Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS CDKで コンテナイメージスキャンを行う 〜ECRとその他の方法〜 / cdk-con...
Search
k.goto
October 13, 2023
Programming
2
1.6k
AWS CDKで コンテナイメージスキャンを行う 〜ECRとその他の方法〜 / cdk-container-image-scan
2023/10/16開催 JAWS-UG コンテナ支部 × JAWS-UG 千葉支部 #1 〜今知りたいコンテナセキュリティ〜 での登壇資料です。
k.goto
October 13, 2023
Tweet
Share
More Decks by k.goto
See All by k.goto
AWS CDK 実践的アプローチ N選 / aws-cdk-practical-approaches
gotok365
6
1k
TypeScript製IaCツールのAWS CDKが様々な言語で実装できる理由 ~他言語変換の仕組み~ / cdk-language-transformation
gotok365
9
460
とあるEdTechベンチャーのシステム構成こだわりN選 / edtech-system
gotok365
7
620
CodePipelineのアクション統合から学ぶAWS CDKの抽象化技術 / codepipeline-actions-cdk-abstraction
gotok365
5
430
AWS CDKにおけるL2 Constructの仕組み / aws-cdk-l2-construct
gotok365
6
1.2k
コミュニティ駆動 AWS CDK ライブラリ「Open Constructs Library」 / community-cdk-library
gotok365
2
380
AWS CDKにおける「再利用性」を考える / aws-cdk-reusability
gotok365
8
3.1k
OSS活動のススメ / oss-activities
gotok365
5
1.2k
AWS CDKコントリビュートTIPS / aws-cdk-contribution-tips
gotok365
8
1.9k
Other Decks in Programming
See All in Programming
CursorはMCPを使った方が良いぞ
taigakono
1
250
Hypervel - A Coroutine Framework for Laravel Artisans
albertcht
1
110
PHPで始める振る舞い駆動開発(Behaviour-Driven Development)
ohmori_yusuke
2
350
ISUCON研修おかわり会 講義スライド
arfes0e2b3c
1
430
Result型で“失敗”を型にするPHPコードの書き方
kajitack
5
610
dbt民主化とLLMによる開発ブースト ~ AI Readyな分析サイクルを目指して ~
yoshyum
3
880
A full stack side project webapp all in Kotlin (KotlinConf 2025)
dankim
0
110
