Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS Summit Tokyo の思ひ出/Memories_of_AWS_Summit_To...
Search
Yohei Kawahara
July 13, 2017
0
93
AWS Summit Tokyo の思ひ出/Memories_of_AWS_Summit_Tokyo_2017
JAWS-UG 福岡@集団山見せと AWS Summit Tokyo 振り返ら Night#5
Yohei Kawahara
July 13, 2017
Tweet
Share
More Decks by Yohei Kawahara
See All by Yohei Kawahara
20191002_CircleCIMeetupFukuoka#2
inokappa
1
840
kix_009_20190429
inokappa
0
850
2019-04-18 CircleCI Meetup Fukuoka #1
inokappa
2
8.3k
開発で使える AWS の API 操作を模倣する (OSS) ツールを探してみた/JAWS-UG Kagoshima Vol.8
inokappa
1
1.2k
隙間時間を使って exercism.io を始め隊 | リモートで勉強会 #2
inokappa
0
440
Congratulations fukuokarb#100
inokappa
0
4k
moto を 'もっと' 使おう/PyFukuoka#4
inokappa
0
4.6k
github-enterprise-user-kai-desuyone
inokappa
0
110
Elixir and AWS Tutorial
inokappa
0
560
Featured
See All Featured
A Modern Web Designer's Workflow
chriscoyier
693
190k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
16
1.1k
A designer walks into a library…
pauljervisheath
205
24k
Product Roadmaps are Hard
iamctodd
PRO
52
11k
Why Our Code Smells
bkeepers
PRO
336
57k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
21k
Music & Morning Musume
bryan
46
6.4k
Visualization
eitanlees
146
16k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
22
2.6k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
The Cult of Friendly URLs
andyhume
78
6.3k
Transcript
AWS Summit Tokyo ͷ ࢥͻग़ JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5 1 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͋Μͨ୭Ͷʁ • ݪ ༸ฏ(ʮ͔ͬͺʯͱݺΜͰͶ ! ) • iret גࣜձࣾ cloudpack
ࣄۀ෦ • Github : inokappa • twitter : @inokara • Facebook : inokappa • Blog : http:/ /inokara.hateblo.jp 2 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
࣮... 3 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS GameDay 2016 ༏উϝϯόʔ Ͱ͢ 4 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
ΞδΣϯμ 1. AWS Summit Tokyo ͷࢥ͍ग़ΛࡾߦͰ 2. ηογϣϯৼΓฦΓ ʙ DevSecOps
on AWS - Policy in Code ʙ 5 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS Summit Tokyo ͷ ࢥ͍ग़ΛࡾߦͰ 6 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
ࡾߦ • ձ͕େ͖͍ • ͱʹ͔͘ਓ͕ଟ͍ • ৭ΜͳҙຯͰ͍ʢॵ͍ʣ 7 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
ձ͕େ͖͍ • άϥϯυϓϦϯεϗςϧ৽ߴྠͱ ϓϦϯεϗςϧΛିͬͯࣥ͠ΓߦΘ Εͨ • ϗςϧΛೋͭି͠ΔύϫʔΛೋͭͷ ϗςϧΛߦ͖དྷ͠ͳ͕Βײͨ͡ 8 JAWS-UG
Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͱʹ͔͘ਓ͕ଟ͍ • ࢀՃऀ͞Δ͜ͱͳ͕Βɺһͷਓ͕ͨͪଟ͔ͬͨ • ͓ӄ༷Ͱ΄ͱΜͲ໎͏͜ͱͳ͘తͷձ·ͰḷΓண͚Δͨ 9 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
৭ΜͳҙຯͰ͍ʢॵ͍ʣ • ਓ͕ଟ͍ͷͰવ...ώʔτΞΠϥϯυ • ίϯύχΦϯͷ͓࢞ͪΌΜʹυΪϚΪͯ͠৺ഥ্͕ͬͯମ Թ্͕Δ 10 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
͜ΕΒ࣮ࡍʹࢀՃ͠ ͨਓʹ͔͠ղΒͳ͍͚ ͲɺͲʔͰΠΠࣄͰ ͟͝Δʢʣ 11 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5
ͦͯ͠ɺࢀՃग़དྷͳͯ͘... 12 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
13 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
14 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
΄΅΄΅ʢ˞ʣࢿྉ ಈըެ։͞Ε͍ͯ Δʂ͋Γ͕ͨɺ͋Γ ͕ͨ ※ ࢿྉͷΈಈըඇެ։ͱ͍͏ύλʔϯ͋Δ 15 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
ͱ͍͏͜ͱͰɺࢀՃ͠ ͨηογϣϯͷৄ͍͠ ༰ׂѪʂͤͯ͞ ͖·͢ͷͰ... ※ ಈըࢿྉΛޚཡ͍ͩ͘͞ʂ! 16 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
ऴΘΓʂ 17 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
18 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͑ɺ ͏ऴΘΓʂʁ 19 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࣗओن੍ 20 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͱ͍͏͜ͱͰ... 21 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࢀՃͨ͠ηογϣϯ͔ Β໘ന͍σϞΛͬͯ ͍ͨηογϣϯΛৼΓ ฦͬͯΈ·͢ 22 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5
͕ࣗࢀՃͨ͠ηογϣϯ 1. DevSecOps on AWS - Policy in Code 2.
