Memo/AmazonWebServices

https://dexlab.net:443/pukiwiki/index.php?Memo/AmazonWebServices
 

AWS(Amazon Web Services)


Copilot: ¥³¥ó¥Æ¥Ê¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Î¼«Æ°¥Ç¥×¥í¥¤


Location: ¥Þ¥Ã¥×¡¢°ÌÃÖ¡¢¥ë¡¼¥È


CloudShell


Fluent Bit for Amazon EKS


AMP(Amazon Managed Service for Prometheus)


AMG(Amazon Managed Service for Grafana)


Step Functions: Ê£¿ô¤Îjob¤ò¥ï¡¼¥¯¥Õ¥í¡¼¤Ç»ë³ÐŪ¤Ë´ÉÍý


Gateway Load Balancer: ¥µ¡¼¥É¥Ñ¡¼¥Æ¥£¡¼¤Î¥»¥­¥å¥ê¥Æ¥£À½Éʤò·Ðͳ¤·¤Æ¥¢¥¯¥»¥¹¤µ¤»¤ë


Perspective: ¸½¥ê¥½¡¼¥¹¤«¤é¥¢¡¼¥­¥Æ¥¯¥Á¥ã¿Þ¤ÎºîÀ®


Network Firewall: ¥Þ¥Í¡¼¥¸¥É¥Õ¥¡¥¤¥¢¥¦¥©¡¼¥ë


Timestream: »þ·ÏÎó¥Ç¡¼¥¿ÍÑDB


Translate: µ¡³£ËÝÌõ¥µ¡¼¥Ó¥¹


QuickSight: ¥Þ¥Í¡¼¥¸¥É¥Ó¥¸¥Í¥¹Ê¬ÀÏ(BI)¥µ¡¼¥Ó¥¹

  • ÅÐÏ¿ºÑ¤ß¥æ¡¼¥¶¤ò³Îǧ¡£FreeÂоݤ¬1¥æ¡¼¥¶¤À¤¬¡¢¤½¤ì°Ê³°¤Ï²Ý¶â¤µ¤ì¤ë¡£
    AWS_PROFILE=example
    AWS_ACCOUNT_ID=012345678912
    
    aws quicksight list-users --profile $AWS_PROFILE --aws-account-id $AWS_ACCOUNT_ID --namespace default --region us-east-1
  • Á´¥æ¡¼¥¶¤òºï½ü
    QS_USERS=$(aws quicksight list-users --profile $AWS_PROFILE --aws-account-id $AWS_ACCOUNT_ID --namespace default --region us-east-1 --query 'UserList[].UserName' --output text)
    
    for user in $QS_USERS; do \
    echo "# $user"; \
    aws quicksight delete-user --profile $AWS_PROFILE --aws-account-id $AWS_ACCOUNT_ID --namespace default --region us-east-1 --user-name $user; \
    done

´Æºº/Audit

AWS¤Î»ö¤ÏAWS¤Îµ¡Ç½¤Ç¤ä¤ë¤È¤·¤Æ¡¢¡Ö´Æºº¤·¤Æ¤¤¤Þ¤¹¤è¡×¤È¸À¤¨¤ë¾õÂ֤ˤ¹¤ë¤Ë¤Ï¤É¤¦¤¹¤ë¤Î¤«

  • Security Hub
    • ¤³¤ì¤ÎÄÌÃΤǻö­¤ê¤ë¤«¡©
  • CloudTrail
    • AWS API¤ËÂФ·¤Æ¤Î´Æºº
  • EC2¤Îssh¥í¥°
    • ÊѤʥ¢¥¯¥»¥¹¤¬À®¸ù¤·¤Æ¤¤¤Ê¤¤¤«¡©(/var/log/secure)
  • DNS¥µ¡¼¥Ð
    • ÊѤÊDNS¤Ë¥¢¥¯¥»¥¹¤¬Íè¤Æ¤¤¤Ê¤¤¤«
  • WindowsServer¤Î¥¤¥Ù¥ó¥È¥í¥°
  • ¥ì¥Ý¡¼¥È¤Î¼«Æ°ºîÀ®
    • Lambda?

