Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS CDKで コンテナイメージスキャンを行う 〜ECRとその他の方法〜 / cdk-con...
Search
k.goto
October 13, 2023
Programming
2
1.6k
AWS CDKで コンテナイメージスキャンを行う 〜ECRとその他の方法〜 / cdk-container-image-scan
2023/10/16開催 JAWS-UG コンテナ支部 × JAWS-UG 千葉支部 #1 〜今知りたいコンテナセキュリティ〜 での登壇資料です。
k.goto
October 13, 2023
Tweet
Share
More Decks by k.goto
See All by k.goto
AWS CDK 実践的アプローチ N選 / aws-cdk-practical-approaches
gotok365
6
1k
TypeScript製IaCツールのAWS CDKが様々な言語で実装できる理由 ~他言語変換の仕組み~ / cdk-language-transformation
gotok365
9
460
とあるEdTechベンチャーのシステム構成こだわりN選 / edtech-system
gotok365
7
620
CodePipelineのアクション統合から学ぶAWS CDKの抽象化技術 / codepipeline-actions-cdk-abstraction
gotok365
5
430
AWS CDKにおけるL2 Constructの仕組み / aws-cdk-l2-construct
gotok365
6
1.2k
コミュニティ駆動 AWS CDK ライブラリ「Open Constructs Library」 / community-cdk-library
gotok365
2
380
AWS CDKにおける「再利用性」を考える / aws-cdk-reusability
gotok365
8
3.1k
OSS活動のススメ / oss-activities
gotok365
5
1.2k
AWS CDKコントリビュートTIPS / aws-cdk-contribution-tips
gotok365
8
1.9k
Other Decks in Programming
See All in Programming
第9回 情シス転職ミートアップ 株式会社IVRy(アイブリー)の紹介
ivry_presentationmaterials
1
320
Hack Claude Code with Claude Code
choplin
4
2k
『自分のデータだけ見せたい!』を叶える──Laravel × Casbin で複雑権限をスッキリ解きほぐす 25 分
akitotsukahara
2
640
20250628_非エンジニアがバイブコーディングしてみた
ponponmikankan
0
680
AIともっと楽するE2Eテスト
myohei
6
2.6k
ISUCON研修おかわり会 講義スライド
arfes0e2b3c
1
440
Startups on Rails in Past, Present and Future–Irina Nazarova, RailsConf 2025
irinanazarova
0