ふつうの技術スタックでアート作品を作ってみる
akira888
1
490
「Cursor/Devin全社導入の理想と現実」のその後
saitoryc
0
790
Code as Context 〜 1にコードで 2にリンタ 34がなくて 5にルール? 〜
yodakeisuke
0
120
Webの外へ飛び出せ NativePHPが切り拓くPHPの未来
takuyakatsusa
2
540
猫と暮らす Google Nest Cam生活🐈 / WebRTC with Google Nest Cam
yutailang0119
0
110
Featured
See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.7k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.9k
Visualization
eitanlees
146
16k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Practical Orchestrator
shlominoach
188
11k
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.4k
The Straight Up "How To Draw Better" Workshop
denniskardys
234
140k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.9k
Statistics for Hackers
jakevdp
799
220k
The Art of Programming - Codeland 2020
erikaheidi
54
13k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.5k
Transcript
LHPUP าͷςοΫ "84$%,Ͱ ίϯςφΠϝʔδεΩϟϯΛߦ͏ ʙ&$3ͱͦͷଞͷํ๏ʙ +"846(ίϯςφࢧ෦º+"846(ઍ༿ࢧ෦ ࠓΓ͍ͨίϯςφηΩϡϦςΟ
ࣗݾհ LHPUP w ςοΫϦʔυɾϥʔϝϯ͖ w "84$PNNVOJUZ#VJMEFS %FW5PPMT w าͷςοΫ
ٕज़ϒϩά w ࣗ࡞"84πʔϧͷ044։ൃ w "84$%,ίϯτϦϏϡʔλʔ w 9 5XJUUFS !@TUFQ@UFDI ‣ LHPUP าͷςοΫ
͜ͷͷొஃৼΓฦΓ ˙"84%FW%BZ+BQBO ‣ αʔόʔϨεͳϝʔϧૹ৴γεςϜΛ"84$%,Ͱߏங͠ઍਓنͷڥͰӡ༻ͨ͠ ˙+"846($%,ࢧ෦ ‣ $%,Ͱ7BMJEBUJPO͢Δຊͷํ๏ ˙"QQ3VOOFS/JHIU "844UBSUVQ.FFUVQ