SageMaker: µ¡³£³Ø½¬¥â¥Ç¥ë¤Î¥Þ¥Í¡¼¥¸¥É¥µ¡¼¥Ó¥¹


CodeGuru: µ¡³£³Ø½¬¤ÇÃÙ¤¤(¼Â¹Ô¥³¥¹¥È¤Î¹â¤¤)¥³¡¼¥É¤ò¸«¤Ä¤±¤ë

  • Âбþgit¥ê¥Ý¥¸¥È¥ê: 2020-07
    • AWS CodeCommit
    • Bitbucket
    • GitHub
  • Âбþ¸À¸ì
    • Java
  • CodeGuru Reviewer
    • ¥³¡¼¥É¥ì¥Ó¥å¡¼¤Î¼«Æ°²½¡£¥½¡¼¥¹¥³¡¼¥É¤ò¥¹¥­¥ã¥ó¤·¤ÆPR¤òºî¤Ã¤Æ¤¯¤ì¤ë
    • ÎÁ¶â: 100¹Ô/0.75 USD ¤ÈÈó¾ï¤Ë¹â¤¤¡£90Æü´Ö¤Î̵½þ¥È¥é¥¤¥¢¥ë¤¬¤¢¤ë¡£
  • CodeGuru Profiler
    • ¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹Ê¬ÀÏ
    • ÎÁ¶â: ¥ê¥½¡¼¥¹¤Î¥µ¥ó¥×¥ê¥ó¥°»þ´ÖËè¤Î²Ý¶â

CloudSearch: ¥Þ¥Í¡¼¥¸¥É·¿¸¡º÷¥µ¡¼¥Ó¥¹


Shield: ¥Þ¥Í¡¼¥¸¥ÉDDoSÊݸî


EventBridge: ¥µ¡¼¥Ð¥ì¥¹¤Î¥¤¥Ù¥ó¥È¥Ð¥¹


Kendra: µ¡³£³Ø½¬¥Ù¡¼¥¹¤Î¸¡º÷¥µ¡¼¥Ó¥¹


AWS¥µ¡¼¥Ó¥¹¤ÎIP range


License Manager: ¥é¥¤¥»¥ó¥¹¤ÎÄÉÀס¢´ÉÍý¡¢À©¸æ


Service Catalog: IT´ÉÍý¼Ô¤Îµö²Ä¤·¤¿¥ê¥½¡¼¥¹¤ò¥æ¡¼¥¶¤ËÄó¶¡


Cloud9: ¥¯¥é¥¦¥É¥Ù¡¼¥¹¤ÎIDE


Macie: µ¡³£³Ø½¬¤Ë¤è¤ëS3¾å¥¢¥¯¥»¥¹¤ÎÊݸî


Google¥¹¥×¥ì¥Ã¥É¥·¡¼¥È¤Ç¤Î´ÉÍý


Stash: AWS´ØÏ¢¾ðÊó¤òÊ£¿ô¤Î¥½¡¼¥¹¤«¤é¸¡º÷


KMS(Key Management Service): ¸°¤Î´ÉÍý


CloudGoat: ¥»¥­¥å¥ê¥Æ¥£³Ø½¬ÍÑAWS´Ä¶­


Elemental MediaConvert: ư²èÊÑ´¹¥µ¡¼¥Ó¥¹


Forcast: µ¡³£³Ø½¬¤ò»ÈÍѤ·¤¿»þ·ÏÎóͽ¬¥µ¡¼¥Ó¥¹


DataSync: ¥ª¥ó¥×¥ì¥ß¥¹¤ÈS3/EFS´Ö¤ÎƱ´ü


¥ê¥½¡¼¥¹¤Î̿̾¡¢¥¿¥°ÉÕ¤±

  • AWS¥ê¥½¡¼¥¹ID
    • DNS¤Ç¥ê¥½¡¼¥¹¤ò¶èÊ̤¹¤ë»ö¤¬Â¿¡¹¤¢¤ë¤¿¤á¡¢ Ⱦ³Ñ±Ñ¿ô»ú¡¢¥Ï¥¤¥Õ¥ó¤Î¤ß ¤ò»È¤¦»ö¿ä¾©¡£

