹¥ï¡¼¥É¡¢¥Ý¡¼¥È¤ò³ÊǼ¤¹¤ë¤Î¤Ï¡¢System Manager ¤ÈƱ¤¸
- Äê´üŪ¤Ë DB¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¹¹¿·¤·¤¿¤¤¤È¤¤Ë»È¤¦
- °ìÄê»þ´Ö¤´¤È¤Ë Lambda ¤ò¼Â¹Ô¤·¤Æ¡¢DB¥µ¡¼¥Ð¤Î¥¤¥ó¥¹¥¿¥ó¥¹¤ËÂФ·¤Æ GetSecret? ¤Ç¥æ¡¼¥¶Ì¾¤ä¥Ñ¥¹¥ï¡¼¥É¤ò¼èÆÀ¡¢¼«Æ°¹¹¿·¤¹¤ë
- ¿Í´Ö¤Ë¤â¤ï¤«¤é¤Ê¤¤¤è¤¦¤Ë¤¹¤ë¤¿¤á¤Ë¤Ï Íð¿ô¤Î¥Ñ¥¹¥ï¡¼¥É¤òÀ¸À®¤·¤Æ¡¢¼«Æ°Åª¤Ë Web¥µ¡¼¥Ð¡¢DB¥µ¡¼¥Ð ¤ËÀßÄꤹ¤ë
- SSL/TLS¾ÚÌÀ½ñ
- Certificate Manager ¤Ç¾ÚÌÀ½ñ¤òºîÀ®¤·¤Æ¡¢CNAMEǧ¾Ú¤¹¤ë (CNAME = ¥É¥á¥¤¥ó¤ÎÊÌ̾, DNS¤Î¥ì¥³¡¼¥É)
- CloudFront? ¤Ë HTTPS ÀßÄê
- Certificate Manager ¤Çºî¤Ã¤¿¾ÚÌÀ½ñ¤ò CroudFront? ¤ËÀßÄꤹ¤ë
- HTTP ¥ê¥¯¥¨¥¹¥È¤ò HTTPS ¤Ë¥ê¥À¥¤¥ì¥¯¥È¤¹¤ë¤è¤¦¡¢CroudFront? ¤òÀßÄꤹ¤ë
- ¸°¤ÎÊÝ´É
- Key Management Servicce ( CMK (Customer Master Key) ¤Ç°Å¹æ²½)
- Cloud HSM (Hardware Security Module) ¤Ç°Å¹æ²½¤¹¤ë¡£ÀìÍѥϡ¼¥É¥¦¥§¥¢
- AWS
Region | À¤³¦20¥ö½ê¡¢ºÇÄã AZ ¤ò£²¤Ä´Þ¤à | S3, SNS, DynamoDB, Lambda |
AZ | | EC2, RDS, Elastic Cache |
Edge Location | | Cloud Front |
Region-VPC-Subnet | | Lambda, ALB (Application Load Balancer |
- ³«È¯¼Ô¤¬AWS¤ÎAPI¤ò¼Â¹Ô ¥ê¥¯¥¨¥¹¥È¤Ë½ð̾¥Ð¡¼¥¸¥ç¥ó£´¤Ç½ð̾
- S3 ¾ï»þʬÀϤµ¤ì¤ë¥Ç¡¼¥¿¤òÆþ¤ì¤Æ¤â¤¤¤¤ EMR Hadoop/Spark
- S3 Glacer ÃÙ¤¯¤Æ¤â¼è¤Ã¤Æ¤ª¤±¤ÐÎɤ¤¥Ð¥±¥Ã¥È
- S3 Athena SQL¥¯¥¨¥ê
- S3 Glue ¥Ç¡¼¥¿²Ã¹©
- S3 Lake Fromation (Glue, Athena ¤Î¥Æ¥ó¥×¥ì¡¼¥È)
- S3 °ìÉô¤À¤±¥À¥¦¥ó¥í¡¼¥É Select ¥¢¥¯¥·¥ç¥ó
- S3 ÊݴɾðÊó¤Î²þ¤¶¤óËÉ»ß
- S3 ¥Ð¥±¥Ã¥È¤Î¥Ð¡¼¥¸¥ç¥Ë¥ó¥°
- ¥³¥ó¥×¥é¥¤¥¢¥ó¥¹¥â¡¼¥É¤Ç¥ª¥Ö¥¸¥§¥¯¥È¤Î¥í¥Ã¥¯¤ò͸ú²½¤¹¤ë
- S3 Gateway
¥Õ¥¡¥¤¥ë | NFS/SMB |
¥Ü¥ê¥å¡¼¥à | iSCSI |
¥Æ¡¼¥× | ²¾Áۥơ¼¥× |
- S3 ÂçÎÌ¥¢¥Ã¥×¥í¡¼¥É ¢Í ¥Þ¥ë¥Á¥Ñ¡¼¥È¥¢¥Ã¥×¥í¡¼¥ÉAPI
- S3 ¥á¥¿¥Ç¡¼¥¿ÀßÄê ¢Í Put ¥ê¥¯¥¨¥¹¥È»þ¤Ë¥Ñ¥é¥á¡¼¥¿¤ÇÀßÄê
- S3 ÂçÎÌ¥À¥¦¥ó¥í¡¼¥É¤Î¥ê¥È¥é¥¤ ¢Í ¥¢¥×¥ê¤Ç¼ÂÁõ¤¹¤ë (ÃæÃǤ·¤¿¤È¤¡¢¥À¥¦¥ó¥í¡¼¥ÉºÑ¥Ð¥¤¥È¿ô¤Î¼¡¤Î¥Ð¥¤¥È¤«¤éºÆ³«¤¹¤ë¤è¤¦¤Ëºî¤ë)
- S3 ¥Ð¥±¥Ã¥È¤Î¸«¤»Êý
¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î¤É¤³¤«¤é¤Ç¤â | ¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë¥ê¥¹¥È |
ÆÃÄê¤ÎCloudFront?¤«¤é¤Î¤ß | ¥Ð¥±¥Ã¥È¥Ý¥ê¥·¡¼ |
AWS¥¢¥«¥¦¥ó¥È¤ò»ý¤¿¤Ê¤¤¿Í¤ËUPLOAD/DOWNLOD | ½ð̾ÉÕ¤URL |
- S3 Redshift Îó»î¹Ô¤Î½¸·×ʬÀÏ
- S3 ¥°¥é¥ÕAPI Neptune
- S3 »þ·ÏÎó¥Ç¡¼¥¿ Timestream
- Aurora
- MySQL ¸ß´¹¡¢PostgreSQL ¸ß´¹
- ¥ê¡¼¥É¥ì¥×¥ê¥«¡¢¾ã³²»þ¼«Æ°¾º³Ê
- ¥¢¥¤¥É¥ë»þ´Ö¤ËÄä»ß
- Elastic Cache form Memcached ¥Þ¥ë¥Á¥¹¥ì¥Ã¥É¥¥ã¥Ã¥·¥å
- Elastic Cache from Redis Pub/Sub
- DynamoDB ¥²¡¼¥à¤Ë¸þ¤¤¤Æ¤¤¤ë NOSQL
- DynamoDB PK
- ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼ ʸ»ú¡¦¿ô»ú¡¦¥Ð¥¤¥Ê¥ê
- ¥½¡¼¥È¥¡¼
- DynamoDB ÀÁµá ¥ª¥ó¥Ç¥Þ¥ó¥É¥¥ã¥Ñ¥·¥Æ¥£¥â¡¼¥É ¡Ö¤É¤ì¤¯¤é¤¤¤Î¥ê¥¯¥¨¥¹¥È¤¬È¯À¸¤¹¤ë¤«¤ï¤«¤é¤Ê¤¤¡×
- DynamoDB ÀÁµá ¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°ºÑ¤ß¥¥ã¥Ñ¥·¥Æ¥£¥â¡¼¥É
- WCU 1KB/sec 1²ó
- RCU ¶¯¤¤À°¹çÀ 4KB/sec 1²ó
- RCU ·ë²ÌÀ°¹çÀ 4KB/sec 2²ó
- Cloud Watch ¥¢¥é¡¼¥à
- DynamoDB ¥½¡¼¥È¥¡¼°Ê³°¤ÇÈÏ°ÏÁªÂò ¥í¡¼¥«¥ë¥»¥«¥ó¥À¥ê¥¤¥ó¥Ç¥Ã¥¯¥¹
- DynamoDB ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼°Ê³°¤Ç¥¯¥¨¥ê¡¼¸¡º÷ ¥°¥í¡¼¥Ð¥ë¥»¥«¥ó¥À¥ê¥¤¥ó¥Ç¥Ã¥¯¥¹
- ✕ ¶¯¤¤À°¹çÀ
- ¡û ·ë²ÌÀ°¹çÀ
- DynamoDB [°ú¤Ã³Ý¤±] Ʊ¤¸PK¤Î¤¢¤¤¤Æ¤à¤ò PutItem? ¤¹¤ë¤È ¢Í ¾å½ñ¤¤µ¤ì¤ë
- DynamoDB °À¤Î¹¹¿· UpdateItem?
- DynamoDB ³Ú´Ñ¥í¥Ã¥¯ UpdateItem? ¤Ç ConditionExpression? ¤ò»È¤¦
- DynamoDB °À¤Î¼èÆÀ GetItem? ProjectionExpression?
- DynamoDB ¶¯ÎϤÊÀ°¹çÀ¤ÇÆɤ߼è¤ê ConsistentRed?
- DynamoDB ºï½ü»þ¤Ë¡¢ºï½üÁ°¤ÎÆâÍƤò¼èÆÀ ReturnValue?
- DynamoDB ¸¡º÷ Query¡¢ÊÖ¤êÃͤιʤê¹þ¤ß QueryFilter?
- DynamoDB ¸¡º÷ Query¡¢¥¤¥ó¥Ç¥Ã¥¯¥¹¤ò»ØÄê IndexName?
- DynamoDB ¸¡º÷ Query¡¢¶¯ÎϤÊÀ°¹çÀ ConsistentRead?
- DynamoDB Á´¹àÌܼèÆÀ Scan
- DynamoDB Á´¹àÌܼèÆÀ Scan Á´Éôµ¢¤Ã¤Æ¤³¤Ê¤¤¤È¤ ¢Í ºÆScan»þ¤Ë¡¢Á°²ó¤Î Scan ¤ÇÊ֤äƤ¤¿ LastEvaluatedKey? ¤ò Scan ¥Ñ¥é¥á¡¼¥¿ ExclusiveStartKey? ¤Ë»ØÄꤹ¤ë¡£
- DynamoDB BatchWriteItem?
- DynamoDB BatchGetItem? : Æɤá¤Ê¤«¤Ã¤¿¥¢¥¤¥Æ¥à¤Î¾ðÊó¤Ï¡¢¥ì¥¹¥Ý¥ó¥¹¤Î UnprocesseddItem? ¤Ë½ñ¤¹þ¤Þ¤ì¤ë
- DynamoDB TransactedWriteItem? : Æɤá¤Ê¤«¤Ã¤¿¥¢¥¤¥Æ¥à¤¬¤¢¤Ã¤¿¤é¡¢¤¹¤Ù¤Æ¼ºÇÔ¤¹¤ë
- DynamoDB TransactedRedItem?
- Lambda (PUSH·¿) S3¥¤¥Ù¥ó¥È¥È¥ê¥¬¡¼ Lambda´Ø¿ô¤Î¥ê¥½¡¼¥¹¥Ý¥ê¥·¡¼
- Lambda (PUSH·¿) API Gateway¥¤¥Ù¥ó¥È¥È¥ê¥¬¡¼ Lambda´Ø¿ô¤Î¥ê¥½¡¼¥¹¥Ý¥ê¥·¡¼
- Lambda (PULL·¿ ¥Ý¡¼¥ê¥ó¥°·¿) DynamoDB¥¤¥Ù¥ó¥È¥È¥ê¥¬¡¼ ´Ø¿ô¤Î¼Â¹Ô¥í¡¼¥ë¤È¥Ý¥ê¥·¡¼
- Lambda (PULL·¿ ¥Ý¡¼¥ê¥ó¥°·¿) SQS¥¤¥Ù¥ó¥È¥È¥ê¥¬¡¼ ´Ø¿ô¤Î¼Â¹Ô¥í¡¼¥ë¤È¥Ý¥ê¥·¡¼
- Lambda CloudWatch? Logs ¤Ø¤Î½ÐÎÏÀßÄê
- logs:CreateLogGroup?
- logs:CreateLogStream?
- logs:PutLogEvents?
- ¤³¤ì¤é¤Î¸¢¸Â¤ÏAWS´ÉÍý¥Ý¥ê¥·¡¼ AWSLambdaBasicEecutionRole? ¤Ë¤â´Þ¤Þ¤ì¤Æ¤¤¤ë
- Lambda ¤Î¼Â¹Ô¥í¡¼¥ë¤Î¿®Íê¥Ý¥ê¥·¡¼ lambda.amazonaws.com ¤Î sts:AssumeRole?
- Lambda ¤«¤é RDS ¤Ø¥¯¥¨¥ê¼Â¹Ô
- Lambda ¤È RDS ¤òƱ¤¸ VPC ¤Çµ¯Æ°
- ¥µ¥Ö¥Í¥Ã¥È¥»¥¥å¥ê¥Æ¥£¥°¥ë¡¼¥×¤ÎÀßÄêx
- RDS¤Î¥»¥¥å¥ê¥Æ¥£¥°¥ë¡¼¥×Á÷¿®¸µ¤Ë¡¢Lambda¤Î¥»¥¥å¥ê¥Æ¥£¥°¥ë¡¼¥×¤ò»ØÄꤹ¤ë
- API Gateway URL¤ò¤½¤Î¤Þ¤ÞLambda¤ËÅϤ¹ Lambda¥×¥í¥¥·Åý¹ç
- API Gateway ǧ¾Ú¡¦À©¸Â
- ¥¯¥é¥¤¥¢¥ó¥È¾ÚÌÀ½ñ¤òAPI¥¹¥Æ¡¼¥¸¤ËÅÐÏ¿¤·¤Æ¡¢¤½¤Î¥¯¥é¥¤¥¢¥ó¥È¾ÚÌÀ½ñ¤ò»ý¤Ä¥¯¥é¥¤¥¢¥ó¥È¤«¤é¤Î¤ß¥¢¥¯¥»¥¹²Ä
- ¥ê¥½¡¼¥¹Ç§¾Ú (¥¢¥¯¥»¥¹¸µIP Condition ¾ò·ï¤Î SourceIp?)
- ¥á¥½¥Ã¥É¥ê¥¯¥¨¥¹¥È¤Îǧ²Ä¤ÇIAMǧ¾Ú¤ò͸ú¤Ë¤·¤Æ¡¢IAM¥æ¡¼¥¶¤ËAPI¤ò¼Â¹Ô¤Ç¤¤ë¥Ý¥ê¥·¡¼¤ò¥¢¥¿¥Ã¥Á
- Cognito¥ª¡¼¥µ¥é¥¤¥¶
- Lambda¥ª¡¼¥µ¥é¥¤¥¶ (Lambda ¤ÇÆȼ«Ç§¾Ú)
- API Gateway »ÈÍÑÀ©¸Â ¥¹¥í¥Ã¥È¥ê¥ó¥°
- ¥ì¡¼¥È100¥ê¥¯¥¨¥¹¥È/ÉÃ
- ¥Ð¡¼¥¹¥È500¥ê¥¯¥¨¥¹¥È/¥ß¥êÉÃ
- ¥¯¥ª¡¼¥¿¡¼ 1000000¥ê¥¯¥¨¥¹¥È/·î
- ¸ÜµÒ¤´¤È¤ËÀ©¸Â
- »ÈÍÑÎÌ¥×¥é¥ó¤òºîÀ®
- API¥¡¼¤Ë»ÈÍÑÎÌ¥×¥é¥ó¤òɳ¤Å¤±
- API¥¡¼¤ò¸ÜµÒ¤ËÇÛÉÛ
- API Gateway ¥¹¥Æ¡¼¥¸ÊÑ¿ô ${stageVariables.val} = ¸Æ¤Ó½Ð¤¹ Lambda ¤Î¥¨¥¤¥ê¥¢¥¹¤ò API Gateway ¤Î´ÉÍý¥³¥ó¥½¡¼¥ë¤ÇÀßÄꤷ¤Æ ARN ¤ËÆþ¤ì¤ë {arn:aws:lambda:us-east-1:123456789012:function:XXXXXFunc:${stageVariables.alias}
- ECS ¸¢¸Â
- ¥¿¥¹¥¯¥í¡¼¥ë¤Ë DynamoDB¥Æ¡¼¥Ö¥ë¤Ø¤Î¸¢¸Â¥Ý¥ê¥·¡¼¤ò¥¢¥¿¥Ã¥Á¤·¤¿ IAM ¥í¡¼¥ë¤ò³ä¤êÅö¤Æ¤ë¡¡
- [°ú¤Ã³Ý¤±] ✕ EC2¤Î¸¢¸Â
- ECS ´Ä¶ÊÑ¿ô
- ¥¿¥¹¥¯ÄêµÁ¤Î¥³¥ó¥Æ¥Ê¤Î´Ä¶ÊÑ¿ô
- [°ú¤Ã³Ý¤±] ✕ EC2¤Î´Ä¶ÊÑ¿ô
- SQS ɸ½à¥¥å¡¼
- ̵À©¸Â
- ÀèÆþ¤ìÀè½Ð¤·¤Ï¥Ù¥¹¥È¥¨¥Õ¥©¡¼¥È
- ¾¯¤Ê¤¯¤È¤â1²óÇÛ¿®
- SQS FIFO¥¥å¡¼
- 3000Msg/sec (300 APICall/sec * 10Msg/APICall)
- ÀèÆþ¤ìÀè½Ð¤·
- 1²ó¤Î¤ß¤ÎÇÛ¿®¤òÊݾÚ
- SQS ¥á¥Ã¥»¡¼¥¸ºï½ü ¼õ¿®¥Ð¥ó¥É¥ë
- SQS ¥á¥Ã¥»¡¼¥¸Á´¾Ã¤· PurgeQueue?