‣ "QQ3VOOFSͰ"QQͰͳ͍ͷΛ3VO͢Δ ˙"84$%,$POGFSFODF+BQBO ‣ "84$%,ͱ;PEΛ׆༻ͨ͠όϦσʔγϣϯύλʔϯू ˙+"846(43&ࢧ෦ ‣ $MPVE8BUDIෳ߹ΞϥʔϜͰ&-#ͷ99Λ͍͍ײ͡ʹݕ͠Α͏ͱͨ͠Β͏·͍͔͘ͳ͔ͬͨ ˙"84%FW%BZ5PLZP ‣ "84$%,ͰֶͿ(P'σβΠϯύλʔϯʙ*B$ʹίʔυઃܭʙ ˙+"846($%,ࢧ෦ ‣ "84$%,Ͱ͏(P'σβΠϯύλʔϯʙ࣮ࡍͲ͏ͳͷʁʙ ˙4UBSUVQ%BZ ‣ ελʔτΞοϓͰͦ͜$%,͕׆͖ͨʙੜ࢈ੑΛ্Ͱ͖ͨͭͷཧ༝ʙ ˙+"846($%,ࢧ෦ ‣ $MPVE'PSNBUJPOϢʔβʔ͕$%,ʹೖͯ͠Έͯࢥͬͨ͜ͱ ύωϧσΟεΧογϣϯ ˙+"846(ίϯςφࢧ෦º+"846(ઍ༿ࢧ෦ ‣ "84$%,ͰίϯςφΠϝʔδεΩϟϯΛߦ͏ʙ&$3ͱͦͷଞͷํ๏ʙ $%,ωλ શొஃɿຊ $%,ωλɿຊ $%,ͷେϑΝϯͰ͢ʂʂʂ $%,ͷܒ׆ಈத
ίϯςφηΩϡϦςΟ
AWS CDKͰίϯςφΠϝʔδεΩϟϯΛߦ͏
"84$%,Ͱίϯςφʁ
"84$%, º ίϯςφΠϝʔδϏϧυ
"84$%,ºίϯςφΠϝʔδϏϧυ w "84$%,Ͱ؆୯ʹίϯςφΠϝʔδͷϏϧυ͕Ͱ͖Δ ‣ *B$ϨΠϠʔ *B$ίʔυ ͰͷΠϝʔδϏϧυɾΠϝʔδϓογϡ͕Մೳ $%,Ҏ֎ͷ*B$πʔϧͰ*B$ͷཧ֎ͰΔ͜ͱ͕ଟ͍ ϦϙδτϦ࡞
ΠϝʔδϏϧυ Πϝʔδϓογϡ
"84$%,ºίϯςφΠϝʔδεΩϟϯʁ w "84$%,͚ͩͰΠϝʔδͷϏϧυ͔Βϓογϡ·Ͱग़དྷͯศརʂ w Ͱɺ"84$%,ͰϏϧυͨ͠ΠϝʔδͷεΩϟϯͲ͏ͬͯʁ ‣ ࣮ɾɾɾ
"84$%,ºίϯςφΠϝʔδεΩϟϯʁ w "84$%,͚ͩͰΠϝʔδͷϏϧυ͔Βϓογϡ·Ͱग़དྷͯศརʂ w Ͱɺ"84$%,ͰϏϧυͨ͠ΠϝʔδͷεΩϟϯͲ͏ͬͯʁ ‣ ࣮ɾɾɾ ཱ֬͞Ε͍ͯͳ͍
"84$%,ºίϯςφΠϝʔδεΩϟϯʁ w "84$%,͚ͩͰΠϝʔδͷϏϧυ͔Βϓογϡ·Ͱग़དྷͯศརʂ w Ͱɺ"84$%,ͰϏϧυͨ͠ΠϝʔδͷεΩϟϯͲ͏ͬͯʁ ‣ ࣮ɾɾɾ ཱ֬͞Ε͍ͯͳ͍ ͱ͍͏͔ ͋·Γฉ͔ͳ͍
Ͱ͢ΑͶʁ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ҰൠతʹͲ͏ͬͯΠϝʔδεΩϟϯ͢Δͷʁ πʔϧ ‣ &$3 ϕʔγοΫεΩϟϯ
֦ுεΩϟϯ XJUI"NB[PO*OTQFDUPS ‣ αʔυύʔςΟπʔϧ 5SJWZ %PDLMF FUDʜ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ҰൠతʹͲ͏ͬͯΠϝʔδεΩϟϯ͢Δͷʁ ϑϩʔ ‣ Ұఆִؒ ఆظ ࣮ߦ
ʹճ ‣ ඇಉظ Πϕϯτ ࣮ߦ ΠϝʔδͷϓογϡΛτϦΨʔ ‣ ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ ੬ऑੑݕग़
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ ͤ͞ͳ͍ ੬ऑੑݕग़
ҰൠతͳίϯςφΠϝʔδͷεΩϟϯํ๏ w ಉظ࣮ߦ $*$%ύΠϓϥΠϯͷεςοϓ ͷྫ ΠϝʔδεΩϟϯ ΠϝʔδϏϧυ Πϝʔδϓογϡ ͤ͞ͳ͍ ੬ऑੑݕग़
ϓογϡΛτϦΨʔʹ σϓϩΠ͢Δέʔε҆৺ σϓϩΠલʹऴྃ
͋ΒͨΊͯ
"84$%,Ͱ ίϯςφΠϝʔδεΩϟϯͬͯ Ͳ͏Δͷʁ
ͱΓ͋͑ͣ
&$3Ͱ ͬͯΈ·͢
"84$%,º&$3Πϝʔδ ϓογϡ εΩϟϯ w 3FQPTJUPSZJNBHF4DBO0O1VTI
"84$%,º&$3Πϝʔδ ϓογϡ εΩϟϯ w ੬ऑੑݕग़࣌ͷಉظతରԠʹ͑ͳ͍ ϓογϡ͕τϦΨʔ ੬ऑੑ͕͋ͬͯ ϓογϡࢭΊΒΕͳ͍ʂ ࣮ߦඇಉظ σϓϩΠࢭ·Βͳ͍ʂ