Global Accelerator: Ê£¿ô¥ê¡¼¥¸¥ç¥ó¤«¤é¤Î¥¢¥¯¥»¥¹¤ò¸ÇÄêIP¤ò»È¤Ã¤Æ¹Ô¤¦


Â絬ÌϾ㳲»þ¤ÎÂбþ

´ðËܤÏMultiAZ(3AZ¿ä¾©)¤À¤¬¡¢ÂѾ㳲À­¤ÈÈñÍѤΥХé¥ó¥¹¤ò¹Í¤¨¤ëɬÍפ¬¤¢¤ë¡£


AppSync: GraphQL¡õ¥µ¡¼¥Ð¥ì¥¹¤Ç¥Ð¥Ã¥¯¥¨¥ó¥É¤ò¼ÂÁõ


Resource Optimization Recommendations


Batch: ¥Þ¥Í¡¼¥¸¥Ébatch


AWS¥¢¥«¥¦¥ó¥È¤Î¾ùÅÏ


Inspector: EC2¤Ëagent¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤ÆÀȼåÀ­¿ÇÃÇ


EFS(Elastic File System): NFS¤Ç¥¹¥È¥ì¡¼¥¸¤ò¥Þ¥¦¥ó¥È


DMS(Database Migration Service):


Control Tower: Ê£¿ô¥¢¥«¥¦¥ó¥È¤Î´ÉÍý


Service Quotas: ¥µ¡¼¥Ó¥¹¾å¸Â¤Î°ì³ç´ÉÍý


Security Hub: ¥»¥­¥å¥ê¥Æ¥£¥¢¥é¡¼¥È¤Î°ì¸µ´ÉÍý


SecretManager: ¥Ñ¥¹¥ï¡¼¥ÉÅù¤Îµ¡Ì©¾ðÊó¤Î´ÉÍý


Workspaces: ²¾Áۥǥ¹¥¯¥È¥Ã¥×¥µ¡¼¥Ó¥¹


FSx for Windows: SMB¥Õ¥¡¥¤¥ë¥µ¡¼¥Ð¡¼


¥³¥ó¥×¥é¥¤¥¢¥ó¥¹¤ÎÌ䤤¹ç¤ï¤»

ÉáÄ̤ε»½Ñ¥µ¥Ý¡¼¥È¤Ç¤Ï¤Ê¤¯¡¢ÀìÍѤÎweb¥Õ¥©¡¼¥à¤«¤éÌ䤤¹ç¤ï¤»¤ë¡£

  • »È¤¤¤¿¤¤¥µ¡¼¥Ó¥¹¤¬¡¢HIPAA, ISO27001, PCI, etc...¤ËÂбþ¤·¤Æ¤¤¤ë¤«

AWS¥°¥í¡¼¥Ð¥ë¥¤¥ó¥Õ¥é¥¹¥È¥é¥¯¥Á¥ã¤Î²Ä»ë²½


Cognito: ¥¢¥×¥êËè¤Î¥æ¡¼¥¶´ÉÍý


MSK(Amazon Managed Streaming for Kafka)


Kinesis: ư²è¤È¥¹¥È¥ê¡¼¥ß¥ó¥°¥Ç¡¼¥¿¤Î¼ý½¸¡¢½èÍý¡¢Ê¬ÀÏ


Lex: AI³èÍѤ·¤¿²ñÏ÷¿¥¤¥ó¥¿¥Õ¥§¡¼¥¹


API Gateway

  • Edge¥Ñ¥¿¡¼¥ó
    • us-east-1¤ÎACM¤ËSSL¾ÚÌÀ½ñ¤ò¥¤¥ó¥Ý¡¼¥È
    • ÀìÍѤÎCloudFront Endpoint¤¬Äɲ䵤ì¤ë¤Î¤Ç¡¢DNSÀßÄê
  • Regional¥Ñ¥¿¡¼¥ó
    • ³Æ¥ê¡¼¥¸¥ç¥ó¤ËÀßÄꤹ¤ë¡£CloudFront¤Ï»È¤ï¤Ê¤¤¡£ACM¤â»È¤ï¤º¡¢API gateway¤ËľÀÜSSL¾ÚÌÀ½ñ¤ò¥¤¥ó¥Ý¡¼¥È¡£
    • ÀìÍѤÎLambda Endpoint¤¬Äɲ䵤ì¤ë¤Î¤Ç¡¢DNSÀßÄê
    • Ãæ¹ñ¤ÏRegional¤Î¤ßÂбþ(2019-04)