100
AIと”コードの評価関数”を共有する / Share the "code evaluation function" with AI
euglena1215
1
160
なんとなくわかった気になるブロックテーマ入門/contents.nagoya 2025 6.28
chiilog
1
270
Result型で“失敗”を型にするPHPコードの書き方
kajitack
5
650
Rubyでやりたい駆動開発 / Ruby driven development
chobishiba
1
700
GitHub Copilot and GitHub Codespaces Hands-on
ymd65536
2
150
Featured
See All Featured
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
970
Building a Modern Day E-commerce SEO Strategy
aleyda
42
7.4k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.3k
Producing Creativity
orderedlist
PRO
346
40k
Raft: Consensus for Rubyists
vanstee
140
7k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3.1k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.9k
Faster Mobile Websites
deanohume
307
31k
The Cost Of JavaScript in 2023
addyosmani
51
8.5k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
29
9.6k
Become a Pro
speakerdeck
PRO
29
5.4k
Transcript
LHPUP าͷςοΫ "84$%,Ͱ ίϯςφΠϝʔδεΩϟϯΛߦ͏ ʙ&$3ͱͦͷଞͷํ๏ʙ +"846(ίϯςφࢧ෦º+"846(ઍ༿ࢧ෦ ࠓΓ͍ͨίϯςφηΩϡϦςΟ
ࣗݾհ LHPUP w ςοΫϦʔυɾϥʔϝϯ͖ w "84$PNNVOJUZ#VJMEFS %FW5PPMT w าͷςοΫ
ٕज़ϒϩά w ࣗ࡞"84πʔϧͷ044։ൃ w "84$%,ίϯτϦϏϡʔλʔ w 9 5XJUUFS !@TUFQ@UFDI ‣ LHPUP าͷςοΫ
͜ͷͷొஃৼΓฦΓ ˙"84%FW%BZ+BQBO ‣ αʔόʔϨεͳϝʔϧૹ৴γεςϜΛ"84$%,Ͱߏங͠ઍਓنͷڥͰӡ༻ͨ͠ ˙+"846($%,ࢧ෦ ‣ $%,Ͱ7BMJEBUJPO͢Δຊͷํ๏ ˙"QQ3VOOFS/JHIU "844UBSUVQ.FFUVQ