Ϗϧυ ϓογϡ
͡Ό͋ͦͷଞͷํ๏ʁ
"84$%,ºͦͷଞͷΠϝʔδεΩϟϯ w αʔυύʔςΟπʔϧʁ ‣ 5SJWZ ‣ %PDLMF ‣ FUDʜ w
͔͠͠ʜ ‣ $%,"84༻πʔϧͳͷͰ"84Ϧιʔεͷͷ͔͠ແ͍ جຊతʹ ྫ֎͋Γ
ͦͷଞͷํ๏
ແ͍
͡Ό͋
Ͳ͏͢Δʁ
࡞Ε͍͍͡ΌΜ
$POTUSVDU)VC w $%,ίϯετϥΫτϥΠϒϥϦू IUUQTDPOTUSVDUTEFW ‣ Ҏ্ͷΦʔϓϯιʔεͷ$%,ίϯετϥΫτ͕ެ։ ‣ ݸਓͰ࡞ͬͨࣗ࡞ίϯετϥΫτͷެ։Մೳ
044ͱͯ͠ (JU)VCʹύϒϦοΫϦϙδτϦΛ࡞ $%,ίϯετϥΫτΛ࣮ OQNʹύϒϦογϡ $%,༻λά͚Λͯ͠ ʙेܦͭͱ$POTUSVDU)VCʹࣗಈͰొ͞ΕΔ ίϯετϥΫτ $POTUSVDU $%,ಛ༗ͷࣗ༝ͳཻͷϦιʔεू߹ ίϯϙʔωϯτ ɻ "84ఏڙͷͷ͚ͩͰͳ͘Ϣʔβࣗ༝ʹΊΔɻ
࡞ͬͯΈ·ͨ͠
ࣗ࡞ίϯετϥΫτ "84$%,༻ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIUSJWZ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIEPDLMF ᶃ JNBHFTDBOOFSXJUIUSJWZ ˞ ᶄ JNBHFTDBOOFSXJUIEPDLMF
˞ ˞ͱΓ͋͑ͣ5ZQF4DSJQUݶఆͰ༻Մೳ ࠓޙ͍͍͔͛ͯͳͱ ˞ ˞
ࣗ࡞ίϯετϥΫτ "84$%,༻ w ಛ ᶃ $%,ϨΠϠʔ $%,ίʔυ ͰɺίϯςφΠϝʔδεΩϟϯΛߦ͏ ʮ5SJWZʯɾʮ%PDLMFʯΛ$%,Ͱ͑ΔΑ͏ʹͳͬͨʂ
$%,͚ͩͰϏϧυɾϓογϡʹՃ͑ͯεΩϟϯ·Ͱߦ͑ΔΑ͏ʹͳͬͨʂ ᶄ σϓϩΠաఔͰϏϧυͨ͠ΠϝʔδΛ͍ճͨ͢ΊɺແବͳϏϧυ͕ൃੜ͠ͳ͍ ʮεΩϟϯͷͨΊʹϏϧυ͠ɺσϓϩΠͷͨΊʹϏϧυʯͳͲΛ͠ͳ͍ ᶅ ੬ऑੑݕͷࡍɺ&$3ͷΠϝʔδͷϓογϡ$%,σϓϩΠΛࢭΊΒΕΔ
ࣗ࡞ίϯετϥΫτ "84$%,༻ w Έ ‣ $%, $MPVE'PSNBUJPO ʹʮΧελϜϦιʔεʯͱ͍͏ಛघͳϦιʔε͕͋Δ $%,͕ରԠ͍ͯ͠ͳ͍ॲཧΛ-BNCEBͰࣗલͰ࣮Ͱ͖Δػೳ
4/4ͰՄ ‣ ͜ͷΧελϜϦιʔε-BNCEBͰʮ5SJWZʯʮ%PDLMFʯΛୟ࣮͘Λ͢Δ ‣ ͜ΕΛ$POTUSVDUԽ͠ɺ$%,ίʔυͰσϓϩΠϑϩʔʹΈࠐΊΔΑ͏ʹ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ Ϗϧυ εΩϟϯ ϓογϡ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ ੬ऑੑݕग़࣌Τϥʔʹͯ͠ ϓογϡͤ͞ͳ͍ʂ σϓϩΠΤϥʔऴྃ Ϗϧυ εΩϟϯ ϓογϡ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ Φϓγϣϯ৭ʑ͋Γʂ ࢦఆͳ͠Ͱ͍͍ײ͡ʹಈ͖·͢ʂ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶃJNBHFTDBOOFSXJUIUSJWZ ΤσΟλ্ͰͷೖྗબɾೖྗิɾEPDग़ྗ ͳͲʹΑΓੜͷπʔϧΑΓศར͔ʂʁ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶄJNBHFTDBOOFSXJUIEPDLMF