[ϝϧΧϦ] Cloud connect the world as a Glue 3. [Intelligence] ΦϯϓϨ͔ΒҠߦ͢ΔͷͰɺAmazon ECS Ͱίϯς φԽͱ Terraform ͰΠϯϑϥίʔυԽͨ͠ 23 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࡾͭͷத͔Β DevSecOps on AWS - Policy in Code Λͬ͘͟ Γհ͠·͢
24 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
DevSecOps on AWS - Policy in Code 25 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
DevSecOps on AWS - Policy in Code ʢུʣεϞʔϧελʔτ AWS Ϋϥυͷྑ͞Ͱ͕͢ɺن͕େ
͖͘ͳΔʹ࿈Εɺ։ൃ͕ෳͷ AWS ΞΧϯτʹ·͕ͨͬͨΓɺ ΑΓηΩϡϦςΟɾΨόφϯεͷڧԽΛٻΊΒΕΔ͜ͱ͕͋Γ· ͢ɻຊηογϣϯͰɺσϕϩούʔͷօ͞Μ͕ར༻͢Δ AWS Ϋ ϥυڥཧΛԿʹࣗಈԽͤ͞ɺ։ൃʹूதͰ͖ΔڥΛσ ϓϩΠ͢Δ͔ʹ͍ͭͯσϞΛަ͓͖͑ͤͯ͞·͢ʢུʣ 26 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͦͦɺDevSecOps ͬͯ • ձͰʮԶ DevSecOps ͬͯΔͥʯͬͯਓҰׂ͘Β͍ • DevOps (Developer:։ൃ ͱ
Operation:ӡ༻͕࿈ܞͯ͠ڠྗ͢Δ։ ൃٕ๏) ͷ֤ఔͷதͰ Security Ճͯࣗ͠ಈԽΛਤΔࢥ • ࣗಈԽʢSecurity AutomationʣΛ DevOps ͱҰॹʹӡ༻͢Δͷ ͍͠ • ͦͦηΩϡϦςΟϧʔϧͷӡ༻ࣗମ͕োนͱͳΓ͏Δ 27 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS ͳΒ֤αʔϏεΛ Έ߹Θͤͯɺ؆୯ʹ Security Automation Λ ӡ༻ग़དྷΔʂ 28 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
Security Automation • Security Control • Proactive Monitoring 29 JAWS-UG
Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Security Control • ͍ΘΏΔݖݶཧ • IAM Role ͱ STS Λར༻ͨ͠Ұ࣌తͳೝূใ͕ॏཁ
• STS Λར༻͢Δ͜ͱͰҰ࣌తͳೝূใͷൃߦ͕ՄೳʢAssume Role ͢Δʣ • ݖݶ͕ߜΒΕ͍ͯΔͷͰɺ։ൃऀ͕͍͍ͨαʔϏεΛ͙ʹ ར༻ग़དྷͳ͍߹͕͋Δ 30 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Proactive Monitoring • ͋Β͔͡Ί؇ΊͷݖݶΛ༩͓͍͑ͯͯɺ֤छΠϕϯτΛࢹ͠ ͯɺͦΕʹԠͯ͡ΞΫγϣϯΛى͜͢ΈΛ࣮͢Δ • ؔ࿈͢ΔαʔϏε • CloudTrailʢAPI ૢ࡞ͷϩΪϯάʣ
• CloudWatch Eventsʢ֤छΠϕϯτΛݕͯ͠ΞΫγϣϯʣ • Configʢมߋཧʣ 31 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Proactive Monitoring ͷσϞ 32 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ
Night#5
Proactive Monitoring ͷσϞ 33 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ
Night#5
ࢀߟ URL • https:/ /www.youtube.com/watch?v=s5JD82594uY ! • https:/ /d0.awsstatic.com/events/jp/2017/summit/devday/ D3T7-2.pdf
! • http:/ /qiita.com/sgp/items/07a9d1a40870b3faf75f ! • http:/ /dev.classmethod.jp/cloud/aws-summit-2017-report-dev- day-d3t7-2/ ! • https:/ /www.fsz.co.jp/?press=aws-summit-dev-day-2017-tokyo- 34 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͓ΘΓ 35 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
inokappa
chriscoyier
honnibal
pauljervisheath
iamctodd
bkeepers
caitiem20
bryan
eitanlees
eileencodes
keithpitt
andyhume