¥»¥­¥å¥ê¥Æ¥£

  • ÄÌÃÎ(Slack¤äEmail)Åù¤òÍ­¸ú¤Ë¤¹¤ë¡£³Æµ¡Ç½¤òÍ­¸ú¤Ë¤·¤¿¤À¤±¤Ç¤Ï¡¢°Û¾ï¤¬µ¯¤­¤Æ¤âµ¤¤¬¤Ä¤«¤Ê¤¤¤¿¤áɬ¿Ü¡£
    • CloudWatch Events + SNS ¤ÇEmailÄÌÃÎ
      • ´Êñ¡£SlackÀìÍѤÎEmail¥¢¥É¥ì¥¹¤ËžÁ÷¤¹¤ë¤À¤±¤Ê¤Î¤Ç³Ú¡£¸«¤¿Ìܤϥ·¥ó¥×¥ë¡£
    • Lambda¡£SlackÀìÍѤ˸«¤ä¤¹¤¯¥«¥¹¥¿¥Þ¥¤¥º¤¬½ÐÍè¤ë¤¬¡¢¼ê´Ö¤¬¤«¤«¤ë¡£
  • CloudTrail
    • API¤Î¥í¥°¤¬»Ä¤ë¡£Ã¯¤¬¤É¤ó¤ÊÁàºî¤ò¤·¤¿¤«¤¬¤¬Ê¬¤«¤ë¡£APIñ°Ì¤Ê¤Î¤Ç·ï¿ô¤¬Â¿¤¤
  • GuardDuty
    • ÉÔ¿³¤Ê¥¢¥¯¥»¥¹¤ò¸¡½Ð¡£
  • Config
    • ͽ¤á»ØÄꤷ¤¿¥ë¡¼¥ë¤Ë°ìÃפ·¤Æ¤¤¤ë¤«¸¡½Ð¡£

Transfer for SFTP: S3¤ò¥Ð¥Ã¥¯¥¨¥ó¥É¤Ë¤·¤¿SFTP/SCP¥Þ¥Í¡¼¥¸¥É¥µ¡¼¥Ó¥¹

  • AWS Transfer for SFTP
    • S3¤ò¥Ð¥Ã¥¯¥¨¥ó¥É¤Ë¤Ç¤­¤ë¤Î¤Ç¡¢·øÏ´À­¡¢ÍÆÎ̤ÎÌ̤ǰ¿´
    • ¥æ¡¼¥¶Ç§¾Ú: SSH public key, Active Directory, LDAP
    • WinSCP¡¢FileZilla¡¢CyberDuck¡¢OpenSSH(scp)Åù¤Î¥á¥¸¥ã¡¼¤Ê¥¯¥é¥¤¥¢¥ó¥È¤«¤é»È¤¨¤ë

¥µ¡¼¥Ð¥ì¥¹

¥µ¡¼¥Ð¥ì¥¹¹½À®¤Ç¤è¤¯»È¤¦¥µ¡¼¥Ó¥¹

  • API gateway
  • Lambda
  • CloudWatch
  • CloudFront

Lightsail: VPS¥µ¡¼¥Ó¥¹

  • Lightsail
    • WordPress, LAMP, Node.js, Redmine, GitLab, ... ¤È¤¤¤Ã¤¿¥¤¥ó¥¹¥È¡¼¥ëºÑ¤ß¤Î¥Û¥¹¥È¤ò¿ô¥¯¥ê¥Ã¥¯¤Çµ¯Æ°¤Ç¤­¤ë¡£
    • ·î³Û $4¡Á

