Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
いまさら聞けないAWS
Search
ASKUL Engineer
November 11, 2021
Technology
0
5.7k
いまさら聞けないAWS
20211028 AStudy+
speaker: maki tokumura
ASKUL Engineer
November 11, 2021
Tweet
Share
More Decks by ASKUL Engineer
See All by ASKUL Engineer
EditorConfigで導くコードの「美しさ」
askul
0
600
CTOが語る、テックカンパニーに向けた未来の話。by アスクル
askul
0
170
チームでリーダブルコードを実現するには?
askul
0
3k
ラズパイを使ってスマートリモコンを作ってみた
askul
0
790
Discord Bot はじめの一歩
askul
0
640
10分で「エラスティックリーダーシップ」をアウトプット
askul
0
3.5k
1on1をする上で大切なこと
askul
1
790
JBUG東京#20 〜そこが知りたい!Backlog活用術〜
askul
1
3.2k
GCPを活用した物流倉庫内の異常検知/Anomaly detection in distribution warehouse using GCP
askul
0
3.4k
Other Decks in Technology
See All in Technology
robocopy の怖い話/scary-story-about-robocopy
emiki
0
450
alecthomas/kong はいいぞ
fujiwara3
6
1.4k
隙間時間で爆速開発! Claude Code × Vibe Coding で作るマニュアル自動生成サービス
akitomonam
3
250
AWS re:Inforce 2025 re:Cap Update Pickup & AWS Control Tower の運用における考慮ポイント
htan
1
200
ソフトウェア開発プロジェクトでの品質管理への提案(温故知新)
yohwada
0
100
専門分化が進む分業下でもユーザーが本当に欲しかったものを追求するプロダクトマネジメント/Focus on real user needs despite deep specialization and division of labor
moriyuya
0
870
마라톤 끝의 단거리 스퍼트: 2025년의 AI
inureyes
PRO
1
650
ビジネス文書に特化した基盤モデル開発 / SaaSxML_Session_2
sansan_randd
0
250
MCP認可の現在地と自律型エージェント対応に向けた課題 / MCP Authorization Today and Challenges to Support Autonomous Agents
yokawasa
5
1.6k
SRE新規立ち上げ! Hubbleインフラのこれまでと展望
