IaSQL
Blogを拝見すると、2021年9月からOpenになったツールのようです。
https://blog.iasql.com/intro-iasql/
IaSQLのリソース作成
CloudFormationでも作成するリソース作成に連携するためのIAM手順があるのですが、 us-wet-2でもap-northeast-1でも連携ができなかったです。
そのため本ブログでは AdmininistratorAccess の アクセスキー、シークレットアクセスキーを払い出しています。
- IAM User(AdministratorAccess)のアクセスキー、シークレットアクセスキーを入力します
Connect an account directlyでCloudFormationの作成画面に飛びます
ECS-Fargateのサンプル
- 4パターンあります
- Githubはこちら
接続
- postgreSQLクライアントは好きなものを使ってください
- psql
psql -h db.iasql.com -p 5432 -U ${User Name} -d ${Database Name}
- HeidiSQL^1
- psql
利用可能なモジュール一覧
https://docs.iasql.com/function/ に記載があるものを使っていきます
SELECT * FROM iasql_modules_list();
> SELECT * FROM iasql_modules_list();
module_name | module_version | dependencies
--------------------+----------------+---------------------------------------------------------------------------------------------------------
aws_cloudwatch | 0.0.1 | {}
aws_ec2 | 0.0.1 | {aws_security_group@0.0.1}
aws_ecr | 0.0.1 | {}
aws_ecs_fargate | 0.0.1 | {aws_ecr@0.0.1,aws_elb@0.0.1,aws_security_group@0.0.1,aws_cloudwatch@0.0.1,aws_vpc@0.0.1,aws_iam@0.0.1}
aws_elb | 0.0.1 | {aws_security_group@0.0.1,aws_vpc@0.0.1}
aws_rds | 0.0.1 | {aws_security_group@0.0.1}
aws_security_group | 0.0.1 | {aws_vpc@0.0.1}
aws_vpc | 0.0.1 | {}
iasql_functions | 0.0.1 | {}
iasql_platform | 0.0.1 | {}
aws_iam | 0.0.1 | {}
(11 行)
必要なモジュールをインストール
iasql_installでパラメータを渡してインストール
SELECT * from iasql_install(
'aws_iam',
'aws_cloudwatch',
'aws_ec2',
'aws_rds',
'aws_elb',
'aws_security_group',
'aws_vpc'
);
iasql_modules_installedでインストール済みの確認が可能です
SELECT * FROM iasql_modules_installed();
> SELECT * FROM iasql_modules_installed();
module_name | module_version | dependencies
--------------------+----------------+---------------------------------------------------------------------------------
iasql_platform | 0.0.1 | {}
iasql_functions | 0.0.1 | {iasql_platform@0.0.1}
aws_account | 0.0.1 | {}
aws_iam | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1}
aws_cloudwatch | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1}
aws_vpc | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1}
aws_security_group | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_vpc@0.0.1}
aws_elb | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_security_group@0.0.1,aws_vpc@0.0.1}
aws_ec2 | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_security_group@0.0.1}
aws_rds | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_security_group@0.0.1}
(10 行)
- 利用可能なモジュールとインストール済みのモジュールの差分も確認が可能です
SELECT module_name FROM iasql_modules_list()
EXCEPT
SELECT module_name FROM iasql_modules_installed();
> SELECT module_name FROM iasql_modules_list()
> EXCEPT
> SELECT module_name FROM iasql_modules_installed();
module_name
-----------------
aws_ecs_fargate
aws_ecr
(2 行)
>
> SELECT * FROM iasql_modules_installed();
module_name | module_version | dependencies
--------------------+----------------+---------------------------------------------------------------------------------
iasql_platform | 0.0.1 | {}
iasql_functions | 0.0.1 | {iasql_platform@0.0.1}
aws_account | 0.0.1 | {}
aws_iam | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1}
aws_cloudwatch | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1}
aws_vpc | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1}
aws_security_group | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_vpc@0.0.1}
aws_elb | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_security_group@0.0.1,aws_vpc@0.0.1}
aws_ec2 | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_security_group@0.0.1}
aws_rds | 0.0.1 | {iasql_platform@0.0.1,aws_account@0.0.1,aws_security_group@0.0.1}
(10 行)
実際にリソースを作成
- VPCを作成
INSERT INTO vpc ( cidr_block )
VALUES ( '172.16.0.0/16' );
- データを投入直後はリソースIDが空白
iasql_applyで適用
- リソースIDが埋まった状態で表示
SELECT * FROM iasql_apply();
- 実際に反映
どういった項目が設定可能か
- 具体的にどのリソースをどの項目まで設定可能か項目で抽出してみました
SELECT
table_name,
column_name,
data_type
FROM
information_schema.columns
WHERE
table_name IN (
'aws_account',
'vpc',
'subnet',
'role',
'instance',
'instance_security_groups',