‣ "QQ3VOOFSͰ"QQͰͳ͍ͷΛ3VO͢Δ ˙"84$%,$POGFSFODF+BQBO ‣ "84$%,ͱ;PEΛ׆༻ͨ͠όϦσʔγϣϯύλʔϯू ˙+"846(43&ࢧ෦ ‣ $MPVE8BUDIෳ߹ΞϥʔϜͰ&-#ͷ99Λ͍͍ײ͡ʹݕ͠Α͏ͱͨ͠Β͏·͍͔͘ͳ͔ͬͨ ˙"84%FW%BZ5PLZP ‣ "84$%,ͰֶͿ(P'σβΠϯύλʔϯʙ*B$ʹίʔυઃܭʙ ˙+"846($%,ࢧ෦ ‣ "84$%,Ͱ͏(P'σβΠϯύλʔϯʙ࣮ࡍͲ͏ͳͷʁʙ ˙4UBSUVQ%BZ ‣ ελʔτΞοϓͰͦ͜$%,͕׆͖ͨʙੜ࢈ੑΛ্Ͱ͖ͨͭͷཧ༝ʙ ˙+"846($%,ࢧ෦ ‣ $MPVE'PSNBUJPOϢʔβʔ͕$%,ʹೖͯ͠Έͯࢥͬͨ͜ͱ ύωϧσΟεΧογϣϯ ˙+"846(ίϯςφࢧ෦º+"846(ઍ༿ࢧ෦ ‣ "84$%,ͰίϯςφΠϝʔδεΩϟϯΛߦ͏ʙ&$3ͱͦͷଞͷํ๏ʙ $%,ωλ શొஃɿຊ $%,ωλɿຊ $%,ͷେϑΝϯͰ͢ʂʂʂ $%,ͷܒ׆ಈத
ίϯςφηΩϡϦςΟ
AWS CDKͰίϯςφΠϝʔδεΩϟϯΛߦ͏
"84$%,Ͱίϯςφʁ
"84$%, º ίϯςφΠϝʔδϏϧυ
"84$%,ºίϯςφΠϝʔδϏϧυ w "84$%,Ͱ؆୯ʹίϯςφΠϝʔδͷϏϧυ͕Ͱ͖Δ ‣ *B$ϨΠϠʔ *B$ίʔυ ͰͷΠϝʔδϏϧυɾΠϝʔδϓογϡ͕Մೳ $%,Ҏ֎ͷ*B$πʔϧͰ*B$ͷཧ֎ͰΔ͜ͱ͕ଟ͍ ϦϙδτϦ࡞
ΠϝʔδϏϧυ Πϝʔδϓογϡ
"84$%,ºίϯςφΠϝʔδεΩϟϯʁ w "84$%,͚ͩͰΠϝʔδͷϏϧυ͔Βϓογϡ·Ͱग़དྷͯศརʂ w Ͱɺ"84$%,ͰϏϧυͨ͠ΠϝʔδͷεΩϟϯͲ͏ͬͯʁ ‣ ࣮ɾɾɾ
"84$%,ºίϯςφΠϝʔδεΩϟϯʁ w "84$%,͚ͩͰΠϝʔδͷϏϧυ͔Βϓογϡ·Ͱग़དྷͯศརʂ w Ͱɺ"84$%,ͰϏϧυͨ͠ΠϝʔδͷεΩϟϯͲ͏ͬͯʁ ‣ ࣮ɾɾɾ ཱ֬͞Ε͍ͯͳ͍
"84$%,ºίϯςφΠϝʔδεΩϟϯʁ w "84$%,͚ͩͰΠϝʔδͷϏϧυ͔Βϓογϡ·Ͱग़དྷͯศརʂ w Ͱɺ"84$%,ͰϏϧυͨ͠ΠϝʔδͷεΩϟϯͲ͏ͬͯʁ ‣ ࣮ɾɾɾ ཱ֬͞Ε͍ͯͳ͍ ͱ͍͏͔ ͋·Γฉ͔ͳ͍
Ͱ͢ΑͶʁ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ҰൠతʹͲ͏ͬͯΠϝʔδεΩϟϯ͢Δͷʁ πʔϧ ‣ &$3 ϕʔγοΫεΩϟϯ
֦ுεΩϟϯ XJUI"NB[PO*OTQFDUPS ‣ αʔυύʔςΟπʔϧ 5SJWZ %PDLMF FUDʜ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ҰൠతʹͲ͏ͬͯΠϝʔδεΩϟϯ͢Δͷʁ ϑϩʔ ‣ Ұఆִؒ ఆظ ࣮ߦ
ʹճ ‣ ඇಉظ Πϕϯτ ࣮ߦ ΠϝʔδͷϓογϡΛτϦΨʔ ‣ ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ ੬ऑੑݕग़
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ ͤ͞ͳ͍ ੬ऑੑݕग़
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ ͤ͞ͳ͍ ੬ऑੑݕग़
ϓογϡΛτϦΨʔʹ σϓϩΠ͢Δέʔε҆৺ σϓϩΠલʹऴྃ
͋ΒͨΊͯ
"84$%,Ͱ ίϯςφΠϝʔδεΩϟϯͬͯ Ͳ͏Δͷʁ
ͱΓ͋͑ͣ
&$3Ͱ ͬͯΈ·͢
"84$%,º&$3Πϝʔδ ϓογϡ εΩϟϯ w 3FQPTJUPSZJNBHF4DBO0O1VTI
"84$%,º&$3Πϝʔδ ϓογϡ εΩϟϯ w ੬ऑੑݕग़࣌ͷಉظతରԠʹ͑ͳ͍ ϓογϡ͕τϦΨʔ ੬ऑੑ͕͋ͬͯ ϓογϡࢭΊΒΕͳ͍ʂ ࣮ߦඇಉظ σϓϩΠࢭ·Βͳ͍ʂ