- SQS ¥Õ¥¡¥ó¥¢¥¦¥È raw¥á¥Ã¥»¡¼¥¸¤ò͸ú²½ ¥á¥Ã¥»¡¼¥¸¤Î¤ß¤òÁ÷¤ë
- Amazon MQ ¤Î¥Ð¥Ã¥¯¥¨¥ó¥É EFS
- Amazon Kinesis Data Stream ¥Ç¡¼¥¿¥¹¥È¥ê¡¼¥à½èÍý SQS¤Î¥á¥Ã¥»¡¼¥¸¤òÃ༡½èÍý
- Step Funciton ¤«¤é Lambda ¤ò¸Æ¤Ó½Ð¤¹¤È¤¤Î¥Ñ¥é¥á¡¼¥¿
- InputPath?¡¡ÆþÎÏ
- OutputPath? ½ÐÎÏ
- ResultPath? ¥ì¥¹¥Ý¥ó¥¹
- Step Function ÊÂÎó¼Â¹Ô Parllel (¸ÇÄê)
- Step Function ÊÂ¹Ô¼Â¹Ô Map (¿½ÅÅÙ²ÄÊÑ) ItemsPath?
- Step Function Äê»þ¼Â¹Ô CloudWatch? Event
- Step Function ¥¢¥×¥ê¤«¤é¤Î¸Æ¤Ó½Ð¤· API Gateway
- ¥Ç¡¼¥¿¥Ù¡¼¥¹
- Amazon RDS (Oracle,MS-SQL Sever,MySQL,PostgreSQL,MariaDB) ¥¹¥±¡¼¥ë¤·¤Ê¤¯¤Æ¤¤¤¤¤È¤¤Ë»È¤¦ ¥ì¥×¥ê¥« 5 ¸Ä¤Þ¤Ç
- Amazon Aurora (MySQL, PostgreSQL ¸ß´¹API ¤ò»ý¤Ä AWS¥µ¡¼¥Ó¥¹) ¥¹¥±¡¼¥ëÁ°Äó¡¢Àǽ¤Ï MySQL¤Î5ÇÜ¡¢PostgreSQL¤Î3ÇÜ¡£3¤Ä¤ÎAZ¤Ë6¤Ä¤Î¥ì¥×¥ê¥±¡¼¥·¥ç¥ó¤òºî¤ì¤ë)
- Amazon DynamoDB (NoSQL¡¢¥¹¥±¡¼¥ë¤¹¤ë)
- Amazon Redshift (DWH ¥Ç¡¼¥¿Ê¬ÀÏ)
- Amazon Elastic Cache (Memcached, Redis Pub/Sub)
- Amazon Neptune (¥°¥é¥ÕDB¡¢¹¹ðÇÛ¿®¤Ê¤É¤Ç»È¤ï¤ì¤ë)
- ¥â¥Ë¥¿¥ê¥ó¥°
- EC2 CPU Net Status
- EBS Read Write
- RDS Read Write Connection FreeableMemory?
- DynamoDB ͽÌó(Provisioned) Read Write¡¢¾ÃÈñ(Consumed) Read Write¡¢¥¹¥í¥Ã¥È¥ë(¹âÉÑÅÙ) Read Write
- S3 ¥Ð¥±¥Ã¥È¥µ¥¤¥º¡¢¥ª¥Ö¥¸¥§¥¯¥È¿ô
- Lambda ¸Æ¤Ó½Ð¤·¥ê¥¯¥¨¥¹¥È(Invocation) ´Ø¿ô¤Î¥¤¥ó¥¹¥¿¥ó¥¹(Concurrent) ¥¨¥é¡¼ ¥¹¥í¥Ã¥È¥ë ´Ø¿ô¼Â¹Ô»þ´Ö(Duration)
- API Gateway ¥ê¥¯¥¨¥¹¥È(Count) 4XX 5XX CL->API->¸å³ Latency API->¸å³ IntegrationLatency?
- SQS Á÷¿®¥Ð¥¤¥È¡¢Á÷¿®¿ô¡¢¼õ¿®¿ô¡¢Empty ¸½Í¸ú(MessagesVisible?) ¸½Ìµ¸ú(MessagesNotVisible?)
- SNS ÁϻϥХ¤¥È¡¢Á÷¿®¿ô¡¢¼õ¿®¿ô ¼ºÇÔ¿ô
- Step Fucntion Executions*** {Time,Throttleed,Failed,Started,Successed,Timeout)
- VPC¥Õ¥í¡¼¥í¥°
- VPC ¤Î ENI ¤Î¥Ñ¥±¥Ã¥È¥¥ã¥×¥Á¥ã
- S3 ¥Ý¥ê¥·¡¼ delivery.logs.amazon.com
- CloudWatch? Logs ¥Ý¥ê¥·¡¼ vpc-flow-logs.amazon.com
- EC2¾å¤ÇÆ°¤¯¥¢¥×¥ê¤Î¥í¥°
- ¥¢¥×¥ê ¢ª CloudWatch? Logs ¢ª ¥á¥È¥ê¥Ã¥¯¥¹¥Õ¥£¥ë¥¿¤Ç¥á¥È¥ê¥Ã¥¯¥¹²½ ¢ª ¥«¥¹¥¿¥à¥á¥È¥ê¥Ã¥¯¥¹¤Ç½¸·× ¢ª ¥â¥Ë¥¿¥ê¥ó¥°
- X-Ray Python boto3 + X-RaySDK¡£ boto3 ¤Ï AWS ¥¢¥¯¥»¥¹¥é¥¤¥Ö¥é¥ê
¥¢¥×¥ê¤Î¥ê¥ê¡¼¥¹¥×¥í¥»¥¹¤ÈAWS¥µ¡¼¥Ó¥¹ †
¥ê¥ê¡¼¥¹¥×¥í¥»¥¹ †
¥½¡¼¥¹ †
- Code Commit
- HTTPS, SSH
- ǧ¾Ú¾ðÊó¤Ï IAM ¥æ¡¼¥¶¤´¤È
- IAM ¥æ¡¼¥¶¤Ë³ä¤êÅö¤Æ¤ë¥Ý¥ê¥·¡¼(=¸¢¸Â)
- ´ÉÍý¥Ý¥ê¥·¡¼ AWSCodeCommitPowerUser?
- ÍøÍѼԥݥꥷ¡¼ AWSCodeCommitFullAccess?, AWSCodeCommitReadOnly?
- Ä̾ï¤Ï¡¢¥³¡¼¥É¤Î²þÊѤϸ¶ËÜ(Master ¥Ö¥é¥ó¥Á)¤Ç¹Ô¤ï¤Ê¤¤¡£
- ³«È¯¥Ö¥é¥ó¥Á¤Ç²þÊѤò¹Ô¤¤°ìÄ̤괰À®¤·¤¿¤é¡¢³«È¯¥Ö¥é¥ó¥Á¤Î²þÊÑÉôʬ¤ò Master¥Ö¥é¥ó¥Á¤Ë¼è¤ê¹þ¤ó¤Ç¤â¤é¤¦¤¿¤á¤Î "¥×¥ë¥ê¥¯¥¨¥¹¥È" ¤òȯ¹Ô¤¹¤ë¡£
- ¾µÇ§¼Ô¤¬¥ì¥Ó¥å¡¼¤·¤Æ¡¢¸¶ËÜ (Master ¥Ö¥é¥ó¥Á) ¤Ë¡¢¥Þ¡¼¥¸¤¹¤ë¡£
- ¥×¥ë¥ê¥¯¥¨¥¹¥È¤ä¥Þ¡¼¥¸¤Î¥¿¥¤¥ß¥ó¥°¤Ç¡¢ÄÌÃΤòÈô¤Ð¤¹¤³¤È¤¬¤Ç¤¤ë¡£
¥Ó¥ë¥É †
¥Ç¥×¥í¥¤ †
- AWS Code Deploy ¤ÎÀßÄê¹àÌÜ
- ¥¢¥×¥ê¥±¡¼¥·¥ç¥ó
- EC2, ¥ª¥ó¥×¥ì¥ß¥¹, ECS, Lambda
- ¥Ç¥×¥í¥¤¥°¥ë¡¼¥×
- ¥¢¥×¥ê¤¬ EC2 ¤Î¾ì¹ç¤Ë¤Ï¡¢¥¿¥°¥°¥ë¡¼¥×¡¢¥ª¡¼¥È¥¹¥±¡¼¥ê¥ó¥°¥°¥ë¡¼¥×¤ò»ØÄê¤Ç¤¤ë
- ¥Ç¥×¥í¥¤ÀßÄê
Pattern | ¥µ¡¼¥ÐA | ¥µ¡¼¥ÐB | ¥µ¡¼¥ÐC | ¥µ¡¼¥ÐD | ¥µ¡¼¥ÐE | ¥µ¡¼¥ÐF | |
Linear | 10ʬ¸å Ver3¢ªVer4 | 20ʬ¸å Ver3¢ªVer4 | 30ʬ¸å Ver3¢ªVer4 | 40ʬ¸å Ver3¢ªVer4 | 50ʬ¸å Ver3¢ªVer4 | 60ʬ¸å Ver3¢ªVer4 | ½ù¡¹¤Ë¥Ç¥×¥í¥¤ |
Canary | 10ʬ¸å Ver3¢ªVer4 | 60ʬ¸å Ver3¢ªVer4 | ¤ª»î¤·¤Ç¤Á¤ç¤Ã¤È¥Ç¥×¥í¥¤¤·¤Æ¡¢¤¢¤È°ìµ¤¤Ë |
All at once | Ver3¢ªVer4 | °ìµ¤¤ËÆþ¤ìÂؤ¨ |
Immutable | Ver3(ÇÑ»ß) | ¿·¤·¤¤¥µ¡¼¥Ð·²¤òºîÀ®¤·¤Æ¥¢¥×¥ê¤ò¥Ç¥×¥í¥¤¡£¸½ÍѤΥµ¡¼¥Ð·²¤ÏÇÑ»ß |
- ¤¤¤Þ¸½ÍÑ¥¢¥×¥ê¤Î¥Ð¡¼¥¸¥ç¥ó¤¬ Ver3 ¤Ç¡¢ºÇ¿·ÈǤΠVer4 ¤ËÆþ¤ìÂؤ¨¤ë¤È¤¹¤ë
- In-Place : ¥µ¡¼¥Ð¡¼¤Î¥¤¥ó¥¹¥¿¥ó¥¹¤½¤Î¤Þ¤Þ¤Ç¡¢¥¢¥×¥ê¤òÆþ¤ìÂؤ¨¤ë¤³¤È¡£¾åµ¤Ç¤Ï Immutable °Ê³°¤Ï In-Place
- ¥Ç¥×¥í¥¤¥¿¥¤¥×
Pattern | ¥µ¡¼¥ÐA | ¥µ¡¼¥ÐB | ¥µ¡¼¥ÐC | ¥µ¡¼¥ÐD | ¥µ¡¼¥ÐE | ¥µ¡¼¥ÐF | |
Blue/Green | Ver3 | Ver2¢ª4 (¥ê¥¯¥¨¥¹¥ÈÁ÷¿®Àè¤ò¤³¤Ã¤Á¤ËÀÚ¤êÂؤ¨) | ¥µ¡¼¥Ð·²¤ò¥°¥ë¡¼¥×¤Ë2¤Äʬ¤±¤Æ»È¤¤²ó¤¹¡£ ¸Å¤¤¥Ð¡¼¥¸¥ç¥ó¤òÆþ¤ìÂؤ¨¤Æ¥ê¥¯¥¨¥¹¥ÈÁ÷¿®Àè¤òÀÚ¤êÂؤ¨ |
Rolling | Ver1¢ª4 (¥ê¥¯¥¨¥¹¥ÈÁ÷¿®Àè¤ò¤³¤Ã¤Á¤ËÀÚ¤êÂؤ¨) | Ver2 | Ver3 | ¥µ¡¼¥Ð·²¤ò¥°¥ë¡¼¥×¤Ëʬ¤±¤Æ»È¤¤²ó¤¹¡£ ºÇ¸Å¤Î¥Ð¡¼¥¸¥ç¥óÆþ¤ìÂؤ¨¤Æ¥ê¥¯¥¨¥¹¥ÈÁ÷¿®Àè¤òÀÚ¤êÂؤ¨ |
- CodeBuild?¥¨¡¼¥¸¥§¥ó¥È (EC2 ¥¤¥ó¥¹¥¿¥ó¥¹Â¦¤Ç¡¢¥¢¥×¥ê¤ÎÇÛÈ÷¤ò¼õ¤±Æþ¤ì¤ë¥¨¡¼¥¸¥§¥ó¥È)
- CodeDeploy?¥µ¡¼¥Ó¥¹¥í¡¼¥ë (CodeDeploy? ¤Î IAM ¸¢¸Â)
- appspec.yml
¥â¥Ë¥¿¥ê¥ó¥° †
- Amazon CodeGuru?
CodeGuru? Profiler | ¼Â¹Ô»þ¤Î¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹²Ä»ë²½ |
CodeGuru? Reviewer | ¥½¡¼¥¹¥³¡¼¥É¤ÎÀÅŪ²òÀÏ |
Äê·Á½èÍý ¥½¡¼¥¹+¥Ó¥ë¥É+¥Ç¥×¥í¥¤ †
- Code Pipeline
¤ª¤Æ¤¬¤ë¤Ë¡¢CodeCommit? ¢ª CodeBuild? ¢ª S3 ¤È¤«¤¤¤¦¤³¤È¤¬¼Â¸½²Äǽ
- Code Star
- Code Pipeline ¤Î¥Æ¥ó¥×¥ì¡¼¥È
- ¡ÖLambda ¤Ç¼Â¹Ô¤¹¤ë Python ¥¢¥×¥ê¡×¤È¤«¡¢¡ÖElstic Beanstalk ¤ÇÆ°¤«¤¹ Node.js ¥¢¥×¥ê¡×¤È¤«
¼Â¹Ô´Ä¶ †
- AWS Code Artifact
- °ÌÃ֤Ť±¤Ï Sonatype Nexus ¤ÈƱ¤¸
- ¼«ºî¥é¥¤¥Ö¥é¥ê¤Î´ÉÍý
- ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¾å¤Î¥é¥¤¥Ö¥é¥êÇÛÉÛ¥µ¥¤¥È¤Î¥¥ã¥Ã¥·¥å (Maven ¤ä npm¡¢pip ¤Ê¤É)
AWS OpsWorks? †
- AWS OpsWorks? (Chef/Puppet ¤ò»È¤¤¤¿¤¤¾ì¹ç)
- AWS OpsWorks? for Chef Automate
- AWS OpsWorks? for Puppet Enterprise
AWS Cloud Formation †
- JSON ¤Þ¤¿¤Ï YAML ·Á¼°¤Ç¡¢¼Â¹Ô´Ä¶(Stack) ¤òÄêµÁ¤¹¤ë
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html
AWSTemplateFormatVersion: "2010-09-09"
Description: A sample template
Resources:
MyEC2Instance: #An inline comment
Type: "AWS::EC2::Instance"
Properties:
ImageId: "ami-0ff8a91507f77f867" #Another comment -- This is a Linux AMI
InstanceType: t2.micro
KeyName: testkey
BlockDeviceMappings:
-
DeviceName: /dev/sdm
Ebs:
VolumeType: io1
Iops: 200
DeleteOnTermination: false
VolumeSize: 20
- Resources ¤Ë¥ê¥½¡¼¥¹¤Î¥Ñ¥é¥á¡¼¥¿¤òÀßÄê¤Ç¤¤ë
- Parameters ¥»¥¯¥·¥ç¥ó¤Ëƨ¤·¤¿ÀßÄê¤Ï¡¢AWS ¤Î´ÉÍý¥³¥ó¥½¡¼¥ë¤«¤éÀßÄê¤Ç¤¤ë
Parameters:
AmazonLinuxAMIID:
Type: AWS::SSM...
Default: /aws/service/ami-amazon-linux-latest/amazn-ami-hvm-x86_64-gp2
Resources:
EC2Instance:
...
Properties:
....
ImageId: !Ref AmazonLinuxAMIID # »²¾È
....