Elasticsearch: Á´Ê¸¸¡º÷¥¨¥ó¥¸¥ó

  • RI
    • t2¤ÎRI¤Ï̵¤¤¡£
    • t3.medium.elasticsearch¡£¤½¤ì°Ê²¼¤Ï̵¤¤

¥µ¡¼¥Ó¥¹¤ÎÁªÂò


³«È¯¥×¥í¥»¥¹


AWSǧÄê»ñ³Ê


Support: ¥µ¥Ý¡¼¥È

  • µ»½Ñ¥µ¥Ý¡¼¥È¤ÏÍ­½þ¤Îdev¥×¥é¥ó¤«¤é¡£
  • ¹ØÆþºÑ¤ßRI ¤¬¤¢¤ë¤È¡¢½é·î¤Î¥µ¥Ý¡¼¥ÈÎÁ¶â¤¬Ä·¤Í¾å¤¬¤ë¡£SIMPLE MONTHLY CALCULATOR ¤ÏRI¹ØÆþºÑ¤ß¤Î¾ì¹ç¤Î¥µ¥Ý¡¼¥ÈÎÁ¶â¤â¸«ÀѤ˽Фë¤Î¤Ç»È¤Ã¤¿Êý¤¬Îɤ¤¡£

Glue DataBrew: ¥³¡¼¥É¤ò½ñ¤«¤º¤Ë¥Ç¡¼¥¿Á°½èÍý


Glue: ¥Þ¥Í¡¼¥¸¥ÉETL¥µ¡¼¥Ó¥¹

  • https://aws.amazon.com/jp/glue/
    • Apache Spark ¥µ¡¼¥Ð¡¼¥ì¥¹´Ä¶­¤Ç±¿ÍѤµ¤ì¤ë¥Þ¥Í¡¼¥¸¥É·¿ ETL(Extract/Transform/Load) ¥µ¡¼¥Ó¥¹

Ãæ¹ñ¥ê¡¼¥¸¥ç¥ó

  • Memo/Aliyun ¤ÎÃí°ÕÅÀ»²¾È
  • AWS GlobalÈǤȤϥ¢¥«¥¦¥ó¥È¤¬Ê̤ˤʤ롣
  • AWS China¤ÏÃæ¹ñË¡¿Í¤¬É¬Íס£
  • ICP¥é¥¤¥»¥ó¥¹¤¬Ìµ¤¤¤Èweb¸ø³«(80,443,8080)¤¬¤Ç¤­¤Ê¤¤¡£
    • ICP¥é¥¤¥»¥ó¥¹¤Î¿½ÀÁ¤Ï¡¢¥ê¡¼¥¸¥ç¥óËè¤ËÊ̲ñ¼Ò¡£1¥ö·î¤¯¤é¤¤¤«¤«¤ë¡©
    • API Gateway¤Ç¤âƱÍͤˡ¢Ç§¾Ú̵¤·¤Ç¤Î¥¢¥¯¥»¥¹¤¬¤Ç¤­¤Ê¤¤¡£tokenǧ¾ÚÍ­¤ê¤ÏÄÌ¿®OK¡£ICP¥é¥¤¥»¥ó¥¹¤¬Ìµ¤¤¤È¡Öcurl -i https://<api-gateway endpoint>¡×¤¬¡Öx-amzn-ErrorType: AccessDeniedException¡×¤Ë¤Ê¤ë¡£
  • »þ´ÖÂӤˤè¤Ã¤ÆÈó¾ï¤ËÃÙ¤¯¤Ê¤ë¡£ÄÌ¿®¤¬°­¤¤¡£ ÆîËÌÌäÂê¡©
  • ¥ê¡¼¥¸¥ç¥ó¤Ë¤è¤Ã¤Æ¡¢Ìµ¤¤¥µ¡¼¥Ó¥¹¤â¿¤¤¡£2019-01-30 Ningxia¥ê¡¼¥¸¥ç¥ó¤Î¤ßAurora¤¬¤¢¤ë¡£
  • API Endpoint¤¬°Û¤Ê¤ë¡£¡Öec2.cn-northwest-1.amazonaws.com.cns.com.cn¡×
  • ARN¤¬°Û¤Ê¤ë¡£¡Öarn:aws-cn:iam::123456789012:user/division_abc/subdivision_xyz/Bob¡×Åù