Ϗϧυ ϓογϡ
͡Ό͋ͦͷଞͷํ๏ʁ
"84$%,ºͦͷଞͷΠϝʔδεΩϟϯ w αʔυύʔςΟπʔϧʁ ‣ 5SJWZ ‣ %PDLMF ‣ FUDʜ w
͔͠͠ʜ ‣ $%,"84༻πʔϧͳͷͰ"84Ϧιʔεͷͷ͔͠ແ͍ جຊతʹ ྫ֎͋Γ
ͦͷଞͷํ๏
ແ͍
͡Ό͋
Ͳ͏͢Δʁ
࡞Ε͍͍͡ΌΜ
$POTUSVDU)VC w $%,ίϯετϥΫτϥΠϒϥϦू IUUQTDPOTUSVDUTEFW ‣ Ҏ্ͷΦʔϓϯιʔεͷ$%,ίϯετϥΫτ͕ެ։ ‣ ݸਓͰ࡞ͬͨࣗ࡞ίϯετϥΫτͷެ։Մೳ
044ͱͯ͠ (JU)VCʹύϒϦοΫϦϙδτϦΛ࡞ $%,ίϯετϥΫτΛ࣮ OQNʹύϒϦογϡ $%,༻λά͚Λͯ͠ ʙेܦͭͱ$POTUSVDU)VCʹࣗಈͰొ͞ΕΔ ίϯετϥΫτ $POTUSVDU $%,ಛ༗ͷࣗ༝ͳཻͷϦιʔεू߹ ίϯϙʔωϯτ ɻ "84ఏڙͷͷ͚ͩͰͳ͘Ϣʔβࣗ༝ʹΊΔɻ
࡞ͬͯΈ·ͨ͠
ࣗ࡞ίϯετϥΫτ "84$%,༻ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIUSJWZ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIEPDLMF ᶃ JNBHFTDBOOFSXJUIUSJWZ ˞ ᶄ JNBHFTDBOOFSXJUIEPDLMF
˞ ˞ͱΓ͋͑ͣ5ZQF4DSJQUݶఆͰ༻Մೳ ࠓޙ͍͍͔͛ͯͳͱ ˞ ˞
ࣗ࡞ίϯετϥΫτ "84$%,༻ w ಛ ᶃ $%,ϨΠϠʔ $%,ίʔυ ͰɺίϯςφΠϝʔδεΩϟϯΛߦ͏ ʮ5SJWZʯɾʮ%PDLMFʯΛ$%,Ͱ͑ΔΑ͏ʹͳͬͨʂ
$%,͚ͩͰϏϧυɾϓογϡʹՃ͑ͯεΩϟϯ·Ͱߦ͑ΔΑ͏ʹͳͬͨʂ ᶄ σϓϩΠաఔͰϏϧυͨ͠ΠϝʔδΛ͍ճͨ͢ΊɺແବͳϏϧυ͕ൃੜ͠ͳ͍ ʮεΩϟϯͷͨΊʹϏϧυ͠ɺσϓϩΠͷͨΊʹϏϧυʯͳͲΛ͠ͳ͍ ᶅ ੬ऑੑݕͷࡍɺ&$3ͷΠϝʔδͷϓογϡ$%,σϓϩΠΛࢭΊΒΕΔ
ࣗ࡞ίϯετϥΫτ "84$%,༻ w Έ ‣ $%, $MPVE'PSNBUJPO ʹʮΧελϜϦιʔεʯͱ͍͏ಛघͳϦιʔε͕͋Δ $%,͕ରԠ͍ͯ͠ͳ͍ॲཧΛ-BNCEBͰࣗલͰ࣮Ͱ͖Δػೳ
4/4ͰՄ ‣ ͜ͷΧελϜϦιʔε-BNCEBͰʮ5SJWZʯʮ%PDLMFʯΛୟ࣮͘Λ͢Δ ‣ ͜ΕΛ$POTUSVDUԽ͠ɺ$%,ίʔυͰσϓϩΠϑϩʔʹΈࠐΊΔΑ͏ʹ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ Ϗϧυ εΩϟϯ ϓογϡ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ ੬ऑੑݕग़࣌Τϥʔʹͯ͠ ϓογϡͤ͞ͳ͍ʂ σϓϩΠΤϥʔऴྃ Ϗϧυ εΩϟϯ ϓογϡ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ Φϓγϣϯ৭ʑ͋Γʂ ࢦఆͳ͠Ͱ͍͍ײ͡ʹಈ͖·͢ʂ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ ΤσΟλ্ͰͷೖྗબɾೖྗิɾEPDग़ྗ ͳͲʹΑΓੜͷπʔϧΑΓศར͔ʂʁ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶄJNBHFTDBOOFSXJUIEPDLMF