- ¸ÇÄê¹àÌÜ¤Ï Mappings ¥»¥¯¥·¥ç¥ó¤ËÀßÄꤹ¤ë¡£Åìµþ¥ê¡¼¥¸¥ç¥ó¤È¥·¥ó¥¬¥Ý¡¼¥ë¥ê¡¼¥¸¥ç¥ó¤Ç°ã¤¦¤È¤³¤í¤ò Mapping ¤ËÄêµÁ¤·¤Æ¡¢Resources ¤«¤é¤Ï !Refs ¤Ç»²¾È¤¹¤ë
- AWS Cloud Formation ¼Â¹Ô»þ¤Ë¤Ç¤¤¿ÊÑ¿ô¤Ï¡¢Output ¥»¥¯¥·¥ç¥ó¤ËÀßÄꤹ¤ë¤È¡¢¼Â¹Ô¥í¥°¤Ë½ÐÎϤµ¤ì¤ë¡£¼Â¹Ô»þ¤Ë AWS ¤«¤é³ä¤êÅö¤Æ¤é¤ì¤¿ URL ¤òÃΤꤿ¤¤¤È¤¤Ê¤É¤Ë»È¤¦
- ¾ò·ïʬ´ô Condition
Parameters:
EnvType:
Type: String
Default: test
AllowedValues:
- product
- test
Conditions:
CreateProdResources: !Equals [ !Ref EnvType, product ]
Resources:
...
MountPoint
Type: "AWS::EC2::VolumeAttachment"
Condition: CreateProdResources
....
- Paramete ¤ÇÄêµÁ¤µ¤ì¤Æ¤¤¤ë¡¡EnvType? ¤ÎÃͤ¬ product "¤Ç¤Ê¤¤"¤È¤¡¢CreateProdResources? ¤¬ true ¤Ë¤Ê¤ë
- ¤½¤¦¤¹¤ë¤È MountPoint? ¤ÎÃæ¤Î Condition ¤¬ true ¤Ë¤Ê¤ê¡¢¿·¤·¤¤ MountPoint? ¤¬ºî¤é¤ì¤ë
- ¤½¤·¤Æ¡¢EnvType? ¤Ï AWS ¤Î´ÉÍý¥³¥ó¥½¡¼¥ë¤Ç Web GUI ¤«¤éÀÚ¤êÂؤ¨¤Ç¤¤ë¤È¤¤¤¦À£Ë¡
AWS Elastic Beanstalk †
- Wizard ¤Ç¼ê·Ú¤Ë Web ¥¢¥×¥ê¤Î¼Â¹Ô´Ä¶¤òºî¤ë»ö¤¬¤Ç¤¤ë»ÅÁȤß
- ¥×¥é¥Ã¥È¥Õ¥©¡¼¥à (.Net / Docker / Glassfish / Tomcat / Node.js / ...)
- ¥×¥ê¥»¥Ã¥È
- ¥½¥Õ¥È¥¦¥§¥¢ (Web°Ê³° Apache / S3(Log) / CloudWatch? Logs)
- ¥¤¥ó¥¹¥¿¥ó¥¹
- ÍÆÎÌ
- ¥í¡¼¥É¥Ð¥é¥ó¥µ¡¼
- ¥Ç¥×¥í¥¤¥á¥ó¥È¥Ý¥ê¥·¡¼ (All at once / Rolling)
- ¥»¥¥å¥ê¥Æ¥£
- ¥â¥Ë¥¿¥ê¥ó¥°
- ÄÌÃÎ
- ¥Í¥Ã¥È¥ï¡¼¥¯
- ¸¢¸Â
- Beanstalk ¤¬Æ°¤¤¤Æ¤¤¤ë EC2 ¤Î¸¢¸Â ¢ª ¾¤Î¥µ¡¼¥Ó¥¹¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤¿¤á¤Î¸¢¸Â
- AWSElasticBeanstalkEnhancedHealth? ¢ª Beanstalk ¤Î´Æ»ë¤¹¤ë¸¢¸Â
- AWSElasticBeanstalkService? ¢ª Beanstalk ¤Î´Ä¶¤òºîÀ®¡¦¹¹¿·¤¹¤ë¸¢¸Â
- eb¥³¥Þ¥ó¥É
- eb init ¢ª ´Ä¶ÄêµÁ¥Õ¥¡¥¤¥ë¤Î¿÷·Á (config.yml) ¤òºî¤ë
- eb create ¢ª config.yml ¤ò¤â¤È¤Ë beanstalk ´Ä¶¤òºî¤ë
- eb deploy ¢ª beanstalk ´Ä¶¤Ë¥¢¥×¥ê¤òÇÛÈ÷¤¹¤ë
- ¥ï¡¼¥«¡¼´Ä¶
- SQS (Amazon Simple Queue Service) ¤Þ¤¿¤Ï Amazon DynamoDB ·Ðͳ¤Ç¥ï¡¼¥«¡¼¤Ë¥¿¥¹¥¯¤ò¼õ¤±ÅϤ¹¥Ð¥Ã¥Á¼Â¹Ô´Ä¶
- ¥¹¥±¡¼¥ê¥ó¥°¤Ï EC2 Auto Scaling ¤ÇÀßÄꤹ¤ë
¥µ¡¼¥Ð¥ì¥¹ †
- ¥¢¥×¥ê¤è¤ê²¼¤Î¥ì¥¤¥ä¤ò Amazon ¤¬¤ä¤Ã¤Æ¤¯¤ì¤ë¥µ¡¼¥Ó¥¹
AWS Lambda | ¥³¥ó¥Ô¥å¡¼¥Æ¥£¥ó¥° |
Amazon API Gateway | REST/WebSocket? |
AWS AppSync? | GraphQL |
Amazon S3 | Strage |
Amazon Dynamo DB | RDB (NoSQL) |
Amazon SNS | Message Notification |
Amazon SQS | Message Queue |
AWS Step Function | Workflow |
Amazon Kinesis | Data Analysis (Streaming) |
Amazon Athena | Data Analysis (Statistics) |
Amazon Fargate | Container Orchestration |
Amazon Aurora | RDB (compatible with MySQL/PostgreSQL) |
Amazon Cognito | Authentication |
AWS SAM (Serverless Application Model) †
- CloudFormation? ¤ò¥³¥Þ¥ó¥É¥é¥¤¥ó¤Çºî¤ì¤ë¤è¤¦¤Ë¤¹¤ë
- sam¥³¥Þ¥ó¥É
- sam init ¢ª Wizard ¤Ç tamplate.yml ¤òºî¤ë
- sam build ¢ª ¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Î¥Ó¥ë¥É (¥Ó¥ë¥É¤Ï template.yml ¤ÎÄêµÁ¤Ë´ð¤Å¤¤¤Æ¹Ô¤ï¤ì¤ë)
- sam deploy ¢ª ¼Â¹Ô´Ä¶¤ËÇÛÈ÷
¥»¥¥å¥ê¥Æ¥£ †
¶¦ÍÀÕǤ¥â¥Ç¥ë †
- AWS¤Ï¡¢¥¤¥ó¥Õ¥é¤Î¥»¥¥å¥ê¥Æ¥£¤ËÀÕǤ¤ò»ý¤Ä
- ¥æ¡¼¥¶¤Ï¡¢OS¡¢¥¢¥×¥ê¡¢¥Ç¡¼¥¿¤Î¥»¥¥å¥ê¥Æ¥£¤ËÀÕǤ¤ò»ý¤Ä
¥Í¥Ã¥È¥ï¡¼¥¯ †
- ¹½À® VPC = Virtual Private Cloud
Region ¨¡ VPC ¨¨ Internet Gateway = ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Ø¤Î½Ð¸ý
¨¢
¨§ Availability Zone 1
¨¢ ¨§ Public Subnet 1
¨¢ ¨¢ ¨¦ Nat Gateway 1
¨¢ ¨¦ Private Subnet 1
¨¢ ¨§ Instance 1 (Linux Server)
¨¢ ¨¢ ¨¦ ENI (Elastice Network Interface) ¡á¥¤¥ó¥¹¥¿¥ó¥¹¤Î NIC (eth0)
¨¢ ¨¦ Interface Endpoint = ¥µ¡¼¥Ó¥¹API¤ÎENI(Î㤨¤Ð Instace1 ¤«¤é Lambda ¤ò»È¤¦¤¿¤á¤ÎÀܳ¸ý)
¨¢
¨§ Availability Zone 2
¨¢ ¨§ Public Subnet 2
¨¢ ¨¢ ¨¦ Nat Gateway 2
¨¢ ¨¦ Private Subnet 2
¨¢ ¨§ Instance 2 (Linux Server)
¨¢ ¨¢ ¨¦ ENI (Elastice Network Interface) ¡á¥¤¥ó¥¹¥¿¥ó¥¹¤Î NIC (eth0)
¨¢ ¨¦ Interface Endpoint = ¥µ¡¼¥Ó¥¹API¤ÎENI(Î㤨¤Ð Instace2 ¤«¤é Lambda ¤ò»È¤¦¤¿¤á¤ÎÀܳ¸ý)
¨¢
¨§ VGP(²¾Áۥץ饤¥Ù¡¼¥È¥²¡¼¥È¥¦¥§¥¤) = VPC Endpoint = ¥ª¥ó¥×¥ì¥ß¥¹¤È¤ÎÀܳ¸ý
¨¦ Gateway Endpoint = S3, DynamoDB ¤Ø¤ÎÀܳ¸ý
- Public Subnet ¤Î Route Table ¤Ç 0.0.0.0/0 (GW) ¤Ë Internet Gateway ¤ò»ØÄꤹ¤ë¡£(Public Subnet Æâ¤Î IP ¤Ç¤Ê¤±¤ì¤Ð Internet Gateway ¤«¤é½Ð¤Æ¤¤¤¯)
- Private Subnet ¤Î Route Table ¤Ç 0.0.0.0/0 (GW) ¤Ë Nat Gateway ¤ò»ØÄꤹ¤ë¡£(Private Subnet Æâ¤Î IP ¤Ç¤Ê¤±¤ì¤Ð¡¢Nat Gateway ¤Ë½Ð¤Æ¤¤¤¯¡¢¹¹¤Ë Public Subnet Æâ¤Î IP ¤Ç¤Ê¤±¤ì¤Ð Internet Gateway ¤«¤é½Ð¤Æ¤¤¤¯)
- ¥Í¥Ã¥È¥ï¡¼¥¯ACL (¥µ¥Ö¥Í¥Ã¥È¤Î¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë)
- ¥¤¥ó¥Ð¥¦¥ó¥É¤ÎÎã (80¤À¤±OK)
¥ë¡¼¥ë# | ¥¿¥¤¥× | ¥×¥í¥È¥³¥ë | ¥Ý¡¼¥ÈÈÏ°Ï | Á÷¿®Àè | µö²Ä/µñÈÝ |
100 | HTTP(80) | TCP | 80 | 0.0.0.0/0 | ALLOW |
- | ¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯ | ¤¹¤Ù¤Æ | ¤¹¤Ù¤Æ | 0.0.0.0/0 | DENY |
- ¥¢¥¦¥È¥Ð¥¦¥ó¥É¤ÎÎã (HTTP¥ì¥¹¥Ý¥ó¥¹¤Ë»È¤¦°ì»þ¥Ý¡¼¥È¤òµö²Ä¤¹¤ë¤³¤È¤òÁÛÄê)
¥ë¡¼¥ë# | ¥¿¥¤¥× | ¥×¥í¥È¥³¥ë | ¥Ý¡¼¥ÈÈÏ°Ï | Á÷¿®Àè | µö²Ä/µñÈÝ |
100 | ¥«¥¹¥¿¥àTCP¥ë¡¼¥ë | TCP | 32768-65535 | 0.0.0.0/0 | ALLOW |
- | ¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯ | ¤¹¤Ù¤Æ | ¤¹¤Ù¤Æ | 0.0.0.0/0 | DENY |
- ¥»¥¥å¥ê¥Æ¥£¥°¥ë¡¼¥× (ENI¤Î¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë)
- VGP = VPC¥¨¥ó¥É¥Ý¥¤¥ó¥È
- ¥ª¥ó¥×¥ì¥ß¥¹(¼«¼Ò¥µ¡¼¥Ð¡¼)¤È¤ÎÀܳ¸ý
- [»î¸³Âкö] ¥ª¥ó¥×¥ì¥ß¥¹¤È¤Î¤ßÀܳ¤·¤Æ¤¤¤ë VPC ¤Î¾ì¹ç¤Ï¡¢Internet Gateway ¤òºî¤é¤º VPC ¥¨¥ó¥É¥Ý¥¤¥ó¥È¤Î¤ß¤òºî¤ë
- Gateway Endpoint (¤³¤ì¤Ï VPC ¤Î»ý¤Áʪ)
- Interaface Endpoint (¤³¤ì¤Ï Subnet ¤Î»ý¤Áʪ)
- ¥µ¡¼¥Ó¥¹API ¤Î ENI
- Amazon API Gateway
- Amazon Cloud Watch
- Amazon Cloud Build
- AWS Elastic Beanstalk
- Amazon Elastic Container Registry
- AWS Key Management Service
- Amazon Kinesis Data Stream
- AWS Lambda
- AWS Secrets Manager
- AWS System Manager
- Amazon SNS
- Amazon SQS
- ¢¨ S3, Dynamo DB ¤Î Interface Endpoint ¤Ï¤Ê¤¤
SSH †
- SSH (Code Commit = git) ¥¢¥¯¥»¥¹
IAM †
- Aws Identity And Access Management
- ǧ¾Ú Identity (¤ªÁ°ËÜÅö¤Ë tanaka ?)
