[日本語]Amazon CloudFront with AWS Certificate Manager

Transcript

1. Amazon CloudFront with AWS Certificate Manager @Amimoto_Ami ja.amimoto-ami.com

2. ΞʔΩςΫνϟ

3. Amazon CloudFront AWS Certificate Manager w $%/Ͱίϯςϯπͷ഑৴Λߴ଎Խ
   w 44-ূ໌ॻͷ؅ཧΛࣗಈԽ ࣮ݱ͢Δ͜ͱ

4. SSLূ໌ॻͷऔಘ Workflow ४උ

5. ४උ

6. ɾadministrator@your_domain ɾhostmaster@your_domain ɾpostmaster@your_domain ɾwebmaster@your_domain ɾadmin@your_domain υϝΠϯೝূ༻ϝʔϧΞυϨε

7. ͢ͰʹυϝΠϯೝূ༻ϝʔϧΞυϨεͰ ϝʔϧͷड৴͕Մೳͳ৔߹͸ɺ ͜ΕҎ߱ͷ߲໨͸εΩοϓ͍ͯͩ͘͠͞ υϝΠϯೝূ༻ϝʔϧΞυϨε

8. υϝΠϯೝূ༻ϝʔϧΞυϨε͕࢖༻Ͱ ͖ͳ͍৔߹͸ AWS SES Ͱϝʔϧड৴͢ ΔઃఆΛߦ͍·͢ɻ υϝΠϯೝূ༻ϝʔϧΞυϨε

9. Amazon SES ઃఆ Workflow S3όέοτͷ४උ ߏஙલͷ ४උ

10. Amazon SES ઃఆ Workflow S3όέοτͷ४උ ߏஙલͷ ४උ

11. Amazon S3 w "NB[PO
    4*NQMF
    4UPSBHF
    4FSWJDF
    w Πϯλʔωοτ༻ͷετϨʔδ
    w 4&4
    Ͱड৴ͨ͠ϝʔϧΛ֨ೲ͢ΔͨΊʹ࢖༻ "NB[PO
    4

12. όέοτϙϦγʔͷઃఆ Workflow S3όέοτͷ࡞੒

13. όέοτϙϦγʔͷઃఆ Workflow S3όέοτͷ࡞੒

14. None

15. Create Bucket ΛΫϦοΫ͠·͢

16. Bucket Name, Region Λೖྗ͠ Create

17. όέοτϙϦγʔͷઃఆ Workflow S3όέοτͷ࡞੒

18. Properties - Permissions - Add bucket policy

19. Bucket Policy Λઃఆ͠ Save

20. Bucket Policy https://docs.aws.amazon.com/ses/latest/DeveloperGuide/ receiving-email-permissions.html

21. Amazon SES ઃఆ Workflow S3όέοτͷ४උ ߏஙલͷ ४උ

22. Amazon SES w "NB[PO
    4*NQMF
    &NBJM
    4FSWJDF
    w &NBJM
    ͷૹड৴Λ࣮ߦ͢ΔαʔϏε
    w $MPVE'SPOU
    ͷೝূϝʔϧड৴ʹ࢖༻ "NB[PO
    4&4

23. ϝʔϧड৴ςετ Workflow ϧʔϧηοτͷ࡞੒

24. None

25. Email Receiving - Rule Sets - Create a Receipt Rule

26. Recipient ʹϝʔϧυϝΠϯ໊Λೖྗͯ͠ Add Recipient

27. දࣔ͞ΕͨઃఆΛ DNS αʔόʹͯઃఆ Route53 Λ࢖༻͍ͯ͠Δ৔߹͸ Use Route53

28. Route53 Λ࢖༻͍ͯ͠Δ৔߹͸͜ͷը໘͕දࣔ͞ΕΔͷͰ ͢΂ͯνΣοΫͯ͠ Create Record Sets

29. ࣄલ४උͰ࡞੒ͨ͠ S3 Bucket Λબ୒ͯ͠ Next Step

30. Rule Name Λೖྗͯ͠ Next Step

31. ઃఆ಺༰Λ֬ೝͯ͠ Create Rule Set

32. DNS มߋ͕׬ྃͯ͠ೝূ͕औΕΔͱ Status ͕ Enabled ʹͳΔ

33. ϝʔϧड৴ςετ Workflow ϧʔϧηοτͷ࡞੒

34. ϝʔϧΫϥΠΞϯτ͔ΒϝʔϧΛૹ৴ͯ͠ΈΔ

35. S3όέοτʹʮAMAZON_SES_SETUP_NOTIFICATIONʯҎ֎ ͷϑΝΠϧ͕อଘ͞Ε͍ͯΕ͹ϝʔϧૹ৴͸ਖ਼ৗʹߦΘΕ͍ͯΔ

36. SSLূ໌ॻͷ औಘ

37. CloudFront Workflow Certificate Manager

38. CloudFront Workflow Certificate Manager

39. AWS Certificate Manager •AWS͕ఏڙ͢ΔSSLূ໌ॻ •CloudFront, ELB Ͱ࢖༻Մೳ •ແྉͰ࢖༻Մೳ •SSLূ໌ॻ͸ࣗಈͰߋ৽͞ΕΔ "84
    $FSUJpDBUF
    .BOBHFS

40. None

41. Get started

42. Domain name Λೖྗͯ͠ Review and request

43. ೖྗ಺༰Λ֬ೝͯ͠ Confirm and request

44. Continue

45. ೝূ଴ͪυϝΠϯͷҰཡ͕දࣔ͞ΕΔ

46. ड৴ϝʔϧΛ֬ೝͯ͠ೝূ༻URLΛϒϥ΢βͰදࣔ

47. ೝূ༻URLΛදࣔ͠ I Approve ΛΫϦοΫ

48. Success!

49. AWSίϯιʔϧͰ΋ೝূ͞Εͨ͜ͱ͕֬ೝͰ͖Δ

50. CloudFront Workflow Certificate Manager

51. Amazon CloudFront •AWSͷϗετ͢ΔCDNαʔϏε •αΠτͷߴ଎Խͱෛՙ࡟ݮΛ࣮ݱ •ো֐࣌ͷϑΣΠϧΦʔόʔʹ΋ରԠ "NB[PO
    $MPVE'SPOU

52. None

53. Distributions ͔Βઃఆର৅ͷ distribution Λબ୒

54. General λϒͷ Edit ΛΫϦοΫ

55. Custom SSL Certificate Ͱઌ΄Ͳ࡞੒ͨ͠ূ໌ॻΛબ୒

56. ͠͹Β͘͢ΔͱSSLূ໌ॻ͕ઃఆ͞Ε͍ͯΔ͜ͱ͕֬ೝͰ͖·͢

57. http://ja.amimoto-ami.com/slack/ ࣭͝໰͸͓ؾܰʹ:

58. @Amimoto_Ami ja.amimoto-ami.com THANK YOU! Amazon CloudFront + AWS Certificate Manager