katsuya0515
0
150
OPENLOGI Company Profile for engineer
hr01
1
37k
【CEDEC2025】『Shadowverse: Worlds Beyond』二度目のDCG開発でゲームをリデザインする~遊びやすさと競技性の両立~
cygames
PRO
1
280
Featured
See All Featured
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
50
5.5k
Automating Front-end Workflow
addyosmani
1370
200k
Code Reviewing Like a Champion
maltzj
524
40k
Java REST API Framework Comparison - PWX 2021
mraible
32
8.8k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
126
53k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Measuring & Analyzing Core Web Vitals
bluesmoon
7
540
Facilitating Awesome Meetings
lara
54
6.5k
The World Runs on Bad Software
bkeepers
PRO
70
11k
Six Lessons from altMBA
skipperchong
28
3.9k
Adopting Sorbet at Scale
ufuk
77
9.5k
Transcript
By maki tokumura ͍·͞Βฉ͚ͳ͍AWS
ಙଜ ਅथ ͱ͘ΉΒ · ͖ ICTιϦϡʔγϣϯ ΫϥυετϥΫνϟʔνʔϜ ˌtimes_tokumura AWS৮Γ͡Ίͯ8ϲ݄
ࠓͷత AWSͷ༻ޠʢαʔϏεʣ Λͬ͘͟ΓΖ͏ʂ
ࠓͷ ͋͘·ͰAWSͷಋೖ ͨͩ͘͠ɺৄ͘͠ɺΓ͍ͨ࣌ͪ͜Β AWSαʔϏεผࢿྉ https://aws.amazon.com/jp/aws-jp-introduction/aws-jp-webinar-service-cut/
αʔϏεج൫ɺ ωοτϫʔΫ·ΘΓ
Regions AWSͷҬͷ۠Γ 20Ҏ্ͷҬʹ͔Ε͍ͯΔ ຊʹ̎ͭ͋Δ Ϧʔδϣϯίʔυ ໊લ BQOPSUIFBTU ΞδΞύγϑΟοΫ ౦ژ BQOPSUIFBTU
ΞδΞύγϑΟοΫ େࡕ
Ϧʔδϣϯશʹ͞Ε͍ͯͯ ͦΕͧΕಠཱ͍ͯ͠Δ us-east-2 ถࠃ౦෦ (ΦϋΠΦ) ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) eu-west-3 Ԥभ
(ύϦ)
Ͳ͔͜ͷϦʔδϣϯͰো͕ىͬͯ͜େৎ →ϚϧνϦʔδϣϯରԠ us-east-2 ถࠃ౦෦ (ΦϋΠΦ) ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) eu-west-3 Ԥभ
(ύϦ) োൃੜ ❌ͭͳ͕Βͳ͍ ✅େৎͰ͢ʂ ✅େৎͰ͢ʂ