- ǧ²Ä Access Management (tanka ¤Ï±¾¡¹¤¬¤Ç¤¤ë¡¢³Æ³Æ¤Ï¤Ç¤¤Ê¤¤)
- ¥ë¡¼¥È¥æ¡¼¥¶
- AWS¥¢¥«¥¦¥ó¥È¤òºî¤Ã¤¿¥æ¡¼¥¶
- ¥í¥°¥¤¥ó : ¥á¡¼¥ë¥¢¥É¥ì¥¹¤È¥Ñ¥¹¥ï¡¼¥É
- ¥¢¥«¥¦¥ó¥ÈÆâ¤Î¤¹¤Ù¤Æ¤Î¸¢¸Â¤òÍ¿¤¨¤é¤ì¤Æ¤¤¤ë¡£¸¢¸Â¤ò¸º¤é¤¹¤³¤È¤Ï¤Ç¤¤Ê¤¤
- Ä̾ïºî¶È¤Ç¤Ï¥ë¡¼¥È¥æ¡¼¥¶¤Ï»È¤ï¤Ê¤¤ (¸¢¸Â¤¬¶¯¤¹¤®¤ë¤Î¤Ç»ö¸Î¤¬µ¯¤¤ë¡£ÉÔÀµ¥¢¥¯¥»¥¹¤µ¤ì¤ë¤È²¿¤Ç¤â¤Ç¤¤ë)
- ¢ÍÄ̾ïºî¶È¤Ç¤Ï¡¢Å¬Àڤ˸¢¸Â¤òÀßÄꤷ¤¿ IAM ¥æ¡¼¥¶¤ò»È¤¦
- IAM¥æ¡¼¥¶
- AWS¤Î¥Þ¥Í¥¸¥á¥ó¥È¥³¥ó¥½¡¼¥ë¤ÇºîÀ®¤¹¤ë
- ¥í¥°¥¤¥ó : ¥¢¥«¥¦¥ó¥ÈID(12·å)¡¢¥æ¡¼¥¶Ì¾¡¢¥Ñ¥¹¥ï¡¼¥É
- CLI : ¥¢¥¯¥»¥¹¥¡¼ID(12·å)¡¢¥·¡¼¥¯¥ì¥Ã¥È¥¢¥¯¥»¥¹¥¡¼
- ¸¢¸Â
- ¥æ¡¼¥¶¤Ë¥Ý¥ê¥·¡¼ (ÆÃÄê¤Îµ¡Ç½¤ËÂФ¹¤ë¸¢¸Â) ¤ò³ä¤êÉÕ¤±¤ë
- ¥æ¡¼¥¶¤ËIAM¥í¡¼¥ë (¥Ý¥ê¥·¡¼¤ò«¤Í¤¿¤â¤Î (ex ¥ì¥Ý¥¸¥È¥êºîÀ®ÉÔ²Ä + ¥³¡¼¥É¥³¥ß¥Ã¥È²Ä + DynamoDB´ÉÍý¸¢¸Â)) ¤ò³ä¤êÉÕ¤±¤ë
- CLI
- ¥æ¡¼¥¶¾ðÊó ~/.aws/credentials C:\Users\USERNAME\.aws\credentials
[default]
aws_access_key_id={³«È¯´Ä¶ACCESS_KEY_ID}
aws_secret_access_key={³«È¯´Ä¶SECREAT_ACCESS_KEY}
[product]
aws_access_key_id={ËÜÈִĶACCESS_KEY_ID}
aws_secret_access_key={ËÜÈִĶSECREAT_ACCESS_KEY}
- ¥×¥í¥Õ¥¡¥¤¥ë
- ¥ê¡¼¥¸¥ç¥ó»ØÄê
$ aws ec2 describe-instance --output table --region ap-northeast-1
- ¤½¤Î¾¤ÎÀßÄê ~/.aws/config
- IAM¥Ý¥ê¥·¡¼
- JSON¤Çµ½Ò¤¹¤ë
{
"Version" : "2024-03-20 Rev1",
"Statement" : [
{
"Effect" : "Allow",
"Action" : [
"s3:GetObject"
],
"Condition" : {
"IpAddress": {
"aws:SourceIP": "11.22.33.44/32"
}
},
"Resource": "arn:aws:s3:::blog-image/*"
}
]
}
- AWS Policy Generator ¤Çºî¤ë¤³¤È¤¬¤Ç¤¤ë (JSON¤òľ¤Ëºî¤ë¤³¤È¤â¤Ç¤¤ë)
- ARN (Amazon Resource Name)
arn:aws:service:reagion:account:resource-id
-¸ÇÄê- :s3 : : :blog-image/*
- Condition
- IAM¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥ÉÊѹ¹(¼«Ê¬¤ÎÀßÄꤷ¤«Êѹ¹¤Ç¤¤Ê¤¤¤è¤¦¤Ë¤¹¤ë) ½ñ¤Êý¤¬Æüì
{
"Version" : "2024-03-20 Rev1",
"Statement" : [
{
"Effect" : "Allow",
"Action" : [
"iam:*LoginProfile",
"iam:*AccessKey*",
"iam:*SSHPublicKey*",
],
"Resource": "arn:aws:iam::123456789012:user/${aws:username}"
}
]
}
- IAM¥Ý¥ê¥·¡¼¤ÎʬÎà
- ¥¢¥¤¥Ç¥ó¥Æ¥£¥Æ¥£¡¼¥Ù¡¼¥¹¤Î¥Ý¥ê¥·¡¼
- AWS´ÉÍý¥Ý¥ê¥·¡¼ (AWS¤¬Í½¤áÍÑ°Õ¤·¤Æ¤ª¤¤¤¿¥Ý¥ê¥·¡¼¡£¥æ¡¼¥¶¤Ï µö²Ä¡¦µñÈݤòÀßÄꤹ¤ë¤À¤±)
- ¥«¥¹¥¿¥Þ¡¼´ÉÍý¥Ý¥ê¥·¡¼
- ¥¤¥ó¥é¥¤¥ó¥Ý¥ê¥·¡¼ (¥°¥ë¡¼¥×/¥æ¡¼¥¶/¥í¡¼¥ë¡ÊIAM ¤Î¥¨¥ó¥Æ¥£¥Æ¥£) ¤ËľÀܸ¢¸Â¤ò½ñ¤¤¤Á¤ã¤¦¤³¤È¡£AWS´ÉÍý¥Ý¥ê¥·¡¼¡¢¥«¥¹¥¿¥Þ¡¼´ÉÍý¥Ý¥ê¥·¡¼¤Ï¡¢¸¢¸Â¤ò¥Ý¥ê¥·¡¼¤È¤·¤ÆÄêµÁ¤·¤Æ¡¢¥Ý¥ê¥·¡¼¤ò¥¨¥ó¥Æ¥£¥Æ¥£¤Ë³ä¤êÉÕ¤±¤ë )
- ¥ê¥½¡¼¥¹¥Ù¡¼¥¹¤Î¥Ý¥ê¥·¡¼
- S3¥Ð¥±¥Ã¥È¤Î¥Ý¥ê¥·¡¼
- Cognito(Web¥í¥°¥¤¥ó)¤Ç¥µ¥¤¥ó¥¤¥ó¤·¤¿¥æ¡¼¥¶¤Ë¡¢Lambda ¤Î¼Â¹Ô¤òµö²Ä¤¹¤ë¥Ý¥ê¥·¡¼
- ¾¤Î¥¢¥«¥¦¥ó¥È¤ÎIAM¥æ¡¼¥¶¤¬¡¢API ¤äSQS ¤ò»È¤¨¤ë¤è¤¦¤Ë¤¹¤ë¥Ý¥ê¥·¡¼
- ¾¤Î¥¢¥«¥¦¥ó¥È¤ÎRDS°Å¹æ²½¥¹¥Ê¥Ã¥×¥·¥ç¥Ã¥È¤«¤é¥¤¥ó¥¹¥¿¥ó¥¹¤òÉü¸µ¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë¥Ý¥ê¥·¡¼
- ¥Ý¥ê¥·¡¼¤Îɾ²Á
- API ¤Î¥¢¥¯¥·¥ç¥ó¤´¤È¤Ë¡¢¤¹¤Ù¤Æ¤Î¥Ý¥ê¥·¡¼¤¬É¾²Á¤µ¤ì¤Æ¡¢¤É¤ì¤«°ì¤Ä¤Ç¤âµñÈݤʤéµñÈݤµ¤ì¤ë
- [»î¸³] ¥Ý¥ê¥·¡¼¤¬½ñ¤«¤ì¤Æ¤¤¤ë½çÈ֤ϴط¸¤Ê¤¤
- ÄêÀÐ: AWS´ÉÍý¥Ý¥ê¥·¡¼¤Ç¹¤¯µö²Ä¤·¤Æ¤ª¤¡¢¥«¥¹¥¿¥Þ¡¼´ÉÍý¥Ý¥ê¥·¡¼¤ÇºÙ¤«¤¯µñÈݤ¹¤ë
- IAM¥í¡¼¥ë
- EC2¥¤¥ó¥¹¥¿¥ó¥¹¤Ë°ì»þŪ¤Ë¸¢¸Â¤òÍ¿¤¨¤ë»ÅÁȤß
- STS (Security Token Service)
| AWS Cloud
[¥ª¥ó¥×¥ì¥ß¥¹¡¦¥Ð¥Ã¥Á¥µ¡¼¥Ð] -------------|--> STS ------> IAM¥í¡¼¥ë
| | |
+----------------|--> S3 <------------+
| DynamoDB <------+
- ¡¥Ð¥Ã¥Á¥µ¡¼¥Ð¤¬STS¤Ëǧ¾Ú ¢Í ¥Ð¥Ã¥Á¥µ¡¼¥Ð¤Ë °ì»þtoken ¤¬ÊÖ¤µ¤ì¤ë
- ¢S3 ¤Ë¡¢Ï¢·È¤¹¤ëIAM¥í¡¼¥ë¤¬°ìÄê»þ´ÖŬÍѤµ¤ì¤ë (¥Ç¥Õ¥©¥ë¥È3600sec, ºÇ¾®900sec)
- £¥Ð¥Ã¥Á¥µ¡¼¥Ð¤Ï¡¢S3¤Ë °ì»þtoken ¤ò»È¤Ã¤Æ¥¢¥¯¥»¥¹¤¹¤ë
- STS°Ê³°¤Ë¤â³°Éôǧ¾Ú¤ÈID¥Õ¥§¥Ç¥ì¡¼¥·¥ç¥ó¤ÇIAM¥í¡¼¥ë¤òÏ¢·È¤µ¤»¤ë¤³¤È¤¬¤Ç¤¤ë
| AWS Cloud
[SSO]--------------------+--------(SAML)--|---------------> IAM¥í¡¼¥ë
(SAML) | |
[Web¥µ¡¼¥Ð] ---------|--> S3 <------------+
| DynamoDB <------+
- ³°Éô¤ÎSSO¤ÈSAML2.0¤ÇIAM¥í¡¼¥ë¤òÏ¢·È¤¹¤ë¤³¤È¤¬¤Ç¤¤ë
- Active Direcotry¡¢IDaaS(OneLOgin, Okta) ¤Ê¤É¤ÈÏ¢·È¤Ç¤¤ë
Amazon Cognito †
- AWS¾å¤ÇÆ°¤¯¥¢¥×¥ê¤Î¥í¥°¥¤¥ó´ÉÍý
- ¥æ¡¼¥¶¥×¡¼¥ë : ǧ¾Ú
- ID¥×¡¼¥ë : ¥¯¥é¥¤¥¢¥ó¥È¦¤ÎJavascript¤Ç IAM¤ß¤¿¤¤¤Ê¤³¤È¤ò¤ä¤ê¤¿¤¤¤È¤¤Ë»È¤¦
- ¥æ¡¼¥¶¥×¡¼¥ë
- ¥í¥°¥¤¥ó²èÌÌ¡¢UI¤Î¥«¥¹¥¿¥Þ¥¤¥º²Äǽ
- ¥æ¡¼¥¶¥×¥í¥Õ¥¡¥¤¥ë´ÉÍý
¥Ñ¥¹¥ï¡¼¥É¥Ý¥ê¥·¡¼ |
¥æ¡¼¥¶¥µ¥¤¥ó¥¢¥Ã¥×¤Îµö²Ä |
¥á¡¼¥ë¥¢¥É¥ì¥¹/ÅÅÏÃÈÖ¹æ¤Î¸¡¾Ú |
MFA(¿Í×ÁÇǧ¾Ú) |
¥¢¥É¥Ð¥ó¥¹¥È¥»¥¥å¥ê¥Æ¥£(¥Ñ¥¹¥ï¡¼¥É¤¬Ï³±Ì¤·¤¿¤È¤¥í¥Ã¥¯¤¹¤ë¤Ê¤É) |
- Lambda¥È¥ê¥¬¡¼
- Web ID¥Õ¥§¥Ç¥ì¡¼¥·¥ç¥ó (Facebook, Google, Apple ID, SAML... ¤Ç¥í¥°¥¤¥ó)
- ID¥×¡¼¥ë
- ¥¯¥é¥¤¥¢¥ó¥È¦¤ÎJavascript¤«¤éREST¤ÇľÀÜS3¤äDynamoDB¤Ë¥¢¥¯¥»¥¹|
¥·¡¼¥¯¥ì¥Ã¥È¾ðÊó¤Î´ÉÍý †
- Web¥µ¡¼¥Ð¤¬¡¢DB¥µ¡¼¥Ð¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤¿¤á¤Î¾ðÊó¤ò¤É¤³¤Ë»ý¤Ã¤Æ¤ª¤¯¤«
- AWS System Manager ¥Ñ¥é¥á¡¼¥¿¥¹¥È¥¢
- KMS ¤Ë¡¢DB¤ÎIP¥¢¥É¥ì¥¹¡¢¥æ¡¼¥¶Ì¾¡¢¥Ñ¥¹¥ï¡¼¥É¡¢¥Ý¡¼¥È¤ò³ÊǼ¤¹¤ë
- ¸¶Â§Åª¤Ë¸ÇÄê¤Î¾ðÊó¤ò³ÊǼ¤¹¤ë
- AWS Secure Manager
- KMS ¤Ë¡¢DB¤ÎIP¥¢¥É¥ì¥¹¡¢¥æ¡¼¥¶Ì¾¡¢¥Ñ¥¹¥ï¡¼¥É¡¢¥Ý¡¼¥È¤ò³ÊǼ¤¹¤ë¤Î¤Ï¡¢System Manager ¤ÈƱ¤¸
- Äê´üŪ¤Ë DB¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¹¹¿·¤·¤¿¤¤¤È¤¤Ë»È¤¦
- °ìÄê»þ´Ö¤´¤È¤Ë Lambda ¤ò¼Â¹Ô¤·¤Æ¡¢DB¥µ¡¼¥Ð¤Î¥¤¥ó¥¹¥¿¥ó¥¹¤ËÂФ·¤Æ GetSecret? ¤Ç¥æ¡¼¥¶Ì¾¤ä¥Ñ¥¹¥ï¡¼¥É¤ò¼èÆÀ¡¢¼«Æ°¹¹¿·¤¹¤ë
- DB¥µ¡¼¥Ð¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¼«Æ°Åª¤ËÍð¿ô¤¬ÀßÄꤵ¤ì¤ë (¤½¤·¤Æ¡¢Secure Manager ¤Ç Web¥µ¡¼¥Ð¤Ë¼«Æ°¶¦Í¤µ¤ì¤ë) ¤è¤¦¤Ë¤¹¤ì¤Ð¡¢DB¥µ¡¼¥Ð¤Î¥Ñ¥¹¥ï¡¼¥É¤òÃΤäƤ¤¤ë¿Í´Ö¤¬¤¤¤Ê¤¤±¿ÍѤ¬¤Ç¤¤ë
°Å¹æ²½(SSL/TLS) †
- AWS Certificate Manager
- Æȼ«¥É¥á¥¤¥ó¤Î¾ÚÌÀ½ñ¤ò´ÉÍý¤¹¤ë
- Amazon Cloud Front
- Elastic Load Balancer
- Amazon API Gateway
- AWS Key Management Service
- ¾ÚÌÀ½ñ¤ÎÊÝ´É
- CMK (Customer Master Key) ¤Ç°Å¹æ²½
- ¢¨ ¤è¤ê¸·³Ê¤ÊÊݴɤ¬É¬Íפʾì¹ç¤Ï AWS Cloud HSM ¤ò»È¤¦
- ¥Ç¡¼¥¿¤Î°Å¹æ²½
- S3
- SSE-S3 (S3¤¬´ÉÍý¤¹¤ë¸°¤Ç°Å¹æ²½)
- SSE-KMS (KMS¤¬´ÉÍý¤¹¤ë¸°¤Ç°Å¹æ²½)
- SSE-C (¥æ¡¼¥¶»ØÄê¤Î¸°¤Ç°Å¹æ²½)
- RDS (Relational Database Service)
- Amazon Aurora¡¢PostgreSQL¡¢MySQL¡¢MariaDB¡¢Oracle Database¡¢Microsoft SQL Server
- KMS¤Ç´ÉÍý¤µ¤ì¤ë¸°¤Ç°Å¹æ²½
- ¥Ð¥Ã¥¯¥¢¥Ã¥×¤â°Å¹æ²½¤µ¤ì¤ë
- ¥ê¡¼¥¸¥ç¥ó¤Þ¤¿¤®¤Î¥³¥Ô¡¼ : ¥ê¡¼¥¸¥ç¥ó¤ò¤Þ¤¿¤¤¤Ç CMK ¤òÅϤ»¤Ê¤¤¤Î¤Ç¡¢°Å¹æ²½¤µ¤ì¤¿¥¹¥Ê¥Ã¥×¥·¥ç¥Ã¥È¤ò¥³¥Ô¡¼¤·¤Æ¤âÉü¹æ²½¤Ç¤¤Ê¤¤¡£¥¹¥Ê¥Ã¥×¥·¥ç¥Ã¥È¤Î¥³¥Ô¡¼¤ò¹Ô¤¦¤È¤¤Ë¡¢Á÷¤êÀè¤Î CMK ¤ò»ØÄꤹ¤ë
- ÊÌ¥¢¥«¥¦¥ó¥È¤Ç¤Î¥ê¥¹¥È¥¢ : CMK¤Î¥¡¼¥Ý¥ê¥·¡¼¤Ç¡¢Â¾¤Î¥¢¥«¥¦¥ó¥È¤Ë¥ê¥¹¥È¥¢¤òµö²Ä¤¹¤ë
- SQS ¥á¥Ã¥»¡¼¥¸¤Î°Å¹æ²½
- ¥á¥Ã¥»¡¼¥¸¤Ï KMS ¤¬»ý¤Ã¤Æ¤¤¤ë CMK ¤Ç°Å¹æ²½/Éü¹æ²½¤µ¤ì¤ë
¥µ¡¼¥Ó¥¹³«È¯ †
¥¤¥ó¥Õ¥é †
- AWS¤Î¹½À®
- AWS Region (À¤³¦20¥ö½ê°Ê¾å)
- Availability Zone (RegionÆâ¤ËºÇÄã2¤Ä)
- Edge Location (À¤³¦200¥ö½ê°Ê¾å)
- Cloud Front
- Edge Location ¤Ë¤¢¤ë¥¥ã¥Ã¥·¥å¥µ¡¼¥Ð
- Web¤À¤±¤Ç¤Ê¤¯¡¢S3¤Î¥Ð¥±¥Ã¥È¤Ê¤É¤â Cloud Front ¤Ç¥¥ã¥Ã¥·¥å¤µ¤ì¤ë ¢Í Îã: ËÌÊƥ꡼¥¸¥ç¥ó¤ÇÆ°¤¤¤Æ¤¤¤ë¥µ¡¼¥Ó¥¹¤òÅìµþ¤ÎEdge Location¾å¤Î Cloud Front ¤«¤é¥¢¥¯¥»¥¹¤¹¤ë
- AZ¤ò°Õ¼±¤·¤Ê¤¤ã¤¤¤±¤Ê¤¤¤Î¤Ï
- Cloud Front¤Ï¡¢¥ê¡¼¥¸¥ç¥ó¤Î³° (Edge Location¤Î»ý¤Áʪ)
- ¤½¤Î¾¤Ï¥ê¡¼¥¸¥ç¥ó¤Î»ý¤Áʪ (S3,SNS,Lambda,...)
³«È¯´Ä¶ †
| AWS Cloud
¥æ¡¼¥¶ - [UI] ---API---> EC2, Lambda, S3, VPC
|
- UI
- AWS Management Console
- AWS Command Line Interface
- AWS Tools ans SDKs
- Toolkit IDE¤Îplugin¤ÇÄó¶¡ (PyCharm?, VSCode, ...)
