Open6

Amazon IVS Viewers-Count 備忘録

marchanmarchan
$ git clone https://github.com/matsuihidetoshi/ivs-viewers-count-cdk.git

Cloning into 'ivs-viewers-count-cdk'...
remote: Enumerating objects: 119, done.
remote: Counting objects: 100% (119/119), done.
remote: Compressing objects: 100% (107/107), done.
remote: Total 119 (delta 63), reused 40 (delta 11), pack-reused 0
Receiving objects: 100% (119/119), 199.74 KiB | 9.51 MiB/s, done.
Resolving deltas: 100% (63/63), done.

marchanmarchan

npm インストール

cd ivs-viewers-count-cdk/
$ npm i

npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated sane@4.1.0: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated uuid@3.3.2: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.

added 916 packages, and audited 959 packages in 44s

29 packages are looking for funding
run npm fund for details

72 vulnerabilities (1 low, 14 moderate, 54 high, 3 critical)

To address issues that do not require attention, run:
npm audit fix

To address all issues, run:
npm audit fix --force

Run npm audit for details.

marchanmarchan

CDKデプロイ用の S3 バケットと CloudFormationスタックを作成

$ cdk bootstrap
  • エラーが発生

[+] Building 75.2s (13/13) FINISHED docker:default
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 1.19kB 0.0s
=> [internal] load metadata for public.ecr.aws/sam/build-nodejs14.x:latest 2.1s
=> [1/9] FROM public.ecr.aws/sam/build-nodejs14.x@sha256:b281da8c6480392c7c17b46cadfd546893686b0f0fffc65a9e2bceecea598446 56.2s
=> => resolve public.ecr.aws/sam/build-nodejs14.x@sha256:b281da8c6480392c7c17b46cadfd546893686b0f0fffc65a9e2bceecea598446 0.0s
=> => sha256:b281da8c6480392c7c17b46cadfd546893686b0f0fffc65a9e2bceecea598446 772B / 772B 0.0s
=> => sha256:817697432eca8726c286764b24453446bd7ff214980c34b07405f4517282421c 418B / 418B 0.6s
=> => sha256:e1010ab5ef35a8df157559406501e7aedc7e619d117cfd8ea41f232a3e0ba121 104.94MB / 104.94MB 2.3s
=> => sha256:bdfa01e10dc891a64d0f0034e04afdc1a3f218799b6dfffffb437a564bac26d1 9.54kB / 9.54kB 0.0s
=> => sha256:fac1d05b4b830e37a769aef505d25303bab2998a399e1a6e29d952320b23f1e7 88.90kB / 88.90kB 1.0s
=> => sha256:c56d0f546f7f1092a057b917c041ee439759790cd0628c749385b38f696587c7 3.69kB / 3.69kB 0.0s
=> => sha256:2a9f1ae020e1174089186c85e75fdd02adc9b21031f42edd009f1b66a1f739e5 2.58MB / 2.58MB 1.9s
=> => sha256:00f86b5b4bbab496082714767f5db08e49c6e63a57b4199dc3f3c9d21f0e8e92 36.18MB / 36.18MB 3.4s
=> => sha256:3f07d0d9eb6850477746f52324c5914278002d7759ea76517d577149118c8094 11.10MB / 11.10MB 3.6s
=> => sha256:be516a1fc064d9a52bec0da3c2e2adcc087afe6ec07f3823b0d9118cf24be16c 349.42MB / 349.42MB 24.1s
=> => extracting sha256:e1010ab5ef35a8df157559406501e7aedc7e619d117cfd8ea41f232a3e0ba121 7.4s
=> => sha256:35ec21ce9fe21d96052779c5424c5a66c6bcc4ad7680cbcfb8401dd3441cd56c 24.90MB / 24.90MB 5.6s
=> => sha256:dc2ae7cd05c5b441e027adb8aa14a7e621987e6f60a733528e07c7d70209bacc 57.55MB / 57.55MB 7.4s
=> => sha256:1c5eb79d24abfb2c3f7fef153d1ceebf0e51d25fc581cd70bd14a80c4cc90940 72.36MB / 72.36MB 10.4s
=> => sha256:424d8a700f7b2a1ffb7cdd51a803bc363e1136abefc2275ec615ce4123fb1c1e 5.03kB / 5.03kB 8.0s
=> => sha256:ec6b6c563b45df1d0308b78ed6527704df72d36ad5161062f701f0488ddad915 2.11MB / 2.11MB 9.3s
=> => sha256:602a656b14dbb47bed8d5642836ad8337a8dd6ec6c59c5becded1858f5c907e0 8.56MB / 8.56MB 10.8s
=> => sha256:6380969b7ee0e9fb68b4cc66b6c60d9705fbdc8a33cf028558d8aa07fa7de7ab 177.78kB / 177.78kB 11.3s
=> => extracting sha256:fac1d05b4b830e37a769aef505d25303bab2998a399e1a6e29d952320b23f1e7 0.0s
=> => extracting sha256:817697432eca8726c286764b24453446bd7ff214980c34b07405f4517282421c 0.0s
=> => extracting sha256:2a9f1ae020e1174089186c85e75fdd02adc9b21031f42edd009f1b66a1f739e5 0.1s
=> => sha256:3c97a14a484dd79f8dea9ac3ff704486ad2480af700348be310a2c3fe5af0f81 200.46kB / 200.46kB 11.8s
=> => extracting sha256:00f86b5b4bbab496082714767f5db08e49c6e63a57b4199dc3f3c9d21f0e8e92 2.9s
=> => sha256:de12ee837628864c540a631f3dfc2f5d336935c937c78c9d544de54f10fc4c97 122.18kB / 122.18kB 12.1s
=> => extracting sha256:3f07d0d9eb6850477746f52324c5914278002d7759ea76517d577149118c8094 1.6s
=> => extracting sha256:be516a1fc064d9a52bec0da3c2e2adcc087afe6ec07f3823b0d9118cf24be16c 19.3s
=> => extracting sha256:35ec21ce9fe21d96052779c5424c5a66c6bcc4ad7680cbcfb8401dd3441cd56c 2.3s
=> => extracting sha256:dc2ae7cd05c5b441e027adb8aa14a7e621987e6f60a733528e07c7d70209bacc 4.6s
=> => extracting sha256:1c5eb79d24abfb2c3f7fef153d1ceebf0e51d25fc581cd70bd14a80c4cc90940 2.8s
=> => extracting sha256:424d8a700f7b2a1ffb7cdd51a803bc363e1136abefc2275ec615ce4123fb1c1e 0.0s
=> => extracting sha256:ec6b6c563b45df1d0308b78ed6527704df72d36ad5161062f701f0488ddad915 0.0s
=> => extracting sha256:602a656b14dbb47bed8d5642836ad8337a8dd6ec6c59c5becded1858f5c907e0 0.9s
=> => extracting sha256:6380969b7ee0e9fb68b4cc66b6c60d9705fbdc8a33cf028558d8aa07fa7de7ab 0.0s
=> => extracting sha256:3c97a14a484dd79f8dea9ac3ff704486ad2480af700348be310a2c3fe5af0f81 0.0s
=> => extracting sha256:de12ee837628864c540a631f3dfc2f5d336935c937c78c9d544de54f10fc4c97 0.0s
=> [2/9] RUN npm install --global yarn@1.22.5 2.7s
=> [3/9] RUN npm install --global pnpm 2.6s
=> [4/9] RUN npm install --global typescript 2.5s
=> [5/9] RUN npm install --global --unsafe-perm=true esbuild@0 5.3s
=> [6/9] RUN mkdir /tmp/npm-cache && chmod -R 777 /tmp/npm-cache && npm config --global set cache /tmp/npm-cache 0.7s
=> [7/9] RUN mkdir /tmp/yarn-cache && chmod -R 777 /tmp/yarn-cache && yarn config set cache-folder /tmp/yarn-cache 0.8s
=> [8/9] RUN npm config --global set update-notifier false 0.7s
=> [9/9] RUN /sbin/useradd -u 1000 user && chmod 711 / 0.4s
=> exporting to image 1.0s
=> => exporting layers 1.0s
=> => writing image sha256:1ef8907e6f5c075142e75fa65e6aacef83d5e86b41ec9fbc8ef4e0a0e5ea0c83 0.0s
=> => naming to docker.io/library/cdk-9dad56ac2a8a0c2c875c78329b18395ba55130ac7d893a06e35dc23b755d3b04 0.0s
⏳ Bootstrapping environment aws://053423220213/us-east-1...
Trusted accounts for deployment: (none)
Trusted accounts for lookup: (none)
Using default execution policy of 'arn:aws:iam::aws:policy/AdministratorAccess'. Pass '--cloudformation-execution-policies' to customize.
CDKToolkit: creating CloudFormation changeset...
❌ Environment aws://053423220213/us-east-1 failed bootstrapping: AccessDenied: User: arn:aws:iam::053423220213:user/Tokyo-AmplifyUser is not authorized to perform: cloudformation:CreateChangeSet on resource: arn:aws:cloudformation:us-east-1:053423220213:stack/CDKToolkit/* because no identity-based policy allows the cloudformation:CreateChangeSet action
at Request.extractError (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:46692)
at Request.callListeners (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:91501)
at Request.emit (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:90949)
at Request.emit (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:199345)
at Request.transition (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:192897)
at AcceptorStateMachine.runTo (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:157769)
at /home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:158099
at Request.<anonymous> (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:193189)
at Request.<anonymous> (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:199420)
at Request.callListeners (/home/ec2-user/.nvm/versions/node/v20.11.0/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:366:91669) {
code: 'AccessDenied',
time: 2024-03-27T02:22:00.103Z,
requestId: '835a707a-640e-4ec0-89fb-4369f816e2a7',
statusCode: 403,
retryable: false,
retryDelay: 767.9502571793175
}