AZ(Availability Zone) ̍ϦʔδϣϯͷͰͷ͞Βʹখ͞ͳ۠Γ ̍AZ̍ͭҎ্ͷσʔληϯλʔͰߏங ౦ژϦʔδϣϯ3ͭͷAZ͕͋Δ ɾap-northeast-1-a ɾap-northeast-1-c ɾap-northeast-1-d
AZશʹ͞Ε͍ͯͯ ϦʔδϣϯͰͦΕͧΕ͕ಠཱ͍ͯ͠Δ ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) ap-northeast-1-a ap-northeast-1-c ap-northeast-1-d Region
Ͳ͔͜ͷAZͰো͕ىͬͯ͜େৎ →ϚϧνAZରԠ ap-northeast-1 ΞδΞύγϑΟοΫ (౦ژ) ap-northeast-1-a ap-northeast-1-c ap-northeast-1-d Region োൃੜ
❌ͭͳ͕Βͳ͍ ✅େৎͰ͢ʂ ✅େৎͰ͢ʂ
Ͳ͔͜Ͱো͕ىͬͨ͜ͱͯ͠ γεςϜ͕μϯ͠ͳ͍ՄೳੑΛ ߴΊΔʢ୯ҰোΛͳ͘͢ʣ →ߴՄ༻ੑΛ࣮ݱ͢Δ
VPC (Virtual Private Cloud) AWS্ʹ࡞Ͱ͖Δ ϓϥΠϕʔτԾωοτϫʔΫۭؒ ಛఆͷωοτϫʔΫͷശͷΑ͏ͳͷ ͜ͷശͷதʹEC2DBECS͕ ஔ͍ͯ͋ΔΠϝʔδ
ηΩϡϦςΟ
IAM (Identity and Access Management) AWSͷαʔϏεͰʮೝূʯͱʮೝՄʯͷ ઃఆΛߦ͏͜ͱ͕Ͱ͖ΔαʔϏε ΞΧϯτͦͷݖݶཧ͍ͯ͠Δ ೝূ ɿ
૬ख͕୭ʢԿʣͳͷ͔֬ೝ͢Δ͜ͱ ೝՄ ɿϦιʔεͷΞΫηεݖݶΛ༩͑Δ͜ͱ
IAMϢʔβʔ ਓʢϢʔβʔʣʹ༩͑ΒΕΔID Ϣʔβʔ໊ͱύεϫʔυ͕༩͞Εɺ AWSΞΧϯτʹϩάΠϯ͢Δࡍʹ ඞཁͱͳΔ ̍ͭͷAWSΞΧϯτͷதʹෳͷϢʔ βʔΛ࡞Δ͜ͱ͕Ͱ͖Δ
↓͜Ε
IAMϙϦγʔ ʮAWSͷԿʹରͯ͠ʯ ʮͲͷΑ͏ͳૢ࡞Λʯ ʮͰ͖ΔʢͰ͖ͳ͍ʣʯ ͱ͍͏ݖݶΛఆΊͨͷ IAMϢʔβʔɾIAMϩʔϧʢޙड़ʣʹ ඥ͚ͮͯ͏
S3ReadOnlyʢݟΔ͚ͩʣΛڐՄ͢ΔϙϦγʔ
S3ʹϑϧΞΫηεΛڐՄ͢ΔϙϦγʔ
IAMϩʔϧ ׂΛఆ͍ٛͯ͠Δͷ IAMϙϦγʔΛଋͶͯɺ֓೦తͳ໊લΛ ͚Δ͜ͱ͕Ͱ͖Δ IAMϢʔβʔͱࣅͯΔ͕ɺ IAMϩʔϧ༻͢Δଆ͕ਓʹݶΒͳ͍
ʮITEM-APIʯ ϩʔϧΛ࡞͠ ʮAmazonS3FullAccessʯϙϦγʔ Λඥ͚ͮΔɺΈ͍ͨͳ͜ͱΛ͠·͢ ITEM-API ECS S3 ϑΝΠϧΛPUTɾGET͍ͨ͠
IAM·ͱΊ ɾIAMϙϦγʔ Ͱ͖Δ͜ͱ/Ͱ͖ͳ͍͜ͱ Λఆٛ͠ɺ Ϣʔβʔϩʔϧʹඥ͚ͮͯ͏ ɾIAMϢʔβʔ ϙϦγʔΛඥ͚ͯɺϢʔβʔ͕Ͱ͖Δ͜ͱΛఆٛ͢Δ ɾIAMϩʔϧ ϙϦγʔΛඥ͚ͯɺ ୭͔/AWSͷαʔϏε
͕Ͱ͖Δ͜ͱΛఆٛ͢Δ
ίϯϐϡʔςΟϯά
EC2 (Elastic Compute Cloud) OSΛͤͨԾڥΛΫϥυ্ʹ࡞ Ͱ͖ΔαʔϏε ༻్ʹԊͬͯOSɾεϖοΫʢCPUϝϞ ϦʣΛબͼࣗಈతʹαʔόʔͷ্ཱͪ͛ ͔ΒΠϯετʔϧ·Ͱͯ͘͠ΕΔ