- AWS Colud9 (Web IDE)
- UI¤Ï¡¢API·Ðͳ¤Ç¥µ¡¼¥Ó¥¹¤Ë¥¢¥¯¥»¥¹¤·¤Æ¤¤¤ë
- API¤Ø¤Î¥¢¥¯¥»¥¹¤Ï¡Ö½ð̾¥Ð¡¼¥¸¥ç¥ó4¡×¤Ç¡¢½èÍýÍ×µá¤Ë½ð̾¤ò¤¹¤ëɬÍפ¬¤¢¤ë
- ¥Ø¥Ã¥À¤Ë¼¡¤Î¤â¤Î¤ò¤Ä¤±¤ë
½ð̾¤Ë»ÈÍѤ·¤¿¥¢¥ë¥´¥ê¥º¥à | AWS4-HMAC-SHA256 |
ǧ¾Ú¾ðÊó¥¹¥³¡¼¥× | ¥¤¥ó¥¹¥¿¥ó¥¹+»þ¹ï+¥ê¡¼¥¸¥ç¥ó+API |
½ð̾ÉÕ¤¥Ø¥Ã¥À¤Î°ìÍ÷ | AWS¤Î¥·¡¼¥¯¥ì¥Ã¥È¥¢¥¯¥»¥¹¥¡¼¤«¤é½ð̾¥¡¼¤ò¼èÆÀ |
·×»»¤µ¤ì¤¿½ð̾ | ¥ê¥¯¥¨¥¹¥È¤Î¥á¥¿¥Ç¡¼¥¿¤È½ð̾¥¡¼¤«¤é·×»»¤µ¤ì¤¿¥Ï¥Ã¥·¥åÃÍ |
- ǧ¾Ú¾ðÊó¤È¤·¤Æ»È¤¦¤â¤Î¤ÎÍ¥Àè½ç°Ì
- ¥³¡¼¥É¤Î¥ª¥×¥·¥ç¥ó¤ä¥Ñ¥é¥á¡¼¥¿¤Ç»ØÄꤵ¤ì¤¿¥¢¥¯¥»¥¹¥¡¼
- ´Ä¶ÊÑ¿ô (AWS_ACCESS_KEY_ID¡¢AWS_SECRET_ACCESS_KEY_
/.aws/credentials
- ECS¤ÎIAM ¥í¡¼¥ë (¥¤¥ó¥¹¥¿¥ó¥¹¥×¥í¥Õ¥¡¥¤¥ë)
¥¹¥È¥ì¡¼¥¸ †
- Amazon Elastic Block Store (EBS)
- ¥¤¥ó¥¹¥¿¥ó¥¹¤Ë¥¢¥¿¥Ã¥Á¤·¤Æ¡¢OS¤ä¥½¥Õ¥È¥¦¥§¥¢¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë Block ¥Ç¥Ð¥¤¥¹
- Availability Zone ¤Î»ý¤Áʪ (AZ ¤ò¤Þ¤¿¤¤¤Ç¶¦Í¤Ç¤¤Ê¤¤)
- Amazon Elastic File System (EFS)
- ¥¤¥ó¥¹¥¿¥ó¥¹¤«¤é¥Þ¥¦¥ó¥È¤·¤Æ»È¤¦¡¢¥Ç¡¼¥¿Îΰè
- AZ¤ò¤Þ¤¿¤¤¤ÇÊ£¿ô¥¤¥ó¥¹¥¿¥ó¥¹¤«¤é¥Þ¥¦¥ó¥È¤Ç¤¤ë
- S3 (Amazon Simple Storage Service)
- KVS
- ¥ª¥Ö¥¸¥§¥¯¥È¥¹¥È¥ì¡¼¥¸
- ¥¤¥ó¥¿¡¼¥Í¥Ã¥ÈÂбþ(¥Ö¥é¥¦¥¶¤«¤éľÀܸ«¤é¤ì¤ë)
- ÍÆÎÌ̵À©¸Â
- ½ÀÆð¤Ê¥»¥¥å¥ê¥Æ¥£ÀßÄê
- S3¤Ë³ÊǼ¤µ¤ì¤Æ¤¤¤ë¥Ç¡¼¥¿¼ç¤ÊÍÑÅÓ
- AWS Glue ¥Ç¡¼¥¿²Ã¹©¡¢¥Ç¡¼¥¿¥«¥¿¥í¥°¤ÎºîÀ®
- Amazon EMR Hadoop/Spark
- Amazon Redshift DWH (Dataware House)
- Amazon SageMaker? ¿äÏÀ
- Amazon Athena SQL¥¯¥¨¥ê¤ÇʬÀÏ
- Amazon Quick Sight BI(Business Intelligence ÍÍ¡¹¤Ê¥°¥é¥Õ²½)
- AWS Lake Formation (Glue, Athena ¤Ê¤É¤Î¥Æ¥ó¥×¥ì¡¼¥È)
- S3 Select (SQLʸ¤Ç¥Ç¡¼¥¿¤òÃê½Ð)
- S3 ¤Ë¥Ð¥Ã¥¯¥¢¥Ã¥×
- ¥Ð¡¼¥¸¥ç¥Ë¥ó¥°
- ¥ª¥Ö¥¸¥§¥¯¥È¥í¥Ã¥¯(¾å½ñ¤¤Ç¤¤Ê¤¤¤è¤¦¤Ë¤¹¤ë)
- Amazon S3 Glacier
- AWS Storage Gateway
- ¥Õ¥¡¥¤¥ë¥²¡¼¥È¥¦¥§¥¤ : S3 ¤ò NFS/SMB ¤È¤·¤Æ¥¢¥¯¥»¥¹¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë
- ¥Ü¥ê¥å¡¼¥à¥²¡¼¥È¥¦¥§¥¤ : S3 ¤ò iSCSI ¤È¤·¤Æ¥¢¥¯¥»¥¹¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë
- ¥Æ¡¼¥×¥²¡¼¥È¥¦¥§¥¤ : S3 ¤ò²¾Áۥơ¼¥×¥é¥¤¥Ö¥é¥ê¤È¤·¤Æ¥¢¥¯¥»¥¹¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë
- S3 ¤Î¥¯¥í¥¹¥ê¥×¥ê¥±¡¼¥·¥ç¥ó : Åìµþ¥ê¡¼¥¸¥ç¥ó¤È¥·¥ó¥¬¥Ý¡¼¥ë¥ê¡¼¥¸¥ç¥ó¤ÇS3¤òƱ´ü¤¹¤ë
- S3 ¤«¤éÀÅŪ¥¦¥§¥Ö¥³¥ó¥Æ¥ó¥Ä¤òÇÛ¿®¤¹¤ë¡£Cloud Front ¤È¹ç¤ï¤»¤Æ»È¤¦
Cloud Front (JPN)-------+
Cloud Front (CHN)-------+-----S3 (HTML,CSS,PNG,JPG,...)
Cloud Front (SGN)-------+
- ¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë¥ê¥¹¥È¤Ç¸ø³«ÀßÄꤹ¤ë
- ¤è¤ê¾ÜºÙ¤Ë¸¢¸ÂÀßÄꤹ¤ë¾ì¹ç¤Ï¡¢¥Ñ¥±¥Ã¥È¥Ý¥ê¥·¡¼¤òÀßÄꤹ¤ë
- ½ð̾ÉÕ¤¥ª¥Ö¥¸¥§¥¯¥È¥¡¼ : °ì»þŪ¤Ë¥¢¥¯¥»¥¹¤Ç¤¤ë¥ª¥Ö¥¸¥§¥¯¥È¤ÎURL (¥×¥í¥»¥¹¤¬À¸¤¤Æ¤¤¤ë´Ö¤À¤±Í¸ú¡Ë
- CORS (Cross Origin)
- °Å¹æ²½ SSE-S3, SSE-KMS, SSE-C
- À°¹çÀ MD5¥Á¥§¥Ã¥¯¥µ¥à
openssl md5 -binary xxx.txt | base64
¤Ç base64 ¤Î MD5 ¥Á¥§¥Ã¥¯¥µ¥à¤ò·×»»¤·¤Æ¡¢¥¢¥Ã¥×¥í¡¼¥É»þ¤Ë»ØÄꤹ¤ë
aws s3api put-ouject --bucket yyyy -key xxx.txt --body xxx.txt --content-md5 {MD5}
- S3¤ÎError
- Internal Error ¢Í ¤Ê¤ó¤«¤Î¥¨¥é¡¼¡¢²ò·èË¡¡ÖºÆ»î¹Ô¡×
- No Such Bucket
- Bucket Already Exists
- Invalid Bucket Name
Database †
- Amazon RDS (Relational Database Service)
- MySQL
- PostgreSQL
- MariaDB
- Oracle
- ¥Ñ¥¹¥ï¡¼¥É¤Ï AWS Secret Manager ¤Ç¼«Æ°¥í¡¼¥Æ¡¼¥·¥ç¥ó¡¦¥¢¥×¥ê¥µ¡¼¥Ð¤È¶¦Í
- ¥ì¥×¥ê¥±¡¼¥·¥ç¥ó
- ÈóƱ´ü/Æɤ߼è¤êÀìÍÑ¥ì¥×¥ê¥«¤Ï 5 ¤Ä¤Þ¤ÇºîÀ®¤Ç¤¤ë
- ¥¯¥í¥¹¥ê¡¼¥¸¥ç¥ó¥ì¥×¥ê¥«
- ¥Õ¥§¥¤¥ë¥ª¡¼¥Ð¡¼ : ¥Þ¥¹¥¿¡¼¾ã³²»þ¤Ë¥¹¥¿¥ó¥Ð¥¤¤¬¥Þ¥¹¥¿¡¼¤Ë¾º³Ê
- ¥¹¥Ê¥Ã¥×¥·¥ç¥Ã¥È ¢Í S3¡£Â¾¤Î¥ê¡¼¥¸¥ç¥ó¤Ë¥¹¥Ê¥Ã¥×¥·¥ç¥Ã¥È¤òºî¤ë¤³¤È¤â¤Ç¤¤ë
- Amazon Aurora
- MySQL¸ß´¹API (Àǽ5ÇÜ)¡¢PostgreSQL¸ß´¹API (Àǽ3ÇÜ)
- ¼«Æ°³ÈÄ¥ 10GB ¢Í 128TB
- ¥¹¥¿¥ó¥Ð¥¤¤Ï¤Ê¤¤¡£Æɤ߼è¤êÀìÍѤΥ꡼¥É¥ì¥×¥ê¥«¤ò 15 ¸Ä¤Þ¤Çºî¤ì¤ë
- ¥Õ¥§¥¤¥ë¥ª¡¼¥Ð¡¼¤Ï¡¢¥ê¡¼¥É¥ì¥×¥ê¥«¤¬¾º³Ê¡£¾ã³²¸å1ʬ°ÊÆâ
- ¥¥ã¥Ñ¥·¥Æ¥£¡¼¥¿¥¤¥×
- ¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°¥¿¥¤¥× : ¥¤¥ó¥¹¥¿¥ó¥¹¤òºîÀ®¤¹¤ë¡£¥¤¥ó¥¹¥¿¥ó¥¹¤´¤È¤Î²Ý¶â
- ¥µ¡¼¥Ð¥ì¥¹¥¿¥¤¥× : Aurora Serverless¡£AWS¤Î¤É¤Ã¤«¤ÇÆ°¤¤¤Æ¤¤¤ë¤¬¡¢¥æ¡¼¥¶¤Ï´ØÃΤ·¤Ê¤¤¡£ACU (Aurora Capacity Unit) ¤´¤È¤Ë²Ý¶â¡£1ACU=1CPU/2GB¥á¥â¥ê¡£¥Þ¥Í¥¸¥á¥ó¥È¥³¥ó¥½¡¼¥ë¤ÇÀßÄꤷ¤¿ºÇ¾®ACU¤«¤éºÇÂçACU¤Ë¼«Æ°¥¹¥±¡¼¥ê¥ó¥°
- Amazon Elastic Cache
- Memcached, Redis
- Ê£¿ô¤Î¥µ¥Ö¥Í¥Ã¥È¤ò«¤Í¤¿¥µ¥Ö¥Í¥Ã¥È¥°¥ë¡¼¥×¤ËÇÛÃÖ¤¹¤ë ¢Í AZ¤ò¤Þ¤¿¤¤¤À¥¥ã¥Ã¥·¥å¥µ¡¼¥Ð¤È¤·¤Æ»È¤¦¤³¤È¤¬¤Ç¤¤ë
- Amazon DynamoDB
- Amazon Æȼ«¤Î KVS
- PK
- ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼¤Î¤ß
- ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼¤È¥½¡¼¥È¥¡¼
- ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼¤Î¥Ï¥Ã¥·¥åÃͤò¸µ¤Ë¡¢¥ì¥³¡¼¥É¤ò³ÊǼ¤¹¤ë¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¤ò·è¤á¤ë¡£¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼¤Ï¥Ï¥Ã¥·¥å¥¡¼¤È¤â¸Æ¤Ð¤ì¤ë
- ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼¤Î¹Íθ»ö¹à
- ¶È̳Ū¤ËʬÇÛ¤·¤ä¤¹¤¤Â°À¤ò»ÈÍѤ¹¤ë (¥æ¡¼¥¶ID¤Ê¤É)
- ¤½¤¦¤¤¤¦Â°À¤¬¤Ê¤¤¤Ê¤é¥µ¥Õ¥£¥Ã¥¯¥¹¤òÄɲä¹¤ë ¡Ö.1¤«¤é.200¡× (Åìµþ.1, Åìµþ.2, ..., Åìµþ.200, ¿ÀÆàÀî.1, ¿ÀÆàÀî.2, ...)
- ¥»¥«¥ó¥À¥ê¥¤¥ó¥Ç¥Ã¥¯¥¹
- LSI (¥í¡¼¥«¥ë¥»¥«¥ó¥À¥ê¥¤¥ó¥Ç¥Ã¥¯¥¹) = ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼¤Î¤³¤È
- GSI (¥°¥í¡¼¥Ð¥ë¥»¥«¥ó¥À¥ê¥¤¥ó¥Ç¥Ã¥¯¥¹) = ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥¡¼¤È̵´Ø·¸¤Î°À¤Ç¥¯¥¨¥ê¤Î¸¡º÷¤ò¹Ô¤¤¤¿¤¤¤È¤¤ËÀßÄꤹ¤ë
- ÀÁµá
- ¥ª¥ó¥Ç¥Þ¥ó¥É¥¥ã¥Ñ¥·¥Æ¥£¥â¡¼¥É : Æɤ߽ñ¤²ó¿ô¤Ë¤è¤ë²Ý¶â
- ¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°ºÑ¤ß¥¥ã¥Ñ¥·¥Æ¥£¥â¡¼¥É : ¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°=³ÎÄꡣͽ¤á RCU,WCU¤ò¹ØÆþ¤¹¤ë
RCU | Read Capacity Unit | 1KB/sec |
WCU | Write Capacity Unit | 1KB/sec |
- DynamDB ¥¹¥È¥ê¡¼¥à
- Êѹ¹»þ¤ËÊѹ¹¾ðÊó¤¬ÆÀ¤é¤ì¤ë¥¹¥È¥ê¡¼¥à¡£Êѹ¹¤´¤È¤Ë Lambda ¤ò¸Æ¤Ó½Ð¤¹¤Î¤Ë»È¤¦
- ¤É¤Î¾ðÊó¤ò¥¹¥È¥ê¡¼¥à¤Ë¾è¤»¤ë¤«¤òÀßÄꤹ¤ë
¥¡¼¤Î¤ß | |
¿·¤·¤¤¥¤¥á¡¼¥¸ | Êѹ¹¸å¤Î¥ì¥³¡¼¥É |
¸Å¤¤¥¤¥á¡¼¥¸ | Êѹ¹Á°¤Î¥ì¥³¡¼¥É |
¿·µì¥¤¥á¡¼¥¸ | Êѹ¹Á°¤ÈÊѹ¹¸å¤Î¥ì¥³¡¼¥É |
- DynamoDB ¥°¥í¡¼¥Ð¥ë¥Æ¡¼¥Ö¥ë
- ¾¤Î¥ê¡¼¥¸¥ç¥ó¤Ë¥ì¥×¥ê¥«¤òºî¤ë
- DynamoDB ¥¹¥È¥ê¡¼¥à¤Ë¤è¤Ã¤Æ¡¢Êѹ¹¾ðÊó¤ò¾¤Î¥ê¡¼¥¸¥ç¥ó¤ËÇۤäÆƱ´ü¤¹¤ë
- DynamoDB ¤Î¥Ð¥Ã¥¯¥¢¥Ã¥×
- ¥Ý¥¤¥ó¥È¥¤¥ó¥¿¥¤¥à¥ê¥«¥Ð¥ê ¢Í ²áµî35Æü°ÊÆâ¤ÎǤ°Õ¤Î»þ¹ï¤ËÌá¤ì¤ë
- ¥Ð¥Ã¥¯¥¢¥Ã¥× ¢Í ÆÃÄê¤Î»þÅÀ¤Î¥Ð¥Ã¥¯¥¢¥Ã¥×¤ò¼è¤ë
- DynamoDB Accelerarator (DAX)
- ¥¤¥ó¥á¥â¥ê¤ÇÆ°¤¯ DynamoDB
- Ä̾ï¿ô¥ß¥êÉäΥ쥤¥Æ¥ó¥·¤ò¿ô¥Þ¥¤¥¯¥íÉäˤǤ¤ë
- VPC¥µ¥Ö¥Í¥Ã¥È¥°¥ë¡¼¥×¾å¤Ë¤Ä¤¯¤ë
- API¤Ï DynamoDB ¤È¸ß´¹
- DynamoDB API
- PutItem?