*** Newer version of CDK is available [2.134.0] ***
*** Upgrade recommended (npm install -g aws-cdk) ***


User: arn:aws:iam::053423220213:user/Tokyo-AmplifyUser is not authorized to perform: cloudformation:CreateChangeSet on resource: arn:aws:cloudformation:us-east-1:053423220213:stack/CDKToolkit/* because no identity-based policy allows the cloudformation:CreateChangeSet action

marchanmarchan

AWS Cloud9 IAM ユーザにインラインポリシーを追加

・Tokyo-AmplifyUserにポリシーを追加

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ivs:ListChannels",
"ivs:ListStreams",
"ivs:PutMetadata"
],
"Resource": ""
},
{
"Effect": "Allow",
"Action": [
"dynamodb:BatchWriteItem",
"dynamodb:Query"
],
"Resource": "arn:aws:dynamodb:us-east-1:053423220213:table/ivsViewersCountTable"
},
{
"Effect": "Allow",
"Action": [
"events:PutRule",
"events:PutTargets"
],
"Resource": "arn:aws:events:us-east-1:053423220213:rule/ivsViewersCountRule"
},
{
"Effect": "Allow",
"Action": [
"cloudformation:GetTemplate"
],
"Resource": "arn:aws:cloudformation:us-east-1:053423220213:stack/CDKToolkit/
"
}
]
}