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶄJNBHFTDBOOFSXJUIEPDLMF *HOPSFϧʔϧ͕ࢦఆՄೳʂ Ϗϧυ εΩϟϯ ϓογϡ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶄJNBHFTDBOOFSXJUIEPDLMF *HOPSFϧʔϧ͕ࢦఆՄೳʂ Ϗϧυ εΩϟϯ ϓογϡ ੬ऑੑݕग़࣌Τϥʔʹͯ͠ ϓογϡͤ͞ͳ͍ʂ σϓϩΠΤϥʔऴྃ
ࣗ࡞ίϯετϥΫτ "84$%,༻ w 5SJWZͷެࣜυΩϡϝϯτͷΤίγεςϜϖʔδʹࡌͤͯΒ͍·ͨ͠ʂ
࠶ܝ ࣗ࡞ίϯετϥΫτ "84$%,༻ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIUSJWZ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIEPDLMF ᶃ JNBHFTDBOOFSXJUIUSJWZ ˞ ᶄ
JNBHFTDBOOFSXJUIEPDLMF ˞ ˞ͱΓ͋͑ͣ5ZQF4DSJQUݶఆͰ༻Մೳ ࠓޙ͍͍͔͛ͯͳͱ ˞ ˞
$%,ͰͷΠϝʔδεΩϟϯํ๏ ཱ֬͞Ε͍ͯͳ͍ʁ
ཱ֬͞Ε·ͨ͠ʂ
·ͱΊ w "84$%,Ͱ ಉظతͳ ίϯςφΠϝʔδεΩϟϯͷํ๏ཱ֬͞Ε͍ͯͳ͍ ‣ Ϗϧυɾϓογϡࣗମ؆୯ ‣ &$3ͰͷඇಉظͳϓογϡεΩϟϯ͋Δ w
"84$%,༻ͷࣗ࡞ίϯετϥΫτΛ࡞ͬͨ 5SJWZ൛ɾ%PDLMF൛ ‣ 044ͱͯ͠$POTUSVDU)VCʹެ։ͨ͠ w $%,ͰͷίϯςφΠϝʔδεΩϟϯํ๏ཱ͕֬͞Εͨʂ ʁ ‣ Α͔ͬͨΒͬͯΈ͍ͯͩ͘͞
ࢀߟɿαϯϓϧίʔυ (JU)VC w "84$%,Ͱ ‣ JNBHFTDBOOFSXJUIUSJWZ ‣ JNBHFTDBOOFSXJUIEPDLMF w ΛͬͨαϯϓϧίʔυΛ(JU)VCʹࡌ͍ͤͯΔͷͰΑ͔ͬͨΒͥͻ
IUUQTHJUIVCDPNHPUPLDELJNBHFTDBOUFTU
એɿࣗ࡞"84πʔϧ044 ʲEFMTUBDLʳ"84$MPVE'PSNBUJPOελοΫڧ੍আπʔϧ ‣ IUUQTHPUPLIBUFOBCMPHDPNFOUSZEFMTUBDL ʲDMTʳ4όέοτߴআɾۭʹ͢Δπʔϧ όʔδϣχϯάରԠ ‣ IUUQTHPUPLIBUFOBCMPHDPNFOUSZDMT ʲMBNWFSʳ-BNCEBϥϯλΠϜόʔδϣϯݕࡧπʔϧ
Ϧʔδϣϯԣஅ ‣ IUUQTHPUPLIBUFOBCMPHDPNFOUSZMBNWFS
એɿDMTεϖΠϯޠهࣄ "84&TQBÑPM w "84&TQBÑPMͷํ͕ʮDMT 4আπʔϧ ʯͷεϖΠϯޠهࣄΛॻ͍ͯ͘Ε ·ͨ͠ʂ ‣ ͜ΕͰຊޠɾӳޠɾεϖΠϯޠͷ͔ࠃޠͷهࣄ͕ग़དྷ·ͨ͠ʂ IUUQTEFWUPBXTFTQBOPMDMTCVTRVFEBZFMJNJOBDJPONBTJWBEFCVDLFUTTHC
એɿDMTͷొஃ͠·͢ʂ w 4UPSBHF+"84ͷه೦͖͢ୈճʹ͓ݺͼ͖ɺDMTͷηογϣϯΛͤ͞ ͯ͘͜ͱʹͳΓ·ͨ͠ʂ ‣ ਫ 4UPSBHF+"84
5IBOL:PV LHPUP าͷςοΫ