- UpdateItem? : ³Ú´Ñ¥í¥Ã¥¯ ConditionExpression?
- GetItem?
- DeleteItem?
- Query
- Scan (Á´¹àÌÜÁöºº¡¢ÃÙ¤¤¤Î¤Ç Query ¤ò»È¤¦¤Ù¤·)
- BatchWriteItem? , BatchGetItem?
- TransactWriteItems?, TransactGetItems? : 2018¤ËÄɲᢡÖDynamoDB¤Ï¥È¥é¥ó¥¶¥¯¥·¥ç¥ó¤ò¥µ¥Ý¡¼¥È¤·¤Æ¤¤¤ë NoSQL¥Ç¡¼¥¿¥Ù¡¼¥¹¡×
- Java DynamoMapper?
- C# ¥ª¥Ö¥¸¥§¥¯¥È±Ê³À¥â¥Ç¥ë
- DynamoDB¤Î¥»¥¥å¥ê¥Æ¥£=IAM
Computing †
Lambda †
- ¼Â¹Ô´Ä¶ Node.js, Java, Python, .NET, Go, Ruby, ¥«¥¹¥¿¥à¥é¥ó¥¿¥¤¥à
- ¥á¥â¥ê 128MB〜10GB¡£CPU, Network ¤Ï¥á¥â¥ê¥µ¥¤¥º¤Ë°Í¸
- ¥ê¡¼¥¸¥ç¥ó¡¢VPC¤É¤Á¤é¤Ç¤âµ¯Æ°²Äǽ
- IAM¥í¡¼¥ë¤Î³äÉÕ¤¬¤Ç¤¤ë
- Lambda ¤Î¥¤¥Ù¥ó¥È¥â¥Ç¥ë
- PUSH : ¥µ¡¼¥Ó¥¹Â¦¤«¤é Lambda ¤ò¸Æ¤Ó½Ð¤¹
- S3 ¤Î¹¹¿·¥¤¥Ù¥ó¥È : S3 ¤Ï¹¹¿·»þ¤Ë Lambda ¤ò¸Æ¤Ó½Ð¤¹
- API Gateway
- PULL : Lambda¤«¤é¥µ¡¼¥Ó¥¹¤ËÌ䤤¹ç¤ï¤»¤ò¤¹¤ë
- DynamoDB : DynamDB Stream ¤òÀßÄꤹ¤ë¤È DB ¹¹¿·»þ¤Ë Lambda ¤¬¼Â¹Ô¤µ¤ì¤ë ¢Í ¼ÂÁõ¾å¤ÏDynamoDB Stream ¤Ë¹¹¿·¾ðÊó¤¬Ãù¤Þ¤ë¡£Lambda ¤¬ DynamoDB Stream ¤òÄê´üŪ¤Ë¸«¤Ë¸ú¤¯(¥Ý¡¼¥ê¥ó¥°)
- SQS : SQS ¤Ë¥á¥Ã¥»¡¼¥¸¤òÅꤲ¤ë¤È Lambda ¤¬¼Â¹Ô¤µ¤ì¤ë ¢Í ¼ÂÁõ¾å¤Ï Lambda ¤¬ SQS ¤Î¥¥å¡¼¤òÄê´üŪ¤Ë¸«¤Ë¹Ô¤¯(¥Ý¡¼¥ê¥ó¥°)
- Lambda ¤Î¸¢¸Â
- ¥í¥°½ÐÎÏ
- logs:CreateLogGroup?
- logs:CreateLogStream?
- logs:PutLogEvents?
- AWS´ÉÍý¥Ý¥ê¥·¡¼ (CloudWatch? ¸¢¸Â¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë)
- AWSLambdaBasicExecutionRole?
- ¥í¥°´Æ»ë
- CloudWatch? Logs ¤Ë½ñ¤¹þ¤Þ¤ì¤ë
- ¥³¡¼¥É¤«¤é¥í¥°¤òÅǤ¯¤³¤È¤¬¤Ç¤¤ë
- Lambda¤Ï¼¡¤Î¥í¥°¤òɬ¤ºÅǤ¯
- START
- END
- REPORT
Duration | ¼Â¹Ô»þ´Ö |
Billed Duration | ²Ý¶â»þ´Ö (ms) |
Memory Size | ½é´ü¥µ¥¤¥º |
Max Memory Size | ºÇÂ祵¥¤¥º |
- Lambda ¤Î¥Ç¥×¥í¥¤
- Lambda´Ø¿ô¤ÎºîÀ®
- IAM¥Ý¥ê¥·¡¼¤ò¥¢¥¿¥Ã¥Á¤·¤¿IAM¥í¡¼¥ë¤ò³ä¤êÅö¤Æ¤ë
- Lambda´Ø¿ôËÜÂΤȡ¢°Í¸¥é¥¤¥Ö¥é¥ê¡¢ÀßÄê¥Õ¥¡¥¤¥ë¤ò ZIP ¤Ë¤Þ¤È¤á¤Æ¥¢¥Ã¥×¥í¡¼¥É¤¹¤ë¡£¢¨10MB¤è¤êÂ礤¤¾ì¹ç¤Ï S3¥Ð¥±¥Ã¥È·Ðͳ¤Ç¥¢¥Ã¥×¥í¡¼¥É
- ¥Æ¥¹¥È¼Â¹Ô¤·¤Æ CloudWatch? Logs ¤ò³Îǧ
- ±¿Íѳ«»Ï CloudlWatch? Logs + AWS X-Ray (±¿ÍÑ´Æ»ë) ¤Ç¥â¥Ë¥¿¥ê¥ó¥°
- Lambda ¥ì¥¤¥ä¡¼
- ¶¦ÄÌŪ¤Ë»È¤¦¥é¥¤¥Ö¥é¥ê¤ò¥ì¥¤¥ä¡¼¤Ë¤Þ¤È¤á¤ë
- ºÇÂç 5 ¥ì¥¤¥ä¡¼
- Lambda A, Lambda B, Lambda C ¤«¤é Lambda Layer ¤Ë¤¢¤ë¶¦Ḁ̈饤¥Ö¥é¥ê¤ò»²¾È¤¹¤ë
- Lambda ¥Ð¡¼¥¸¥ç¥Ë¥ó¥°
- Lambda ¤Ï¡¢´Ø¿ô¤òÇÛÈ÷¤¹¤ë¤´¤È¤Ë¥Ð¡¼¥¸¥ç¥ó¤òÀßÄꤹ¤ë
- Lambda ¤Î¥¨¥¤¥ê¥¢¥¹¤òÀßÄꤹ¤ë¤³¤È¤Ë¤è¤Ã¤Æ¡¢³«È¯ÈÇ¡¦¦ÂÈÇ¡¦¸ø³«ÈǤǥС¼¥¸¥ç¥ó¤òʬ¤±¤ë¤³¤È¤¬¤Ç¤¤ë
¥¨¥¤¥ê¥¢¥¹ | ´Ø¿ô¥Ð¡¼¥¸¥ç¥ó |
XX | 2 |
XX_PRODUCT | 2 |
XX_BETA | 3 |
XX_DEVELOP | 4 (=latest) |
- Lambda ÀßÄê
- ´Ä¶ÊÑ¿ô
- ¥á¥â¥ê¥µ¥¤¥º (128MB〜10240MB)
- ¥¿¥¤¥à¥¢¥¦¥È (¥Ç¥Õ¥©¥ë¥È 3ÉᢺÇÂç 900ÉÃ(15ʬ))
- ¥â¥Ë¥¿¥ê¥ó¥° (Cloud Watch, AWS X-RAY)
- Lmabda VPC (Lambda¤òÆÃÄê¤ÎVPCÆâ¤ÇÆ°¤«¤¹¤³¤È¤¬²Äǽ)
- Lambda EFS (EFS¤ò¥Þ¥¦¥ó¥È²Äǽ)
- Lambad Ʊ»þ¼Â¹Ô¿ô (ºÇÂç1000)
- Lambda ¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥° (Ä̾ïÀßÄê¤Ç¤Ï¡¢¥ê¥¯¥¨¥¹¥È¤¬Í¤Ã¤Æ¤«¤é¥×¥í¥»¥¹¤òΩ¤Á¾å¤²¤ë(¥³¡¼¥ë¥É¥¹¥¿¡¼¥È)¡£°ìÄê¿ô¤Î¥×¥í¥»¥¹¤ò¾ï»þΩ¤Á¾å¤²¤Æ¤ª¤¯(³ÎÊÝ=¥×¥í¥Ó¥¸¥ç¥Ë¥ó¥°)¤·¤Æ¤ª¤¯¤³¤È¤¬¤Ç¤¤ë)
- Lambda ¤ÎÈóƱ´ü¼Â¹Ô
- ¼Â¹Ô¤Ë¼ºÇÔ¤·¤¿¾ì¹ç {¥¤¥Ù¥ó¥È¤ÎºÇÂç͸ú´ü´Ö} °ÊÆâ¤Ë¡¢ºÇÂç {ºÆ»î¹Ô} ²óºÆ¼Â¹Ô¤¹¤ë
- ¤½¤ì¤Ç¤â¼ºÇÔ¤·¤¿¤é¡¢¥Ç¥Ã¥È¥ì¥¿¡¼¥¥å¡¼¤ò Amazon SQS ¤ËÁ÷¤ë
- Lambda ¤ÎÀ©¸Â
- ºÇÂç¼Â¸ú¿ô 1000
- ´Ø¿ô¤È¥ì¥¤¥ä¡¼¤Î¹ç·×ÍÆÎÌ 75GB
- ¥á¥â¥ê 128〜10240MB
- ¥¿¥¤¥à¥¢¥¦¥È 15ʬ(900ÉÃ)
- ¥ì¥¤¥ä¡¼ 5
- ¥Ç¥×¥í¥¤¥Ñ¥Ã¥±¡¼¥¸ 50MB¡£´Ø¿ô¤´¤È¤Ë¡¢¥ì¥¤¥ä¡¼¤ò´Þ¤á¤Æ 250MB
- /tmp 512MB
- Lambda ºîÀ®»þ¤Îα°ÕÅÀ
- ÀßÄê¤Ï´Ä¶ÊÑ¿ô¤Ç¹Ô¤¦ (¥³¡¼¥É¤òÊѤ¨¤Ê¤¯¤Æ¤âÎɤ¤¤è¤¦¤Ë¤¹¤ë)
- ¶¦Ḁ̈⥸¥å¡¼¥ë/¥é¥¤¥Ö¥é¥ê¤Ï¥ì¥¤¥ä¡¼¤Ç¶¦Í¤¹¤ë
- ºÆµ¢½èÍý¤Ï¹Ô¤ï¤Ê¤¤ (¢¨ S3¥¤¥Ù¥ó¥ÈÃæ¤Ë¡¢PutObject? ¤·¤¿¤é¤¢¤«¤ó!(¤Þ¤¿ S3¥¤¥Ù¥ó¥È¤¬µ¯¤¤ë))
- Lambda ¤ò¸Æ¤Ó½Ð¤»¤ë¥¤¥Ù¥ó¥È
- Alexa
- API Gateway
- S3
- Cloud Watch (AWS¥¢¥«¥¦¥ó¥ÈÆâ¤ÇȯÀ¸¤·¤¿¥¤¥Ù¥ó¥È¡£ºº¾Ú¤Ê¤É)
- Cloud Watch Logs (ÆÃÄê¤Î°À¤Î¥í¥°¤¬È¯À¸¤·¤¿¤È¤)
- Cloud Formation (²¾Á۴Ķ¤òºî¤ë¥Æ¥ó¥×¥ì¡¼¥ÈÆâ¤Ç Lambda ¤ò¸Æ¤Ó½Ð¤¹¤³¤È¤¬¤Ç¤¤ë)
- Code Commit
- Cognit (Åý¹çǧ¾Ú)
- Config (AWS Config ¥ë¡¼¥ë¤ò»ÈÍѤ·¤Æ¡¢ÀßÄêÊѹ¹»þ¤Ë Lambda¤ò¸Æ¤Ó½Ð¤¹¤³¤È¤¬¤Ç¤¤ë¡£ÀßÄêÊѹ¹¤Î¥Á¥§¥Ã¥¯¤Ê¤É)
- DynamoDB Stream
- Application Load Balancer (ALB¤ÇLambda¤òÉé²Ùʬ»¶)
- AWS IoT
- Kiness Data Streams (¥Ç¡¼¥¿¥¹¥È¥ê¡¼¥à)
- SES (Simple Email Service)
- SNS (Simple Notification Service)
- SQS (Simple Queue Service)
- Step Functions (¥ï¡¼¥¯¥Õ¥í¡¼¤Î°ìÉô¤È¤·¤ÆLambda¤ò¸Æ¤Ó½Ð¤¹)
Amazon API Gateway †
- REST ¤Ç½èÍýÍ×µá¤ò¼õ¤±ÉÕ¤±¤Æ Lambda ¤ò¼Â¹Ô¤¹¤ë
. . . . . . . . . . . . . . . . . . . . . . . . . .
:AWS Cloud
: . . . . . . . . . . . . . . . . . . . . . .
: :Region
¥Ö¥é¥¦¥¶ -----+-(REST)--API Gateway-----Lambda-----DynamoDB
| :
+-(HTTP)--Colud Front-----S3¥Ð¥±¥Ã¥È (ÀÅŪ¥³¥ó¥Æ¥ó¥Ä)
: :
: . . . . . . . . . . . . . . . . . . . . . .
:. . . . . . . . . . . . . . . . . . . . . . . . . .
- ľÀÜ DynamoDB ¤òÁàºî¤¹¤ë¤³¤È¤â¤Ç¤¤ë
. . . . . . . . . . . . . . . . . . . . . . . . . .
:AWS Cloud
: . . . . . . . . . . . . . . . . . . . . . .
: :Region
: : +--DynamoDBPullItem--+
¥Ö¥é¥¦¥¶ -----+-(REST)--API Gateway--+ +-----DynamoDB
: : +--DynamoDBGetItem---+
: :
: . . . . . . . . . . . . . . . . . . . . . .
:. . . . . . . . . . . . . . . . . . . . . . . . . .
