Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS Summit Tokyo の思ひ出/Memories_of_AWS_Summit_To...
Search
Yohei Kawahara
July 13, 2017
0
110
AWS Summit Tokyo の思ひ出/Memories_of_AWS_Summit_Tokyo_2017
JAWS-UG 福岡@集団山見せと AWS Summit Tokyo 振り返ら Night#5
Yohei Kawahara
July 13, 2017
Tweet
Share
More Decks by Yohei Kawahara
See All by Yohei Kawahara
20191002_CircleCIMeetupFukuoka#2
inokappa
1
870
kix_009_20190429
inokappa
0
870
2019-04-18 CircleCI Meetup Fukuoka #1
inokappa
2
8.6k
開発で使える AWS の API 操作を模倣する (OSS) ツールを探してみた/JAWS-UG Kagoshima Vol.8
inokappa
1
1.3k
隙間時間を使って exercism.io を始め隊 | リモートで勉強会 #2
inokappa
0
480
Congratulations fukuokarb#100
inokappa
0
4.1k
moto を 'もっと' 使おう/PyFukuoka#4
inokappa
0
4.7k
github-enterprise-user-kai-desuyone
inokappa
0
130
Elixir and AWS Tutorial
inokappa
0
600
Featured
See All Featured
RailsConf 2023
tenderlove
30
1.2k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
132
19k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.7k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
657
61k
It's Worth the Effort
3n
187
28k
KATA
mclloyd
32
15k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.6k
Designing for humans not robots
tammielis
254
25k
Optimizing for Happiness
mojombo
379
70k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
32
2.2k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Making Projects Easy
brettharned
119
6.4k
Transcript
AWS Summit Tokyo ͷ ࢥͻग़ JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5 1 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͋Μͨ୭Ͷʁ • ݪ ༸ฏ(ʮ͔ͬͺʯͱݺΜͰͶ ! ) • iret גࣜձࣾ cloudpack
ࣄۀ෦ • Github : inokappa • twitter : @inokara • Facebook : inokappa • Blog : http:/ /inokara.hateblo.jp 2 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
࣮... 3 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS GameDay 2016 ༏উϝϯόʔ Ͱ͢ 4 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
ΞδΣϯμ 1. AWS Summit Tokyo ͷࢥ͍ग़ΛࡾߦͰ 2. ηογϣϯৼΓฦΓ ʙ DevSecOps
on AWS - Policy in Code ʙ 5 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS Summit Tokyo ͷ ࢥ͍ग़ΛࡾߦͰ 6 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
ࡾߦ • ձ͕େ͖͍ • ͱʹ͔͘ਓ͕ଟ͍ • ৭ΜͳҙຯͰ͍ʢॵ͍ʣ 7 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
ձ͕େ͖͍ • άϥϯυϓϦϯεϗςϧ৽ߴྠͱ ϓϦϯεϗςϧΛିͬͯࣥ͠ΓߦΘ Εͨ • ϗςϧΛೋͭି͠ΔύϫʔΛೋͭͷ ϗςϧΛߦ͖དྷ͠ͳ͕Βײͨ͡ 8 JAWS-UG
Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͱʹ͔͘ਓ͕ଟ͍ • ࢀՃऀ͞Δ͜ͱͳ͕Βɺһͷਓ͕ͨͪଟ͔ͬͨ • ͓ӄ༷Ͱ΄ͱΜͲ໎͏͜ͱͳ͘తͷձ·ͰḷΓண͚Δͨ 9 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
৭ΜͳҙຯͰ͍ʢॵ͍ʣ • ਓ͕ଟ͍ͷͰવ...ώʔτΞΠϥϯυ • ίϯύχΦϯͷ͓࢞ͪΌΜʹυΪϚΪͯ͠৺ഥ্͕ͬͯମ Թ্͕Δ 10 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
͜ΕΒ࣮ࡍʹࢀՃ͠ ͨਓʹ͔͠ղΒͳ͍͚ ͲɺͲʔͰΠΠࣄͰ ͟͝Δʢʣ 11 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5
ͦͯ͠ɺࢀՃग़དྷͳͯ͘... 12 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
13 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
14 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
΄΅΄΅ʢ˞ʣࢿྉ ಈըެ։͞Ε͍ͯ Δʂ͋Γ͕ͨɺ͋Γ ͕ͨ ※ ࢿྉͷΈಈըඇެ։ͱ͍͏ύλʔϯ͋Δ 15 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
ͱ͍͏͜ͱͰɺࢀՃ͠ ͨηογϣϯͷৄ͍͠ ༰ׂѪʂͤͯ͞ ͖·͢ͷͰ... ※ ಈըࢿྉΛޚཡ͍ͩ͘͞ʂ! 16 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
ऴΘΓʂ 17 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
18 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͑ɺ ͏ऴΘΓʂʁ 19 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࣗओن੍ 20 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͱ͍͏͜ͱͰ... 21 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࢀՃͨ͠ηογϣϯ͔ Β໘ന͍σϞΛͬͯ ͍ͨηογϣϯΛৼΓ ฦͬͯΈ·͢ 22 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5
͕ࣗࢀՃͨ͠ηογϣϯ 1. DevSecOps on AWS - Policy in Code 2.