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶄJNBHFTDBOOFSXJUIEPDLMF *HOPSFϧʔϧ͕ࢦఆՄೳʂ Ϗϧυ εΩϟϯ ϓογϡ
ࣗ࡞ίϯετϥΫτ "84$%,༻ ᶄJNBHFTDBOOFSXJUIEPDLMF *HOPSFϧʔϧ͕ࢦఆՄೳʂ Ϗϧυ εΩϟϯ ϓογϡ ੬ऑੑݕग़࣌Τϥʔʹͯ͠ ϓογϡͤ͞ͳ͍ʂ σϓϩΠΤϥʔऴྃ
ࣗ࡞ίϯετϥΫτ "84$%,༻ w 5SJWZͷެࣜυΩϡϝϯτͷΤίγεςϜϖʔδʹࡌͤͯΒ͍·ͨ͠ʂ
࠶ܝ ࣗ࡞ίϯετϥΫτ "84$%,༻ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIUSJWZ ˞IUUQTDPOTUSVDUTEFWQBDLBHFTJNBHFTDBOOFSXJUIEPDLMF ᶃ JNBHFTDBOOFSXJUIUSJWZ ˞ ᶄ
JNBHFTDBOOFSXJUIEPDLMF ˞ ˞ͱΓ͋͑ͣ5ZQF4DSJQUݶఆͰ༻Մೳ ࠓޙ͍͍͔͛ͯͳͱ ˞ ˞
$%,ͰͷΠϝʔδεΩϟϯํ๏ ཱ֬͞Ε͍ͯͳ͍ʁ
ཱ֬͞Ε·ͨ͠ʂ
·ͱΊ w "84$%,Ͱ ಉظతͳ ίϯςφΠϝʔδεΩϟϯͷํ๏ཱ֬͞Ε͍ͯͳ͍ ‣ Ϗϧυɾϓογϡࣗମ؆୯ ‣ &$3ͰͷඇಉظͳϓογϡεΩϟϯ͋Δ w
"84$%,༻ͷࣗ࡞ίϯετϥΫτΛ࡞ͬͨ 5SJWZ൛ɾ%PDLMF൛ ‣ 044ͱͯ͠$POTUSVDU)VCʹެ։ͨ͠ w $%,ͰͷίϯςφΠϝʔδεΩϟϯํ๏ཱ͕֬͞Εͨʂ ʁ ‣ Α͔ͬͨΒͬͯΈ͍ͯͩ͘͞
ࢀߟɿαϯϓϧίʔυ (JU)VC w "84$%,Ͱ ‣ JNBHFTDBOOFSXJUIUSJWZ ‣ JNBHFTDBOOFSXJUIEPDLMF w ΛͬͨαϯϓϧίʔυΛ(JU)VCʹࡌ͍ͤͯΔͷͰΑ͔ͬͨΒͥͻ
IUUQTHJUIVCDPNHPUPLDELJNBHFTDBOUFTU
એɿࣗ࡞"84πʔϧ044 ʲEFMTUBDLʳ"84$MPVE'PSNBUJPOελοΫڧ੍আπʔϧ ‣ IUUQTHPUPLIBUFOBCMPHDPNFOUSZEFMTUBDL ʲDMTʳ4όέοτߴআɾۭʹ͢Δπʔϧ όʔδϣχϯάରԠ ‣ IUUQTHPUPLIBUFOBCMPHDPNFOUSZDMT ʲMBNWFSʳ-BNCEBϥϯλΠϜόʔδϣϯݕࡧπʔϧ
Ϧʔδϣϯԣஅ ‣ IUUQTHPUPLIBUFOBCMPHDPNFOUSZMBNWFS
એɿDMTεϖΠϯޠهࣄ "84&TQBÑPM w "84&TQBÑPMͷํ͕ʮDMT 4আπʔϧ ʯͷεϖΠϯޠهࣄΛॻ͍ͯ͘Ε ·ͨ͠ʂ ‣ ͜ΕͰຊޠɾӳޠɾεϖΠϯޠͷ͔ࠃޠͷهࣄ͕ग़དྷ·ͨ͠ʂ IUUQTEFWUPBXTFTQBOPMDMTCVTRVFEBZFMJNJOBDJPONBTJWBEFCVDLFUTTHC
એɿDMTͷొஃ͠·͢ʂ w 4UPSBHF+"84ͷه೦͖͢ୈճʹ͓ݺͼ͖ɺDMTͷηογϣϯΛͤ͞ ͯ͘͜ͱʹͳΓ·ͨ͠ʂ ‣ ਫ 4UPSBHF+"84
5IBOL:PV LHPUP าͷςοΫ