- ¥¢¥¯¥»¥¹Ç§¾Ú¡¦À©¸Â
- ¥Ð¥Ã¥¯¥¨¥ó¥Éǧ¾ÚÍÑSSL¾ÚÌÀ½ñ
- ¥ê¥½¡¼¥¹Ç§¾Ú (¥¢¥¯¥»¥¹¸µIP¥¢¥É¥ì¥¹¤ÎÈϰϤʤÉ)
- IAMǧ¾Ú
- Cognito¥ª¡¼¥µ¥é¥¤¥¶ (Cognito¤Çǧ¾Ú¤ò¹Ô¤¦(¥¢¥¯¥»¥¹¸µ¤Ë°ì»þŪ¤Ë¤ËIAM¸¢¸Â¤òÍ¿¤¨¤ë))
- Lambda¥ª¡¼¥µ¥é¥¤¥¶¡¼ (Æȼ«¤ÎLambda¤Çǧ¾Ú¤ò¹Ô¤¦)
- »ÈÍÑÎÌ¥×¥é¥ó (¥¹¥í¥Ã¥È¥ê¥ó¥°)
- ¥ì¡¼¥È 100¥ê¥¯¥¨¥¹¥È/Éà (ºÇÂç10000)
- ¥Ð¡¼¥¹¥È 500¥ê¥¯¥¨¥¹¥È/¥ß¥êÉÃ
- ¥¯¥ª¡¼¥¿¡¼ 1000000¥ê¥¯¥¨¥¹¥È/·î
- API¥¡¼¤´¤È¤Ë¥¹¥í¥Ã¥È¥ê¥ó¥°¤ò»ØÄê¤Ç¤¤ë
- ¥á¥Ã¥»¡¼¥¸ÊÑ´¹
- ñ½ã¤Ë REST ¤ò JSON ¤ËÊÑ´¹¤·¤Æ Lambda ¤ËÅϤ¹ API Gateway ¤òºî¤ë¤³¤È¤¬¤Ç¤¤ë
- Ê£»¨¤Ê¤Î¤Ç¤Ï¡¢REST ¤ò DynamoDBGetItem? ¤ËÊÑ´¹¤·¤Æ DynamoDB ¤ò¸Æ¤Ó½Ð¤¹¤è¤¦¤Ê¤â¤Î¤òºî¤ë¤³¤È¤¬¤Ç¤¤ë
- ¥¥ã¥Ã¥·¥å
- Ʊ¤¸ REST ¥¢¥¯¥»¥¹¤ËÂФ·¤Æ¡¢°ìÄê´ü´Ö¤Ï¥¥ã¥Ã¥·¥å¤ÎÆâÍƤòÊÖ¤¹ (Lambad ¤ò¸Æ¤Ó½Ð¤µ¤Ê¤¤) ¤³¤È¤¬¤Ç¤¤ë
- ¥í¥°
- Import/Export
- Swagger·Á¼°¤Ç¥¤¥ó¥Ý¡¼¥È¡¦¥¨¥¯¥¹¥Ý¡¼¥È¤¬²Äǽ
- ¥¹¥Æ¡¼¥¸ÊÑ¿ô
- ¸å³¤Î Lambda ¤Î¥¨¥¤¥ê¥¢¥¹¤ò¡¢¥¹¥Æ¡¼¥¸ÊÑ¿ô¤ÇÀ©¸æ¤¹¤ë
- API Gateway ¤Î¥¹¥Æ¡¼¥¸ÊÑ¿ô alias = prod (³«È¯ÈÇ)
- API Gateway ¤Î¸å³¤Î Lambda¤ÎÀßÄê {arn:aws:lambda:us-east-1:123456789012:function:XXXXXFunc:${stageVariables.alias}
- API Gateway ¤¬ call ¤µ¤ì¤¿¤È¤¡¢¸Æ¤Ð¤ì¤ë Lambda´Ø¿ô¤Ï arn:aws:lambda:us-east-1:123456789012:function:XXXXXFunc:prod
- Lambda ´Ø¿ô¤Î¥ê¥½¡¼¥¹¥Ý¥ê¥·¡¼
¥³¥ó¥Æ¥Ê (Docker) †
- EC2¥µ¡¼¥Ð¤ËDocker¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¡¢¾¡¼ê¤Ë»È¤Ã¤Æ¤â¤è¤¤
- docker pull
- docker run
- docker stop
- docker rm
- AWS¤¬¥³¥ó¥Æ¥Ê¤Î¼Â¹Ô´Ä¶¤òÍÑ°Õ¤·¤Æ¤¯¤ì¤Æ¤¤¤ë
- ECS (Amazon Elastic Container Service)
- ECR (Amazon Elastic Container Registory)
- ImagesºîÀ®¤Î¼ê½ç
- Dockerfile¤òºî¤ë (Cloud9 ¤Ç¤ä¤ë¤Î¤¬¤ª¤¹¤¹¤á)
- aws ecr ¥³¥Þ¥ó¥É¤Ç¡¢°ì»þ¥í¥°¥¤¥ó¥Ñ¥¹¥ï¡¼¥É¤òȯ¹Ô¤·¤Æ¡¢docker (docker¥³¥Þ¥ó¥É¤ÎÀßÄê¥Õ¥¡¥¤¥ë) ¤ËÀßÄꤹ¤ë
$ aws ecr get-login-password --region us_east-1 | docker login --username AWS --passwoed-stdin 123456789011.dkr.ecr.us-east-1.amazon.com
- docker build, docker tag ¤Ç¥¤¥á¡¼¥¸¤òºî¤ë
- docker push ¤Ç ECR ¤Ë¥¤¥á¡¼¥¸¤ò¥¢¥Ã¥×¥í¡¼¥É¤¹¤ë
¥á¥Ã¥»¡¼¥¸¥ó¥° †
- Amazon SQS (Simple Queue Service)
- Amazon SNS (Simple Notification Service)
- µ¯¤¤¿¤³¤È¤ò·Ç¼¨ÈÄ (Topic)¤ËŽ¤êÉÕ¤±¤ë¥¤¥á¡¼¥¸
- TopicÁàºî
- CreateTopic?
- Publish
- Subscribe
- DeleteTopic?
- Á÷¿®Â¦¡§¥Ñ¥Ö¥ê¥Ã¥·¥ã¡¼\
- AWS SDKs, CloudWatch? Alarm, CloudWatch? Event, RDS Event
- ¼õ¿®Â¦¡§¥µ¥Ö¥¹¥¯¥é¥¤¥Ð
- Lambda, SQS, SMS (Mail), ¥â¥Ð¥¤¥ë¥¢¥×¥ê, HTTP, AWS Chatbot
- ¥Õ¥¡¥ó¥¢¥¦¥È
- ÆÃÄê¤Î¥µ¥Ö¥¹¥¯¥é¥¤¥Ð¤Î¥°¥ë¡¼¥×¤Ë¤Ï¡¢Á´Éô¤Î°À¾ðÊó¤òÁ÷¤ê¡¢¤½¤Î¾¤Î¥°¥ë¡¼¥×¤Ë¤Ï¥á¥Ã¥»¡¼¥¸¤Î¤ß¤òÁ÷¤ë¤è¤¦¤Ë¤¹¤ë
- raw¥á¥Ã¥»¡¼¥¸¤ò̵¸ú²½¡§¤¹¤Ù¤Æ¤Î°À¥Ç¡¼¥¿¤òÁ÷¤ë
- raw¥á¥Ã¥»¡¼¥¸¤ò͸ú²½¡§¥á¥Ã¥»¡¼¥¸¤Î¤ß¤òÁ÷¤ë (µÕ¤Î¤è¤¦¤Êµ¤¤â¤¹¤ë¤±¤É¤³¤ì¤Ç¤¢¤Ã¤Æ¤ë)
- ÀßÄê
- SNS¥È¥Ô¥Ã¥¯¥Ý¥ê¥·¡¼¤ÎÀßÄꡧ¤É¤³¤Ë¥Ñ¥Ö¥ê¥Ã¥·¥å¤¹¤ë¤«
- SNS¥µ¥Ö¥¹¥¯¥ê¥×¥·¥ç¥ó¤ÎÀßÄê : ¥µ¥Ö¥¹¥¯¥é¥¤¥Ð¤ÎÀßÄê¡¢raw¥á¥Ã¥»¡¼¥¸¤Îȯ¿®¤ò͸ú²½¡¦¥Õ¥£¥ë¥¿¡¼¥Ý¥ê¥·¡¼
- Amazon MQ
Amazon Kinesis †
- ¥Ë¥¢¥ê¥¢¥ë¥¿¥¤¥à¤Ê¥Ç¡¼¥¿¥¹¥È¥ê¡¼¥à½èÍý
Amazon Kinesis Video Stream | ¥Ó¥Ç¥ª¥Ç¥Ð¥¤¥¹¤«¤éAWS¤ò»È¤Ã¤¿ÇÛ¿®¡£Amazon Rekognition Vidio Æ°²èʬÀÏ |
Amazon Kinesis Date Stream | ¿ôGB/sec ¤Î¥Ç¡¼¥¿¥¹¥È¥ê¡¼¥ß¥ó¥°½èÍý |
Amazon Kinesis Data Firehouse | ¥¹¥È¥ê¡¼¥à¥Ç¡¼¥¿¤Î³ÊǼ¡£S3, Redshift, Elasticsearch Service |
Amazon Kinesis Data Analytics | ¥¹¥È¥ê¡¼¥à¥Ç¡¼¥¿¤ÎʬÀÏ¡£SQL, Apache Flink |
- SDK
- ¥×¥í¥Ç¥£¥æ¡¼¥µ¡¼Â¦ KPL (Kinesis Producer Library)
- ¥³¥ó¥·¥å¡¼¥Þ¡¼Â¦ KCL (Kinesis Client Library)
- ½èÍý¤Ï¡¢¥·¥ã¡¼¥É¤Ç¹Ô¤ï¤ì¤ë¡£¥·¥ã¡¼¥É¤òÁý¤ä¤¹¤È¡¢·×»»Ç½ÎϤ¬¥¹¥±¡¼¥ë¤¹¤ë
AWS Step Functions †
- AWS ¤Î¥Þ¥¤¥¯¥í¥µ¡¼¥Ó¥¹¤òÁȤ߹ç¤ï¤»¤¿¥ï¡¼¥¯¥Õ¥í¡¼¤òºîÀ®¡¦À©¸æ¤¹¤ë
- ¥¹¥Æ¡¼¥È¥Þ¥·¥ó (¾õÂÖÁ«°Ü¥Þ¥·¥ó)
- JSON¤Çµ½Ò¤¹¤ë
- ¥Õ¥í¡¼¥Á¥ã¡¼¥È¤Çɽ¤¹¤³¤È¤¬¤Ç¤¤ë
- Pass : ¼¡¤Î¥Î¡¼¥ÉÅϤ¹°ú¿ô¤òÀßÄꤹ¤ë¥Î¡¼¥É {Type:"Pass", Result:"1234", Next:"Task123"}
- Task : AWS¤Î¥µ¡¼¥Ó¥¹¤òµ¯Æ°¤¹¤ë
- Activity : Æȼ«¤ÎEC2¾å¤ÇÆ°¤¯¥µ¡¼¥Ó¥¹¤òµ¯Æ°¤¹¤ë
- Wait : ÂÔ¤Á
- Choice : ¾ò·ïʬ´ô
- Fail : Step Function ¤ò"¼ºÇÔ" ¥¹¥Æ¡¼¥¿¥¹¤Ç½ªÎ»¤¹¤ë
- Parallel : Step Function ¤Î°ìÉô¤òÊÂÎó¤Ç½èÍý¤µ¤»¤ë
- Map : Map¤âÊÂÎó½èÍý¤À¤¬¡¢Â¿½ÅÅÙ¤¬¼Â¹Ô»þ¤Ë·è¤Þ¤ë
- InputPath?, ResultPath?, OutputPath? : Task ¤Ç lambda ¤òµ¯Æ°¤¹¤ë¤È¤¤Ë°ú¿ô¤òÅϤ¹¤È¤¤Ë»È¤¦
- ¼Â¹ÔÊýË¡
- Start Execution API ¤ò»È¤Ã¤Æ¼Â¹Ô
- Cloud Wathc Event¥ë¡¼¥ë¤Ç¡¢ÆÃÄê¤Î¥¤¥Ù¥ó¥È¤¬µ¯¤¤¿»þ¤Ë¼Â¹Ô
- API Gateway ·Ðͳ¤Ç¼Â¹Ô
¥Ù¥¹¥È¥×¥é¥¯¥Æ¥£¥¹ †
- Auto Scaling
- EC2 Web Auto Scaling (Web¥¢¥×¥ê)
- EC2 Worker Auto Scaling (SQS¤Î¸å³½èÍý)
- Lambda ¤â¤È¤â¤È¾¡¼ê¤Ë¥¹¥±¡¼¥ë¤¹¤ë
- RDS ¥ê¡¼¥É¥ì¥×¥ê¥«¤ò5¤Ä¤Þ¤Çºî¤ì¤ë
- Aurora ¥ê¡¼¥É¥ì¥×¥ê¥«¤ò15¤³¤Þ¤Çºî¤ì¤ë¡£AUC(2GB) ¤ÎºÇÂçÃͤȺǾ®Ãͤò·è¤á¤é¤ì¤ë
- DynamoDB WCU(Write 1KB/sec) RCU(Read 4KB/sec) ¤ÎºÇÂçÃͤȺǾ®Ãͤò·è¤á¤é¤ì¤ë¡£CloudWatch?¤ÈÁȤ߹ç¤ï¤»¤Æ¥ª¡¼¥È¥¹¥±¡¼¥ê¥ó¥°¤Ç¤¤ë¡£ÍÆÎ̤Ï̵À©¸Â
- S3 ÍÆÎÌ̵À©¸Â¡£3500²ó/sec°Ê¾å¤Î½ñ¤¹þ¤ß(PUT,COPY,POST,DELETE)¡¢5000²ó/sec°Ê¾å¤ÎÆɤ߹þ¤ß(GET,HEAD)¤¬È¯À¸¤¹¤ë¤È¤¤Ï¡¢¥¡¼¤Î¥×¥ì¥Õ¥£¥Ã¥¯¥¹¤òʬ¤±¤ë
- ¥¢¥×¥êÊý¼°¤ÎÄêÀÐ
- EC2¥¤¥ó¥¹¥¿¥ó¥¹¤ò¤¤¤Á¤¤¤Á¼êºî¶È¤Çºî¤é¤Ê¤¤
- AMI (Amazon Machine Image) ¤ò¥¤¥ó¥¹¥¿¥ó¥¹¤ËŸ³«¤¹¤ì¤Ð¡¢¤¹¤°¤ËÆ°¤«¤»¤ë¤è¤¦¤Ë¤¹¤ë
- ¥Ç¡¼¥¿¤Ï¡¢½é²óµ¯Æ°»þ¤Ë¡¢Í½¤á·è¤á¤Æ¤ª¤¤¤¿ S3 ¥Ð¥±¥Ã¥È¤ÎºÇ¿·ÈǤò¼è¤Ã¤Æ¤¯¤ë¤è¤¦¤Ë¤¹¤ë
- ¥¹¥Æ¡¼¥È¥ì¥¹¤Ë¤¹¤ë or ¥¹¥Æ¡¼¥È¤ò Elastic Cache (Redis, Memcached) ¤Ë»ý¤Ä¤è¤¦¤Ë¤¹¤ë¡£(Cache¤ÏÁ´¥¤¥ó¥¹¥¿¥ó¥¹¶¦Ä̤ʤΤǡ¢¥¹¥±¡¼¥ë¤·¤ÆΩ¤Á¾å¤¬¤Ã¤¿¥¤¥ó¥¹¥¿¥ó¥¹¤Ë½èÍýÍ׵᤬¹Ô¤Ã¤Æ¤âÀ°¹çÀ¤òÊݤäƽèÍý¤Ç¤¤ë¡£¥¤¥ó¥¹¥¿¥ó¥¹¤¬¥¹¥Æ¡¼¥È¤ò»ý¤Ã¤Æ¤¤¤ë¤È¥¹¥±¡¼¥ë¤Ç¤¤Ê¤¤)
- Á·ë¹ç
- ¥Õ¥¡¥ó¥¢¥¦¥È¡§Á·ë¹ç¤Î°ì¼ï¡£Topic¤ò»È¤Ã¤Æ¡¢¤¢¤ë¥¤¥Ù¥ó¥È¤ò·Àµ¡¤ËÆ°¤¯½èÍý¤ò¡¢´û¸¥·¥¹¥Æ¥à¤Ë±Æ¶Á¤Ê¤¯Áý¤ä¤»¤ë¤è¤¦¤Ë¤¹¤ë
- ¼«Á°¤Ç¥µ¡¼¥Ó¥¹¤òºî¤é¤º¤Ë¡¢¤Ê¤ë¤Ù¤¯ AWS ¤Î¥µ¡¼¥Ó¥¹¤ò»È¤¦ (¤â¤È¤â¤È¥¹¥±¡¼¥ë¤¬¹Í¤¨¤é¤ì¤Æ¤¤¤ë¤Î¤Ç)
- ŬÀڤʥǡ¼¥¿¥Ù¡¼¥¹¤ò»È¤¦
- Amazon RDS (Oracle,MS-SQL Sever,MySQL,PostgreSQL,MariaDB) ¥¹¥±¡¼¥ë¤·¤Ê¤¯¤Æ¤¤¤¤¤È¤¤Ë»È¤¦
- Amazon Aurora (MySQL, PostgreSQL ¸ß´¹API ¤ò»ý¤Ä AWS¥µ¡¼¥Ó¥¹) ¥¹¥±¡¼¥ëÁ°Äó¡¢Àǽ¤Ï MySQL¤Î5ÇÜ¡¢PostgreSQL¤Î3ÇÜ¡£3¤Ä¤ÎAZ¤Ë6¤Ä¤Î¥ì¥×¥ê¥±¡¼¥·¥ç¥ó¤òºî¤ì¤ë)
- Amazon DynamoDB (NoSQL¡¢¥¹¥±¡¼¥ë¤¹¤ë)
- Amazon Redshift (DWH ¥Ç¡¼¥¿Ê¬ÀÏ)
- Amazon Elastic Cache (Memcached, Redis Pub/Sub)
- Amazon Neptune (¥°¥é¥ÕDB¡¢¹¹ðÇÛ¿®¤Ê¤É¤Ç»È¤ï¤ì¤ë)
- ñ°ì¾ã³²ÅÀ¤ò¤Ê¤¯¤¹
- ¥³¥¹¥È¤òºÇŬ²½¤¹¤ë
- API²½ EC2¾å¤ÎÆȼ«¥¢¥×¥ê ¢ª API Gateway + Lambda
- CI/CD CodeStar?
