[aws-cli]RDSのログをcliで確認する
RDSのパラメータグループの値変更
| 項目 | 変更前 | 変更後 |
|---|---|---|
| general_log | null | 1 |
| log_output | TABLE | FILE |
| slow_query_log | null | 1 |
| long_query_time | null | 3 |
RDSのReadOnly Policyをアタッチした、IAMグループ”rds-maintenance”作成
$ aws iam list-groups-for-user --user-name rds-maintenance
{
"Groups": [
{
"Path": "/",
"CreateDate": "2015-08-31T04:00:57Z",
"GroupId": "AGPAITHVICAQS5MDE6RXC",
"Arn": "arn:aws:iam::792454999443:group/rds-maintenance",
"GroupName": "rds-maintenance"
}
]
}
$ aws iam list-attached-group-policies --group-name rds-maintenance
{
"AttachedPolicies": [
{
"PolicyName": "AmazonRDSReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess"
}
],
"IsTruncated": false
}
RDSの"DownloadDBLogFilePortion"ポリシーをアタッチ
{
"AttachedPolicies": [
{
"PolicyName": "rds-log-download-policy",
"PolicyArn": "arn:aws:iam::792454999443:policy/rds-log-download-policy"
},
{
"PolicyName": "AmazonRDSReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess"
}
],
"IsTruncated": false
}
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1441005849679",
"Action": [
"rds:DownloadDBLogFilePortion"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
上記で作成した、グループにユーザを追加
{
"Users": [
{
"UserName": "rds-maintenance",
"Path": "/",
"CreateDate": "2015-08-31T04:01:47Z",
"UserId": "AIDAI5T2AKMQHUDZ4HXLG",
"Arn": "arn:aws:iam::792454999443:user/rds-maintenance"
}
]
}
ユーザ"rds-maintenance"がaws cliを使えるよう設定
$aws configure --profile rds-mente
AWS Access Key ID [****************23IQ]:
AWS Secret Access Key [****************33ZN]:
Default region name [ap-northeast-1]:
Default output format [json]:
RDSインスタンス一覧取得(jqで加工済み)
$ aws rds describe-db-instances --profile vivo-rds-mente | jq '.DBInstances[].DBInstanceIdentifier'
"dev-db"
"prod-db"
"stg-db"
特定のRDSインスタンスのログ一覧を取得
$ aws rds describe-db-log-files --db-instance-identifier dev-db --profile rds-mente
{
"DescribeDBLogFiles": [
{
"LastWritten": 1440998400000,
"LogFileName": "error/mysql-error.log",
"Size": 0
},
{
"LastWritten": 1440998580000,
"LogFileName": "general/mysql-general.log",
"Size": 52731
},
{
"LastWritten": 1440993600000,
"LogFileName": "general/mysql-general.log.4",
"Size": 248955
},
{
"LastWritten": 1440997200000,
"LogFileName": "general/mysql-general.log.5",
"Size": 2096024
},
{
"LastWritten": 1431214055000,
"LogFileName": "mysqlUpgrade",
"Size": 2457
},
{
"LastWritten": 1440998400000,
"LogFileName": "slowquery/mysql-slowquery.log",
"Size": 915
},
{
"LastWritten": 1440993376000,
"LogFileName": "slowquery/mysql-slowquery.log.4",
"Size": 183
},
{
"LastWritten": 1440996900000,
"LogFileName": "slowquery/mysql-slowquery.log.5",
"Size": 2196
}
]
}
ログ確認
aws rds download-db-log-file-portion --db-instance-identifier dev-db --log-file-name "general/mysql-general.log" --profile rds-mente --output text
ログを出力
aws rds download-db-log-file-portion --db-instance-identifier dev-db --log-file-name "general/mysql-general.log" --profile rds-mente --output text > mysql-general.log