ECS: EC2¾å¤ÇDocker¥³¥ó¥Æ¥Ê¤ò´ÉÍý


Chrome/Firefox³ÈÄ¥µ¡Ç½


¥Û¥ï¥¤¥È¥Ú¡¼¥Ñ¡¼: ²ò·è¤¹¤Ù¤­²ÝÂê¡¢Í×°ø¤òʬÀÏ¡¢²ò·èºö¤òÄó¼¨


¥Ù¥¹¥È¥×¥é¥¯¥Æ¥£¥¹


¥â¥Ð¥¤¥ë(Android/iOS)¥¢¥×¥ê


¥Þ¡¼¥±¥Æ¥£¥ó¥°EMAIL¤òÄä»ß¤¹¤ë

Ê£¿ôAWS¥¢¥«¥¦¥ó¥È»ÈÍÑ»þ¤ËƱ¤¸¥á¡¼¥ë¤¬Íè¤Æ¼ÙËâ¡£

  1. AWS Email Preferences ¤ò³«¤¯
  2. AWS root account¤òÆþÎÏ
  3. ¡ÖDo not send me marketing email¡×¤Ë¥Á¥§¥Ã¥¯
  4. Save

DDoSÂкö


Aurora: MySQL/PostgreSQL¸ß´¹¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹

  • Aurora¤Î¥á¥ê¥Ã¥È
    • Read replica¤òÊ£¿ôÂæÍøÍѤ¹¤ë¥±¡¼¥¹¤ÏÁ᤯¤Ê¤ë¡£
    • master¤·¤«»È¤ï¤Ê¤¤(½ñ¤­¹þ¤ß¤¬Â¿¤¤)¾ì¹ç¤Ï¸ú²Ì¤Ï¤Ê¤¤
  • ¥Ç¥á¥ê¥Ã¥È
    • RDSñÂΤè¤ê¤Ï¹â¤¤

Redshift: ¥Þ¥Í¡¼¥¸¥É¥Ç¡¼¥¿¥¦¥§¥¢¥Ï¥¦¥¹¥µ¡¼¥Ó¥¹


¿¯Æþ/ÀȼåÀ­¥Æ¥¹¥È¿½ÀÁ

  • 2019-03-01¸½ºß¡¢EC2/NAT gateway/ELB/RDS/CloudFront/Lambda@Edge/Aurora/API gateway/Lambda/Lightsail/Elastic Beanstalk¤Ø¤Î¥Æ¥¹¥È¤Ï»öÁ°¾µÇ§Ìµ¤·¤Ë¤Ê¤Ã¤¿¡£¤¿¤À¤·¡¢JP¥µ¥¤¥È¤Ï¤Þ¤À¹¹¿·¤µ¤ì¤Æ¤¤¤Ê¤¤¡£EN¥µ¥¤¥È¤Ç¤Ï8¤Ä¤Î¥µ¡¼¥Ó¥¹¤ÏÉÔÍפȵ­½Ò¤¬¤¢¤ë¡£
  • ¿¯Æþ¥Æ¥¹¥È - AWS
    • 1¥Õ¥©¡¼¥à¤Ç2¼ïÎà¤Î¿½ÀÁ¤¬¤Ç¤­¤ë¡£¥Æ¥¹¥È¸µ¤ÇÆþÎϤ¬°Û¤Ê¤ë
    • source: EC2¤«¤éEC2¤Ø¤Î¿¯Æþ¥Æ¥¹¥È
    • target: ³°ÉôIP¤«¤éEC2¤Ø¤Î¿¯Æþ¥Æ¥¹¥È
    • ¾µÇ§ÈÖ¹æ¤ò´Þ¤à¥á¡¼¥ë¤¬ÆÏ¤¯¤Þ¤Ç¤Ï¥Æ¥¹¥È¤Ïµö²Ä¤µ¤ì¤Ê¤¤¡£Ä̾ï2±Ä¶ÈÆü°ÊÆâ
  • AWS°Ê³°¤Î¥Û¥¹¥È¤«¤é¡¢EC2¤Ø¤Î¥¹¥­¥ã¥ó¤ò¿½ÀÁ¤¹¤ë¾ì¹ç: Scan Infomation
    • IP Addresses to be scanned (Destination): ¥¹¥­¥ã¥óÀèEC2¤Î¥×¥é¥¤¥Ù¡¼¥ÈIP
      aws --profile default --region ap-northeast-1 ec2 describe-instances \
       --filters "Name=instance-state-name,Values=running" \
       --query 'Reservations[].Instances[].NetworkInterfaces[].PrivateIpAddresses[].PrivateIpAddress' \
       --output text | tr '\t' '\n'
      