- ̤俤é DynamoDB »È¤Ã¤È¤±
- ¥¥ã¥Ã¥·¥å¤ò»È¤¨
- CloudFront? (Web¥Õ¥í¥ó¥È)
- ElasticCache? (¥Ð¥Ã¥¯¥¨¥ó¥É)
- Ãٱ䥥ã¥Ã¥·¥å Elastic Cache ¤ò¸«¤Ë¹Ô¤Ã¤Æ¡¢¾ðÊ󤬤ʤ±¤ì¤Ð DynamoDB ¤ò¸«¤ë
- ½ñ¤¹þ¤ß¥¹¥ë¡¼ Write Through = DynamoDB ¤ò¹¹¿·¤¹¤ë¤È¤¤Ï¡¢Elastic Cache ¤â¹¹¿·¤¹¤ë
- ¤¹¤Ù¤Æ¤Î¥ì¥¤¥ä¤Ç¥»¥¥å¥ê¥Æ¥£¤ò¼ÂÁõ¤¹¤ë
- ¥Ç¡¼¥¿¤ÎÁý²Ã¤ËÈ÷¤¨¤ë ¢ª S3/DynamoDB ¤ÏÍÆÎÌ̵À©¸Â
°Ü¹Ô †
REHOST | ¥ª¥ó¥×¥ì¥ß¥¹¤ÎLinux+Redmine+MySQL ¤ò EC2¾å¤ËƱ¤¸¹½À®¤Ç»ý¤Ã¤Æ¤¤¤¯ |
REPLATFORM | ¥³¡¼¥É¤ä¥Ç¡¼¥¿¤ÏÊѹ¹¤·¤Ê¤¤¡£¥í¡¼¥É¥Ð¥é¥ó¥µ+EC2+EFS+RDS ¤ò»È¤¤¾éĹ¹½À®¤ÎRedmine¤Ë°Ü¹Ô¤¹¤ë |
REPURCHASE | Redmine ¤«¤é backlog (SaaS)¤Ë°Ü¹Ô¤¹¤ë |
REFACTOR/RE-ARCHETECT | ºÆ¹½ÃÛ |
RETIRE | ÇÑ»ß |
RETAIN | ¸³ |
¥â¥Ë¥¿¥ê¥ó¥° †
- Amazon Cloud Watch
- ¥«¥¹¥¿¥à¥á¥È¥ê¥¯¥¹
- ¥µ¡¼¥Ó¥¹ÁȤ߹þ¤ß¤Î¥á¥È¥ê¥¯¥¹¤Î¾¤Ë¡¢Æȼ«¤Î¥á¥È¥ê¥¯¥¹¤òºî¤ë¤³¤È¤¬¤Ç¤¤ë
- Æȼ«¤Î´Æ»ë¥¢¥×¥ê¤Ï¡¢PutMetricData? API¤Ç¥á¥È¥ê¥¯¥¹¤òÊó¹ð¤¹¤ë
- EC2
¥á¥È¥ê¥¯¥¹ | |
CPUUtilization | |
NetworkIn? | |
NetworkOut? | |
StatusCheckFailed? | ¥¹¥Æ¡¼¥¿¥¹¤Þ¤¿¤Ï¥·¥¹¥Æ¥à¥Á¥§¥Ã¥¯¤Ë¼ºÇÔ¤·¤¿¾ì¹ç¤Ï1¡¢Àµ¾ï»þ¤Ï0 |
- EBS
¥á¥È¥ê¥¯¥¹ | |
VolumeReadOps? | |
VolumeWriteOps? | |
- RDS
¥á¥È¥ê¥¯¥¹ | |
DatabaseConnections? | |
ReadOPS | |
WriteOps? | |
FreeableMemory? | |
- DynamoDB
¥á¥È¥ê¥¯¥¹ | |
ProvisionedWriteCapacityUnits? | ¹ØÆþ¤·¤¿½ñ¤¹þ¤ß¥¥ã¥Ñ¥·¥Æ¥£¥æ¥Ë¥Ã¥È |
ProvisionedReadCapacityUnits? | ¹ØÆþ¤·¤¿Æɤ߹þ¤ß¥¥ã¥Ñ¥·¥Æ¥£¥æ¥Ë¥Ã¥È |
ConsumedWriteCapacityUnits? | »È¤Ã¤Á¤ã¤Ã¤¿½ñ¤¹þ¤ß¥¥ã¥Ñ¥·¥Æ¥£¥æ¥Ë¥Ã¥È |
ConsumedReadCapacityUnits? | »È¤Ã¤Á¤ã¤Ã¤¿Æɤ߹þ¤ß¥¥ã¥Ñ¥·¥Æ¥£¥æ¥Ë¥Ã¥È |
ThrottledRequest? | ¥¥ã¥Ñ¥·¥Æ¥£¥æ¥Ë¥Ã¥È¤Ë¤è¤Ã¤ÆÀßÄꤵ¤ì¤¿¥¹¥ë¡¼¥×¥Ã¥È¤òĶ¤¨¤ë¥ê¥¯¥¨¥¹¥È |
ReadThrottleEvent? | ¡·Æɤ߹þ¤ß¥ê¥¯¥¨¥¹¥È |
WriteThrottleEvent? | ¡·½ñ¤¹þ¤ß¥ê¥¯¥¨¥¹¥È |
- S3
¥á¥È¥ê¥¯¥¹ | |
BucketSizeBytes? | |
NumberOfObjects? | |
- Lambda
¥á¥È¥ê¥¯¥¹ | |
Invocations | ¸Æ¤Ó½Ð¤·¥ê¥¯¥¨¥¹¥È²ó¿ô |
ConcurrentExecutions? | ¸Æ¤Ó½Ð¤·´Ø¿ô¥¤¥ó¥¹¥¿¥ó¥¹¿ô |
Errors | |
Throttles | Ʊ»þ¼Â¹Ô¿ô¤¬¸Â³¦¤«¤é°î¤ì¤Æ¥¹¥í¥Ã¥È¥ê¥ó¥°¤µ¤ì¤¿²ó¿ô |
Duration | ´Ø¿ô¤Î¼Â¹Ô»þ´Ö |
- API Gateway
¥á¥È¥ê¥¯¥¹ | |
Count | ¥ê¥¯¥¨¥¹¥È¿ô |
4XXError | ¥¯¥é¥¤¥¢¥ó¥È¦¤Î¥¨¥é¡¼ |
5XXError | ¥µ¡¼¥Ð¦¤Î¥¨¥é¡¼ |
IntegrationLatency? | APIGateway ¤¬¥Ð¥Ã¥¯¥¨¥ó¥É¤Ë¥ê¥¯¥¨¥¹¥È¤òÁ÷¿®¤·¤Æ¤«¤é¥ì¥¹¥Ý¥ó¥¹¤ò¼õ¤±¼è¤ë¤Þ¤Ç¤Î»þ´Ö |
Latency | APIGateway¤¬¥¯¥é¥¤¥¢¥ó¥È¤«¤é¥ê¥¯¥¨¥¹¥È¤ò¼õ¤±¼è¤Ã¤Æ¡¢¥ì¥¹¥Ý¥ó¥¹¤òÊÖ¤¹¤Þ¤Ç¤Î»þ´Ö |
- SQS
¥á¥È¥ê¥¯¥¹ | |
SentMessageSize? | |
NumberOfMessagesSent? | |
NumberOfMessagesReceived? | |
NumberOfEmptyReceives? | |
ApproximateNumberOfMessagesVisible? | ¼èÆÀ²Äǽ¤Ê¥á¥Ã¥»¡¼¥¸¿ô¡£²Ä»ë¥¿¥¤¥à¥¢¥¦¥È¤Ë¤Ê¤Ã¤Æ¤¤¤Ê¤¤¥á¥Ã¥»¡¼¥¸ |
ApproximateNumberOfMessagesNotVisible? | ½èÍýÃæ¤Î¥á¥Ã¥»¡¼¥¸¿ô¡£²Ä»ë¥¿¥¤¥à¥¢¥¦¥È¤Ë¤è¤Ã¤Æ¸«¤¨¤Ê¤¯¤Ê¤Ã¤Æ¤¤¤ë¥á¥Ã¥»¡¼¥¸ |
- SNS
¥á¥È¥ê¥¯¥¹ | |
NumberOfMessagesPublished? | ¥È¥Ô¥Ã¥¯¤Ë¥Ñ¥Ö¥ê¥Ã¥·¥å¤µ¤ì¤¿¥á¥Ã¥»¡¼¥¸¿ô |
NumberOfNotificationsDeliverd? | ¥µ¥Ö¥¹¥¯¥é¥¤¥Ö¤ËÀµ¾ïÇÛ¿®¤µ¤ì¤¿¥á¥Ã¥»¡¼¥¸¿ô |
NumberOfNotificationsFailed? | ¥µ¥Ö¥¹¥¯¥é¥¤¥Ö¤Ø¤ÎÇÛ¿®¤Ë¼ºÇÔ¤·¤¿¥á¥Ã¥»¡¼¥¸¿ô |
PublishSize? | ¥È¥Ô¥Ã¥¯¤Ë¥Ñ¥Ö¥ê¥Ã¥·¥å¤µ¤ì¤¿¥á¥Ã¥»¡¼¥¸¥µ¥¤¥º |
- Step Functions
¥á¥È¥ê¥¯¥¹ | |
ExecutionTime? | ³«»Ï¤«¤é½ªÎ»¤Þ¤Ç¤Î»þ´Ö |
ExecutionThrottled? | À©¸Â¤Ë㤷¤¿¼Â¹Ô²ó¿ô¡£¥¯¥ª¡¼¥¿°ú¤¾å¤²¤Î¥ê¥¯¥¨¥¹¥È¤ò¹Ô¤¦(¾å¸Â´ËϤο½ÀÁ¤ò¹Ô¤¦) |
ExecutionsFailed? | |
ExecutionsStarted? | |
ExecutionsSucceded? | |
ExecutionsTimeOut? | |
- CloudWatch? Logs
- ¥¢¥×¥ê¥í¥°¤Î½ÐÎÏÀè (Syslog¤ÎAWSÈÇ)
- ¥»¥Ã¥È¥¢¥Ã¥×
- IAM¥í¡¼¥ë¤ÎºîÀ®
CloudWatchAgentAdminPolicy? |
AmazonSSMManagedInstanceCore? |
Action
cloudwath:PutMetricData? |
logs:PutLogEvents? |
- Systems Manager ¤ò»È¤Ã¤Æ¡¢CloudWatch? ¥¨¡¼¥¸¥§¥ó¥È¤ò¥¤¥ó¥¹¥È¡¼¥ë
- CloudWatch? ¥¨¡¼¥¸¥§¥ó¥ÈÀßÄê¥Õ¥¡¥¤¥ë¤ÎºîÀ®
$ sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
$ sudo amazon-linux-extras install -y epel
$ sudo yum -y install collectd
- CloudWatch? ¥¨¡¼¥¸¥§¥ó¥È¤Î³«»Ï
- ¥á¥È¥ê¥¯¥¹¥Õ¥£¥ë¥¿¡¼
- Cloudwatch Logs ¤Ë½ÐÎϤ·¤¿¥í¥°¤«¤é¡¢Ê¸»úÎó¤Ê¤É¤Ç¥Õ¥£¥ë¥¿¥ê¥ó¥°¤·¤Æ¡¢¥á¥È¥ê¥¯¥¹¤Ë¤¹¤ë
- CloudWatch? ¥À¥Ã¥·¥å¥Ü¡¼¥É
- VPC¥Õ¥í¡¼¥í¥°
- VPC ¤Î ENI ¤Î¥Ñ¥±¥Ã¥È¥¥ã¥×¥Á¥ã¡¼
- ¥¥ã¥×¥Á¥ã¡¼¥í¥°¤Ï S3 ¤Þ¤¿¤Ï¡¢CloudWatch? Logs ¤Ë½ÐÎϤǤ¤ë
- AWS CloudTrais?
- AWS¥¢¥«¥¦¥ó¥È¾ì¤Ç¹Ô¤ï¤ì¤¿¥¢¥¯¥·¥ç¥ó¤òµÏ¿¤¹¤ë
- EC2¥¤¥ó¥¹¥¿¥ó¥¹Íî¤È¤·¤¿¤Î¤Ïï¤À¤è!
- ¾ðÊóϳ±Ì¤Î¸¶°ø¤È¤Ê¤Ã¤¿¥»¥¥å¥ê¥Æ¥£¥°¥ë¡¼¥×¤ÎÊѹ¹¤ò¤·¤¿¤Îï¤À¤è!
- ÉÔÀµ°À¤·¤¿¥æ¡¼¥¶¤¬²¿¤ä¤Ã¤¿¤Î¤«?
- ¥ê¥¯¥¨¥¹¥È¤Î¥Ö¥í¥Ã¥¯¥í¥°¤Ë¤è¤Ã¤Æ¹¶·â¤¬È¯À¸¤·¤¿»ö¤òÃΤë
- AWS X-Ray
- ¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ÎÀøºßŪ¤Ï¥Ð¥°¤òÆÃÄꤷ¤¿¤ê¡¢¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹¤Î¥Ü¥È¥ë¥Í¥Ã¥¯¤òÆÃÄꤹ¤ë
- ¥¢¥×¥ê¤ÎÆâÉô¤ò¥Þ¥Ã¥×²½¤·¤Æ¥È¥ì¡¼¥¹¤ÇʬÀϤ¹¤ë
- Lambda ¤Ç X-Ray ¥È¥ì¡¼¥¹¤ò͸ú²½¤¹¤ë
- ¥¢¥¯¥Æ¥£¥Ö¥È¥ì¡¼¥¹¤ò͸ú²½¤¹¤ë
ɬÍ×¥í¡¼¥ë
xray:PutTraceSegments? |
xray:PutTelemetryRecords? |
- AWS X-Ray SDK ¤ò¥³¡¼¥É¤Ë´Þ¤á¤ë
- ¥³¡¼¥É¤òÄɲ乤ë
- X-Ray¥µ¡¼¥Ó¥¹¥Þ¥Ã¥×
- X-Ray¥È¥ì¡¼¥¹
- X-Ray SDK
- X-Ray API¥¢¥¯¥·¥ç¥ó
- PutTraceSegments? ¥È¥ì¡¼¥¹¥Ç¡¼¥¿¤ÎÁ÷¿®
- GetServiceGraph? JSON¥µ¡¼¥Ó¥¹¥°¥é¥¹¤Î¾ðÊó¤ò¼èÆÀ
- GetTraceSummaries? ¥È¥ì¡¼¥¹¤Î¥µ¥Þ¥ê¾ðÊó¤ò¼èÆÀ
- BatchGetTrace? ¥È¥ì¡¼¥¹¤òID¤Î¥ê¥¹¥È¤Ç¤Þ¤È¤á¤Æ¼èÆÀ
¥È¥é¥Ö¥ë¥·¥å¡¼¥Æ¥£¥ó¥° †
- 5xx¥µ¡¼¥Ð¦¤Î¥¨¥é¡¼ ¢Í ºÆ»î¹Ô
- 4xx¥¯¥é¥¤¥¢¥ó¥È¦¤Î¥¨¥é¡¼ ¢Í ¥½¡¼¥¹¥³¡¼¥É¤Î½¤Àµ
- ¥¹¥í¥Ã¥È¥ê¥ó¥°¥¨¥é¡¼ ¢Í ¥¯¥ª¡¼¥¿¡¼¤Î°ú¤¾å¤²¿½ÀÁ
- Ʊ»þ¼Â¹Ô¿ô¤ÎÀ©¸Â¤òĶ¤¨¤¿¤È¤
- RateExceeded?¥¨¥é¡¼
- CloudWatch? ¤Î Throttles ¥á¥È¥ê¥¯¥¹
- KMS (AWS Key Management Service) ¤Î¥ê¥¯¥¨¥¹¥È¥¯¥©¡¼¥¿
- AWS¤ÎAPI¤Ï¡¢¥¨¥¯¥¹¥Ý¥Í¥ó¥·¥ã¥ë¥Ð¥Ã¥¯¥ª¥Õ¤Ç¡¢¼«Æ°Åª¤ËºÆ»î¹Ô¤µ¤ì¤ë
- ¡Ö»Ø¿ô¥Ð¥Ã¥¯¥ª¥Õ¡×¡Ö»Ø¿ô´Ø¿ôŪºÆ»î¹Ô¡×
- ¥»¥¥å¥ê¥Æ¥£
- IAM¥Ý¥ê¥·¡¼¤Çµö²Ä¤µ¤ì¤Æ¤¤¤Ê¤¤¤³¤È¤ò¤ä¤Ã¤¿
- IAM¥Ý¥ê¥·¡¼¤ÇµñÈݤµ¤ì¤Æ¤¤¤ë¤³¤È¤ò¤ä¤Ã¤¿
- IAM¥Ý¥ê¥·¡¼¡§IAM¥æ¡¼¥¶¡¢IAM¥í¡¼¥ë¡¢¥ê¥½¡¼¥¹¥Ù¡¼¥¹¤Î¥Ý¥ê¥·¡¼
- CloudTrais?¤Î¥í¥°¤ò³Îǧ¤¹¤ë
- IAM¥Ý¥ê¥·¡¼¥·¥ß¥å¥ì¡¼¥¿¤Ç¡¢¥æ¡¼¥¶¡¦¥°¥ë¡¼¥×¡¦¥í¡¼¥ë¤òÁªÂò¤·¤Æ¡¢ÆÃÄê¤ÎAPI¥¢¥¯¥·¥ç¥ó¤ò¼Â¹Ô¤Ç¤¤ë¤«¤ò¥¨¥ß¥å¥ì¡¼¥·¥ç¥ó¤Ç¤¤ë
Computer#Basic