!!!参考 https://qiita.com/hichikawa1126/items/c1f03d39b3e2afb44da4 !!!準備 !!ポリシー作成 !カレンダの状態を取得するポリシー作成 { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ssm:GetCalendarState" ], "Resource": [ "*" ] } ] } !EC2の起動、終了をするポリシー作成 { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "ec2:DescribeImages", "ec2:StartInstances", "ec2:DescribeTags", "ec2:RunInstances", "ec2:StopInstances", "ec2:DescribeInstanceStatus" ], "Resource": "*" } ] } !RDSの起動、終了をするポリシー作成 { "Version": "2012-10-17", "Statement": [ { "Sid": "Statement1", "Effect": "Allow", "Action": [ "rds:Describe*", "rds:Start*", "rds:Stop*", "rds:Reboot*" ], "Resource": "*" } ] } !!ロール作成 カレンダの状態取得とEC2(or RDS)の起動と終了ができるロール作成 上記で作成したポリシーを持ったロールを作成 !!カレンダ作成 https://ap-northeast-1.console.aws.amazon.com/systems-manager/change-calendar?region=ap-northeast-1 から新しいカレンダ作成。 今回はカレンダに予定がある日は「実行しない」とするので「デフォルトで開く」のカレンダを作成 !!!ドキュメント作成 !!RDS 既存のRDS起動のドキュメントをクローンして作成する。 ステップ1で指定されたカレンダのチェックを追加 description: Start RDS instance schemaVersion: '0.3' assumeRole: '{{ AutomationAssumeRole }}' parameters: InstanceId: type: String description: (Required) RDS Instance Id to start AutomationAssumeRole: type: String description: (Optional) The ARN of the role that allows Automation to perform the actions on your behalf. default: '' CalendarName: type: String description: '(Required) CalendarName (arn:aws:ssm:ap-northeast-1:xxxxxxx:xxxxxxxx)' mainSteps: - name: CheckCalendarState action: 'aws:assertAwsResourceProperty' inputs: Service: ssm Api: GetCalendarState PropertySelector: $.State DesiredValues: - OPEN CalendarNames: - '{{CalendarName}}' description: 指定されたカレンダーに登録されている日は実行しない - name: AssertNotStartingOrAvailable action: 'aws:assertAwsResourceProperty' isCritical: false onFailure: 'step:StartInstance' nextStep: CheckStart inputs: Service: rds Api: DescribeDBInstances DBInstanceIdentifier: '{{InstanceId}}' PropertySelector: '$.DBInstances[0].DBInstanceStatus' DesiredValues: - available - starting - name: StartInstance action: 'aws:executeAwsApi' inputs: Service: rds Api: StartDBInstance DBInstanceIdentifier: '{{InstanceId}}' - name: CheckStart action: 'aws:waitForAwsResourceProperty' onFailure: Abort maxAttempts: 10 timeoutSeconds: 600 inputs: Service: rds Api: DescribeDBInstances DBInstanceIdentifier: '{{InstanceId}}' PropertySelector: '$.DBInstances[0].DBInstanceStatus' DesiredValues: - available isEnd: true !!EC2 既存のEC2起動のドキュメントをクローンして編集 { "description": "Start EC2 instances(s)", "schemaVersion": "0.3", "assumeRole": "{{ AutomationAssumeRole }}", "parameters": { "InstanceId": { "type": "StringList", "description": "(Required) EC2 Instance(s) to start" }, "AutomationAssumeRole": { "type": "String", "description": "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf.", "default": "" }, "CalendarName": { "type": "String", "description": "(Required) CalendarName (arn:aws:ssm:ap-northeast-1:xxxxxxx:xxxxxxxx)" } }, "mainSteps": [ { "name": "CheckCalendarState", "action": "aws:assertAwsResourceProperty", "inputs":{ "Service": "ssm", "Api": "GetCalendarState", "PropertySelector": "$.State", "DesiredValues":["OPEN"], "CalendarNames":["{{CalendarName}}"] }, "description": "指定されたカレンダーに登録されている日は実行しない" }, { "name": "startInstances", "action": "aws:changeInstanceState", "inputs": { "InstanceIds": "{{ InstanceId }}", "DesiredState": "running" } } ] } !!!メンテナンスウインドウ作成 https://ap-northeast-1.console.aws.amazon.com/systems-manager/maintenance-windows?region=ap-northeast-1 からメンテナンスウインドウを作成し、上記で作成したドキュメントを追加する。 {{category2 仮想化}}