'load_balancer',
'target_group',
'log_group',
'listener',
'load_balancer_security_groups',
'rds',
'rds_security_groups'
)
ORDER BY
1
;
- 以下が上記SQLの結果です
table_name | column_name | data_type
-------------------------------+-------------------------------+--------------------------
aws_account | access_key_id | character varying
aws_account | secret_access_key | character varying
aws_account | id | integer
aws_account | region | character varying
instance | id | integer
instance | key_pair_name | character varying
instance | name | character varying
instance | ami | character varying
instance | instance_id | character varying
instance | instance_type | character varying
instance_security_groups | instance_id | integer
instance_security_groups | security_group_id | integer
listener | port | integer
listener | target_group_name | character varying
listener | load_balancer_name | character varying
listener | listener_arn | character varying
listener | action_type | USER-DEFINED
listener | protocol | USER-DEFINED
listener | id | integer
load_balancer | load_balancer_type | USER-DEFINED
load_balancer | created_time | timestamp with time zone
load_balancer | scheme | USER-DEFINED
load_balancer | state | USER-DEFINED
load_balancer | ip_address_type | USER-DEFINED
load_balancer | vpc | integer
load_balancer | subnets | ARRAY
load_balancer | availability_zones | ARRAY
load_balancer | customer_owned_ipv4_pool | character varying
load_balancer | load_balancer_name | character varying
load_balancer | load_balancer_arn | character varying
load_balancer | dns_name | character varying
load_balancer | canonical_hosted_zone_id | character varying
load_balancer_security_groups | load_balancer_name | character varying
load_balancer_security_groups | security_group_id | integer
log_group | log_group_arn | character varying
log_group | log_group_name | character varying
log_group | creation_time | timestamp with time zone
rds | db_instance_class | character varying
rds | backup_retention_period | integer
rds | allocated_storage | integer
rds | db_instance_identifier | character varying
rds | availability_zone | character varying
rds | engine | character varying
rds | master_user_password | character varying
rds | master_username | character varying
rds | endpoint_addr | character varying
rds | endpoint_hosted_zone_id | character varying
rds | id | integer
rds | endpoint_port | integer
rds_security_groups | rds_id | integer
rds_security_groups | security_group_id | integer
role | role_name | character varying
role | description | character varying
role | assume_role_policy_document | character varying
role | attached_policies_arns | ARRAY
role | arn | character varying
subnet | owner_id | character varying
subnet | availability_zone | USER-DEFINED
subnet | subnet_arn | character varying
subnet | id | integer
subnet | available_ip_address_count | integer
subnet | state | USER-DEFINED
subnet | vpc_id | integer
subnet | subnet_id | character varying
subnet | cidr_block | character varying
target_group | target_group_arn | character varying
target_group | healthy_threshold_count | integer
target_group | health_check_timeout_seconds | integer
target_group | health_check_interval_seconds | integer
target_group | health_check_enabled | boolean
target_group | health_check_port | character varying
target_group | health_check_path | character varying
target_group | health_check_protocol | USER-DEFINED
target_group | port | integer
target_group | protocol | USER-DEFINED
target_group | ip_address_type | USER-DEFINED
target_group | target_type | USER-DEFINED
target_group | target_group_name | character varying
target_group | unhealthy_threshold_count | integer
target_group | protocol_version | USER-DEFINED
target_group | vpc | integer
vpc | is_default | boolean
vpc | state | USER-DEFINED
vpc | id | integer
vpc | cidr_block | character varying
vpc | vpc_id | character varying
(86 行)
まとめ
SQLでAWSのリソースが作れるということで触ってみました。
上記の項目にあるようにまだ細かい部分まで設定ができないですが、
アプローチはいいなと思いました。(個人的にSQLが好きなので)
もう少し触ってみようと思います。