Last active
November 27, 2018 19:37
-
-
Save koheyamada/3f0cfc67d2568415a12fd35d6e6221f1 to your computer and use it in GitHub Desktop.
CloudMapperを使ってAWS環境を可視化する。 ref: https://qiita.com/kooohei/items/58b6d8654a89c911a2e9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ git clone git@github.com:duo-labs/cloudmapper.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat config.json | |
| { "accounts": | |
| [ | |
| {"id": "xxxxxxxxxxxx", "name": "hogehoge", "default": true} | |
| ], | |
| "cidrs": | |
| { | |
| "1.2.3.4/32": {"name": "Tokyo Office"}, | |
| "4.3.2.1/32": {"name": "Osaka Office"} | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [cloudmapper] | |
| aws_access_key_id = AKIxxxxxxxxxxxxxxxxx | |
| aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx | |
| output = json | |
| region = ap-northeast-1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat config.json | |
| { "accounts": | |
| [ | |
| {"id": "xxxxxxxxxxxx", "name": "hogehoge", "default": true} | |
| ], | |
| "cidrs": | |
| { | |
| "1.2.3.4/32": {"name": "Tokyo Office"}, | |
| "4.3.2.1/32": {"name": "Osaka Office"} | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ python cloudmapper.py serve | |
| CloudMapper serving on 127.0.0.1:8000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ aws iam create-access-key --user-name cloudmapper | |
| { | |
| "AccessKey": { | |
| "UserName": "cloudmapper", | |
| "AccessKeyId": "AKIxxxxxxxxxxxxxxxxx", | |
| "Status": "Active", | |
| "SecretAccessKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", | |
| "CreateDate": "2018-04-25T15:32:24.676Z" | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cp config.json.demo config.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ python cloudmapper.py prepare --config config.json.demo --account demo | |
| Building data for account demo (123456789012) | |
| - 0 nodes built in region ap-south-1 | |
| - 0 nodes built in region eu-west-2 | |
| - 0 nodes built in region eu-west-1 | |
| - 0 nodes built in region ap-northeast-2 | |
| - 0 nodes built in region ap-northeast-1 | |
| - 0 nodes built in region sa-east-1 | |
| - 0 nodes built in region ca-central-1 | |
| - 0 nodes built in region ap-southeast-1 | |
| - 0 nodes built in region ap-southeast-2 | |
| - 0 nodes built in region eu-central-1 | |
| - 8 nodes built in region us-east-1 | |
| - 0 nodes built in region us-east-2 | |
| - 0 nodes built in region us-west-1 | |
| - 0 nodes built in region us-west-2 | |
| - 3 external CIDRs built | |
| - 17 connections built | |
| Complete | |
| $ python cloudmapper.py webserver | |
| CloudMapper serving on 127.0.0.1:8000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./collect_data.sh --account hogehoge --profile cloudmapper | |
| * Startup checks | |
| * Getting region names | |
| * Getting VPC info | |
| * Getting AZ info | |
| * Getting subnet info | |
| * Getting EC2 info | |
| * Getting RDS info | |
| * Getting ELB info | |
| * Getting ALB info | |
| * Getting security group info | |
| * Getting network interface info | |
| * Getting VPC peering info |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ python cloudmapper.py prepare --account hogehoge | |
| Building data for account hogehoge (xxxxxxxxxxxx) | |
| - 0 nodes built in region ap-south-1 | |
| - 0 nodes built in region eu-west-3 | |
| - 0 nodes built in region eu-west-2 | |
| - 0 nodes built in region eu-west-1 | |
| - 0 nodes built in region ap-northeast-2 | |
| - 10 nodes built in region ap-northeast-1 | |
| - 0 nodes built in region sa-east-1 | |
| - 0 nodes built in region ca-central-1 | |
| - 0 nodes built in region ap-southeast-1 | |
| - 0 nodes built in region ap-southeast-2 | |
| - 0 nodes built in region eu-central-1 | |
| - 0 nodes built in region us-east-1 | |
| - 0 nodes built in region us-east-2 | |
| - 0 nodes built in region us-west-1 | |
| - 0 nodes built in region us-west-2 | |
| - 14 external CIDRs built | |
| - 28 connections built | |
| Complete |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ aws iam put-user-policy --user-name cloudmapper --policy-name cloudmapper_readonly_policy --policy-document '{ | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Resource": "*", | |
| "Action": [ | |
| "ec2:DescribeRegions", | |
| "ec2:DescribeAvailabilityZones", | |
| "ec2:DescribeVpcs", | |
| "ec2:DescribeSubnets", | |
| "ec2:DescribeSecurityGroups", | |
| "ec2:DescribeVpcPeeringConnections", | |
| "ec2:DescribeInstances", | |
| "ec2:DescribeNetworkInterfaces", | |
| "rds:DescribeDBInstances", | |
| "elasticloadbalancing:DescribeLoadBalancers" | |
| ] | |
| } | |
| ] | |
| }' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ aws iam create-user --user-name cloudmapper | |
| { | |
| "User": { | |
| "Path": "/", | |
| "UserName": "cloudmapper", | |
| "UserId": "xxxxxxxxxxxxxxxxxxxx", | |
| "Arn": "arn:aws:iam::xxxxxxxxxxxx:user/cloudmapper", | |
| "CreateDate": "2018-04-25T15:26:05.024Z" | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ brew install autoconf automake libtool jq | |
| $ cd cloudmapper/ | |
| $ virtualenv venv | |
| $ source venv/bin/activate | |
| $ pip install -r requirements.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment