https://business.ntt-east.co.jp/content/cloudsolution/column-try-46.html
https://qiita.com/hirosys-biz/items/16002428f87c08c0a637
https://docs.aws.amazon.com/ja_jp/fis/latest/userguide/fis-tutorial-stop-instances.html
-- 1. コマンド等のインストール
-- 1.1 aws cli version 2 インストール
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version
-- 1.2 jqインストール
sudo yum -y install jq
-- 2. IAMポリシー作成
vim policy01.json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowFISExperimentRoleEC2Actions",
"Effect": "Allow",
"Action": [
"ec2:RebootInstances",
"ec2:StopInstances",
"ec2:StartInstances",
"ec2:TerminateInstances"
],
"Resource": "arn:aws:ec2:*:*:instance/*"
},
{
"Sid": "AllowFISExperimentRoleSpotInstanceActions",
"Effect": "Allow",
"Action": [
"ec2:SendSpotInstanceInterruptions"
],
"Resource": "arn:aws:ec2:*:*:instance/*"
}
]
}
aws iam create-policy \
--policy-name policy01 \
--policy-document file://policy01.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"fis.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
aws iam create-role \
--role-name role01 \
--assume-role-policy-document file://role01.json
-- 4. ポリシーをロールにアタッチ
aws iam attach-role-policy \
--policy-arn arn:aws:iam::999999999999:policy/policy01 \
--role-name role01
-- 5. 検証用EC2インスタンス作成
aws ec2 run-instances \
--image-id ami-0404778e217f54308 \
--instance-type t3.nano \
--key-name key1 \
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=instance01}]'
aws ec2 run-instances \
--image-id ami-0404778e217f54308 \
--instance-type t3.nano \
--key-name key1 \
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=instance02}]'
{
"description": "fis01",
"stopConditions": [
{
"source": "none"
}
],
"targets": {
"bothInstances": {
"resourceType": "aws:ec2:instance",
"resourceArns": [
"arn:aws:ec2:ap-northeast-1:999999999999:instance/i-11111111111111111",
"arn:aws:ec2:ap-northeast-1:999999999999:instance/i-22222222222222222"
],
"selectionMode": "ALL"
},
"oneRandomInstance": {
"resourceType": "aws:ec2:instance",
"resourceArns": [
"arn:aws:ec2:ap-northeast-1:999999999999:instance/i-22222222222222222",
"arn:aws:ec2:ap-northeast-1:999999999999:instance/i-11111111111111111"
],
"selectionMode": "COUNT(1)"
}
},
"actions": {
"stopBothInstances": {
"actionId": "aws:ec2:stop-instances",
"description": "stopBothInstances",
"parameters": {
"startInstancesAfterDuration": "PT3M"
},
"targets": {
"Instances": "bothInstances"
},
"startAfter": [
"stopOneInstance"
]
},
"stopOneInstance": {
"actionId": "aws:ec2:stop-instances",
"description": "stopOneInstance",
"parameters": {
"startInstancesAfterDuration": "PT3M"
},
"targets": {
"Instances": "oneRandomInstance"
}
}
},
"roleArn": "arn:aws:iam::999999999999:role/role01",
"tags": {
"Name": "fis01"
}
}
aws fis create-experiment-template \
--cli-input-json file://a.json
aws fis list-experiment-templates
aws fis get-experiment-template \
--id EXT33333333333333
-- 7. 実験の実施
aws fis list-experiments
aws fis start-experiment \
--experiment-template-id EXT33333333333333
aws fis get-experiment \
--id EXP444444444444444
-- 8. クリーンアップ
-- 実験テンプレートの削除
aws fis list-experiment-templates
aws fis get-experiment-template \
--id EXT33333333333333
aws fis delete-experiment-template \
--id EXT33333333333333
-- EC2インスタンスの削除
aws ec2 describe-instances
aws ec2 terminate-instances --instance-ids i-22222222222222222
aws ec2 terminate-instances --instance-ids i-11111111111111111
-- IAMロールの削除
aws iam list-roles | grep role01
aws iam detach-role-policy \
--role-name role01 \
--policy-arn arn:aws:iam::999999999999:policy/policy01
aws iam delete-role --role-name role01
-- IAMポリシーの削除
aws iam list-policies | grep policy01
aws iam delete-policy \
--policy-arn arn:aws:iam::999999999999:policy/policy01