ECS (Elastic Container Service) DokerίϯςφΞϓϦέʔγϣϯΛAWS ্Ͱಈ͔ͯ͘͠ΕΔαʔϏε ίϯςφͷ࣮ߦɺอޢɺεέʔϧΛAWS ଆͰͬͯ͘ΕΔͷͰ͏ଆ͕ҙࣝ͢Δ ͜ͱ͕͘͢ͳͯ͘͢Ή
EC2ECSͷ͍͍ͱ͜Ζ ɾ؆୯ͳεϖοΫมߋ ɾԽ͕؆୯ ɹˠྗੑ͕͋Δ ɾैྔ՝ۚʹΑΔίετϝϦοτ
ELB(Elastic Load Balancer) ELBʹɺ3ͭͷϩʔυόϥϯαʔ͕͋ Γɺ༻్ʹ߹ΘͤͯબͰ͖Δɻ ɾCLB (Classic Load Balancer) ɾNLB
(Network Load Balancer) ɾALB (Application Load Balancer)
ALBͰͰ͖Δ͜ͱ ͦͷᶃෛՙ͕ࢄͰ͖Δ ALB ECS ECS
ALBͰͰ͖Δ͜ͱ ͦͷᶄURLͰৼΓ͚ઌΛઃఆͰ͖Δ API༻ALB AAA-api ECS https://ʓʓ.com/AAA/… https://ʓʓ.com/BBB/… BBB-api ECS ※ύεϕʔεɺϗετϕʔεɺHTTPϔομϕʔεΫΤϦจࣈϕʔε…৭ʑͳنଇͰઃఆͰ͖·͢
ALBͰͰ͖Δ͜ͱ ͦͷᶅτϥϑΟοΫͷ੍ݶ͕Ͱ͖Δ ALB ※VPCͷར༻͕લఏͰ͢ ✅ΞΫηε0, ❌ΞΫηε/( ECS
ετϨʔδDB
S3 (Simple Storage Service) ΫϥυܕͷΦϒδΣΫτετϨʔδ ྨࣅαʔϏεɿDropBoxɾOneDrive ετϨʔδʢ༰ྔʣ͕ࣗಈతʹ֦ுɾॖ খ͞ΕΔɻࣄલʹਖ਼֬ͳ༰ྔΛܭࢉͨ͠ Γɺ༨ʹϦιʔεΛ֬อ͓ͯ͘͠ඞཁ͕ ͳ͍
S3ͷ͍͍ͱ͜Ζ ͦͷᶃϥΠϑαΠΫϧ ࢦఆͨ͠ظ͕ؒܦաͨ͠ͷΛআ͠ ͨΓɺΑΓՁ֨ͳετϨʔδʹҠಈ ͨ͠ΓͰ͖Δ ྫɿ90ܦաͨ͠ϩάϑΝΠϧআ
S3ͷ͍͍ͱ͜Ζ ͦͷᶄόʔδϣχϯά ΦϒδΣΫτ͝ͱʹੈཧΛ༗ޮʹ ͢Δ͜ͱͰ͖Δ ྫɿޡͬͯಉ͡ϑΝΠϧ໊Ͱ্ॻ͖ͯ͠͠·ͬ ͯɺલͷόʔδϣϯʹ͢͜ͱ͕Ͱ͖Δ
S3ͷ͍͍ͱ͜Ζ ͦͷᶅϩάه ΦϒδΣΫτʹର͢ΔϩάΛ͢͜ͱ ͕Ͱ͖Δ ྫɿ୭͕͜ͷϑΝΠϧΛআ͔ͨ͠ʁมߋͨ͠ ͔ʁΛḷΔ͜ͱ͕Ͱ͖Δ
S3ͷ͍͍ͱ͜Ζ ͦͷᶆΞΫηεݖݶ ઃఆ͞ΕͨϢʔβʔͷΈૢ࡞ΛڐՄ͢ ΔͳͲɺࡉ͔͘ΞΫηεݖݶΛઃఆͰ ͖Δ ྫɿΞΧϯτAΞοϓϩʔυͷΈՄೳ ɹɹΞΧϯτBμϯϩʔυͷΈՄೳ
S3ͷ͍͍ͱ͜Ζ ͦͷᶇ҉߸Խ ΦϒδΣΫτΛ҉߸Խ͓ͯ͘͜͠ͱ͕ Ͱ͖Δ αʔόʔαΠυɺΫϥΠΞϯταΠυ ͦΕͧΕͷ҉߸ԽʹରԠ
RDS (Relation Database Service) σʔλϕʔεͷΠϯετʔϧόοΫ ΞοϓͳͲͷઃఆΛ͠ͳͯ͘ɺσʔλ ϕʔε͕ར༻Ͱ͖ΔαʔϏε 6ͭͷRDBMS͔ΒબՄೳ Amazon AuroraɾPostgre
SQLɾMySQL MariaσʔλϕʔεɾOracleɾSQL Server
RDSͷ͍͍ͱ͜Ζ ɾϚϧνAZʹΑΔՄ༻ੑ ɾιϑτΣΞͷࣗಈύον࡞ۀ ɾΦʔτεέʔϦϯά ɾϦʔυϨϓϦΧ ɹɹˠಡΈࠐΈઐ༻ͷσʔλϕʔε ɹɹಉ͡σʔλ͕ෳଘࡏ͢ΔͨΊσʔλͷ҆શੑ͕ߴ·Δ ɹɹ·ͨɺDBʹ͔͔ΔෛՙΛࢄͤ͞Δ͜ͱ͕Ͱ͖Δ
͓ΘΓʹ Ϋϥυͷ͜ͱɾAWSͷ͜ͱ ͓͍ͬͯͯଛͳ͍ʂ Ұॹʹษڧ͍͖ͯ͠·͠ΐ͏