      172.31.0.1
      172.31.0.2
      ...
    • Are the instances the source of the scan or the target of the scan ?: Target
    • Instances IDs*: ¥¹¥­¥ã¥óÀèEC2¤Î¥¤¥ó¥¹¥¿¥ó¥¹ID
      aws --profile default --region ap-northeast-1 ec2 describe-instances \
       --filters "Name=instance-state-name,Values=running" \
       --query 'Reservations[].Instances[].InstanceId' \
       --output text | tr '\t' '\n'
      
      i-00000001
      i-00000002
      ...
    • Scanning IP addresses (Source)*: ¥¹¥­¥ã¥ó¸µIP
      1.2.3.4

Windows Server/SQL Server


2Ãʳ¬Ç§¾Ú

IAM¤Ç¤Î¥í¥°¥¤¥ó»þ¤Ë2Ãʳ¬Ç§¾Ú¤òÍøÍѤǤ­¤ë¡£¥»¥­¥å¥ê¥Æ¥£¤Î¤¿¤áÍøÍѤ·¤¿¤Û¤¦¤¬Îɤ¤

  • ¥Ï¡¼¥É¥¦¥§¥¢¥­¡¼¤ò»È¤¦¾ì¹ç

IP¥¢¥É¥ì¥¹ÈϰÏ


ÉÔÀµÍøÍÑ

  • IAM keys¤¬github¤Ëϳ¤ì¤¿¤ê¡¢SSL Heartbleed bugÅù¤ÎÃ×̿Ū¤ÊÌäÂê¤Î»þ¡¢AWS¤«¤é¥á¡¼¥ë¤¬Íè¤ë(aws-verification@amazon.com)¡£¤³¤Î¥á¡¼¥ë¤Ë¤Ïɬ¤ºÊÖ¿®¤¬É¬Íפǡ¢ÊÖ¿®¤·¤Ê¤¤¤Ç¤¤¤ë¤ÈEC2¤ò¿·µ¬¤ËΩ¤Æ¤é¤ì¤Ê¤¯¤Ê¤ë¤È¤¤¤Ã¤¿À©¸Â¤¬ÉÕ¤¯(³ºÅö¥ê¡¼¥¸¥ç¥ó¤Î¤ß)
  • ¤¹¤°¤ËAWS¥µ¥Ý¡¼¥È¤ØÏ¢Íí¡£Ï¢Íí¤·¤Æ¡¢Å¬ÀڤʽèÍý¤ò¤¹¤ë»ö¤Ç¡¢ÉÔÀµÍøÍѤµ¤ì¤¿¶â³Û¤¬Ìá¤Ã¤Æ¤¯¤ë(¤³¤È¤â¤¢¤ë)
  • IAM keys¤¬Ï³¤ì¤¿¾ì¹ç¡¢³ºÅö¥­¡¼¤òinactive¤Ë¤¹¤ë¤À¤±¤Ï¤À¤á¤Ç¡¢delete¤¹¤ëɬÍפ¬¤¢¤ë

SSL Heartbleed bugÂбþ


API¾å¸Â


¥Í¥Ã¥È¥ï¡¼¥¯¿Þ


AWS¦¤Î¥á¥ó¥Æ¥Ê¥ó¥¹

EC2/RDSÅù¡¢¥Ï¡¼¥É¥¦¥§¥¢¸ò´¹Åù¤ÇOS¤Î¥ê¥Ö¡¼¥È¤ä¥¤¥ó¥¹¥¿¥ó¥¹¤Îstop/start¤ò¤¹¤ë¤è¤¦¤Ë¤È¥á¡¼¥ë¤¬Íè¤ë¾ì¹ç¤¬¤¢¤ë¡£

  • Amazon EC2 ¤Î¥á¥ó¥Æ¥Ê¥ó¥¹¤Î¥Ø¥ë¥×¥Ú¡¼¥¸
  • system-reboot
    • EC2 EBS¥Ù¡¼¥¹¤Ê¤é¡¢EC2¤Îstop/start
    • EC2 S3¥Ù¡¼¥¹¤Ê¤é terminate/start¡£¥¨¥Õ¥§¥á¥é¥ë¥Ç¥£¥¹¥¯¤ÎÆâÍÆ¤Ï¾Ã¤¨¤ë¤¿¤á¡¢É¬Íפʤé¤Ð¥Ð¥Ã¥¯¥¢¥Ã¥×¤¬É¬Í×
  • instance-reboot
    • OS¤ÎºÆµ¯Æ°¤ò¤¹¤ì¤ÐÎɤ¤¡£reboot or shutdown -r now
    • ¥¨¥Õ¥§¥á¥é¥ë¥Ç¥£¥¹¥¯¤ÎÆâÍÆ¤Ï¤½¤Î¤Þ¤Þ
  • µ¡´ï¤¬¸Å¤¤¤Î¤«us-west-1¤Ç¤Ï¿¤¤(µ¤¤¬¤¹¤ë)

Elastic Transcoder

  • AWS¤Çư²è¤ÎÊÑ´¹¥µ¡¼¥Ó¥¹
  • ÊÆ¹ñÅìÉô¥ê¡¼¥¸¥ç¥ó¤Çɸ½à²òÁüÅÙ(SD, 720p̤Ëþ)¤Î¸µÆ°²è1ʬ¤¢¤¿¤ê0.03¥É¥ë
  • ÆþÎÏ·Á¼°¡§MP4, 3GP, AAC, AVI, FLV
  • ½ÐÎÏ·Á¼°¡§MP4, H.264, AAC

¥µ¡¼¥Ó¥¹¾å¸Â´ËϤο½ÀÁ

  • ¸½ºß¤Î¾å¸Â¤ÏAWS Management Console¤Î Services > EC2 > Limits¤«¤é³Îǧ¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤Ã¤¿¡£¾å¸Â´ËÏ¿½ÀÁ¤â¤³¤³¤«¤é¤Ç¤­¤ë¡£

¥í¥°


¥Ø¥ë¥¹¥Á¥§¥Ã¥¯/SLA

  • AWS Service Health Dashboard
    • Á´¥ê¡¼¥¸¥ç¥ó¤Î³Æ¥µ¡¼¥Ó¥¹Ëè¤Î¾õÂÖ¤ò³Îǧ¤Ç¤­¤ë¡£
    • Â礭¤¤¾ã³²¤·¤«É½¼¨¤µ¤ì¤Ê¤¤¡£
    • ¾®¤µ¤Ê¾ã³²¤Î¾ì¹ç¡¢¥µ¥Ý¡¼¥È¤ËÌ䤤¹ç¤ï¤»¤ë¤È¼Â¤Ï¾ã³²¤¬¤¢¤ê¤Þ¤·¤¿¤È¸À¤ï¤ì¤ë¾ì¹ç¤¢¤ê¡£

¹½ÃÛ¼«Æ°²½


¥»¥ß¥Ê¡¼/°éÀ®/ÊÙ¶¯²ñ


źÉÕ¥Õ¥¡¥¤¥ë: fileec2cli_vs_awscli.sh 498·ï [¾ÜºÙ] filerds-list-tags-for-resource-sample.php 977·ï [¾ÜºÙ] fileec2-describe-instances-sample.php 873·ï [¾ÜºÙ]

¥È¥Ã¥×   ÊÔ½¸ Åà·ë º¹Ê¬ ¥Ð¥Ã¥¯¥¢¥Ã¥× źÉÕ Ê£À½ ̾Á°Êѹ¹ ¥ê¥í¡¼¥É   ¿·µ¬ °ìÍ÷ ñ¸ì¸¡º÷ ºÇ½ª¹¹¿·   ¥Ø¥ë¥×   ºÇ½ª¹¹¿·¤ÎRSS
Last-modified: 2021-01-05 (²Ð) 16:20:30 (16d)