[ϝϧΧϦ] Cloud connect the world as a Glue 3. [Intelligence] ΦϯϓϨ͔ΒҠߦ͢ΔͷͰɺAmazon ECS Ͱίϯς φԽͱ Terraform ͰΠϯϑϥίʔυԽͨ͠ 23 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࡾͭͷத͔Β DevSecOps on AWS - Policy in Code Λͬ͘͟ Γհ͠·͢
24 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
DevSecOps on AWS - Policy in Code 25 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
DevSecOps on AWS - Policy in Code ʢུʣεϞʔϧελʔτ AWS Ϋϥυͷྑ͞Ͱ͕͢ɺن͕େ
͖͘ͳΔʹ࿈Εɺ։ൃ͕ෳͷ AWS ΞΧϯτʹ·͕ͨͬͨΓɺ ΑΓηΩϡϦςΟɾΨόφϯεͷڧԽΛٻΊΒΕΔ͜ͱ͕͋Γ· ͢ɻຊηογϣϯͰɺσϕϩούʔͷօ͞Μ͕ར༻͢Δ AWS Ϋ ϥυڥཧΛԿʹࣗಈԽͤ͞ɺ։ൃʹूதͰ͖ΔڥΛσ ϓϩΠ͢Δ͔ʹ͍ͭͯσϞΛަ͓͖͑ͤͯ͞·͢ʢུʣ 26 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͦͦɺDevSecOps ͬͯ • ձͰʮԶ DevSecOps ͬͯΔͥʯͬͯਓҰׂ͘Β͍ • DevOps (Developer:։ൃ ͱ
Operation:ӡ༻͕࿈ܞͯ͠ڠྗ͢Δ։ ൃٕ๏) ͷ֤ఔͷதͰ Security Ճͯࣗ͠ಈԽΛਤΔࢥ • ࣗಈԽʢSecurity AutomationʣΛ DevOps ͱҰॹʹӡ༻͢Δͷ ͍͠ • ͦͦηΩϡϦςΟϧʔϧͷӡ༻ࣗମ͕োนͱͳΓ͏Δ 27 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS ͳΒ֤αʔϏεΛ Έ߹Θͤͯɺ؆୯ʹ Security Automation Λ ӡ༻ग़དྷΔʂ 28 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
Security Automation • Security Control • Proactive Monitoring 29 JAWS-UG
Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Security Control • ͍ΘΏΔݖݶཧ • IAM Role ͱ STS Λར༻ͨ͠Ұ࣌తͳೝূใ͕ॏཁ
• STS Λར༻͢Δ͜ͱͰҰ࣌తͳೝূใͷൃߦ͕ՄೳʢAssume Role ͢Δʣ • ݖݶ͕ߜΒΕ͍ͯΔͷͰɺ։ൃऀ͕͍͍ͨαʔϏεΛ͙ʹ ར༻ग़དྷͳ͍߹͕͋Δ 30 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Proactive Monitoring • ͋Β͔͡Ί؇ΊͷݖݶΛ༩͓͍͑ͯͯɺ֤छΠϕϯτΛࢹ͠ ͯɺͦΕʹԠͯ͡ΞΫγϣϯΛى͜͢ΈΛ࣮͢Δ • ؔ࿈͢ΔαʔϏε • CloudTrailʢAPI ૢ࡞ͷϩΪϯάʣ
• CloudWatch Eventsʢ֤छΠϕϯτΛݕͯ͠ΞΫγϣϯʣ • Configʢมߋཧʣ 31 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Proactive Monitoring ͷσϞ 32 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ
Night#5
Proactive Monitoring ͷσϞ 33 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ
Night#5
ࢀߟ URL • https:/ /www.youtube.com/watch?v=s5JD82594uY ! • https:/ /d0.awsstatic.com/events/jp/2017/summit/devday/ D3T7-2.pdf
! • http:/ /qiita.com/sgp/items/07a9d1a40870b3faf75f ! • http:/ /dev.classmethod.jp/cloud/aws-summit-2017-report-dev- day-d3t7-2/ ! • https:/ /www.fsz.co.jp/?press=aws-summit-dev-day-2017-tokyo- 34 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͓ΘΓ 35 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
inokappa
tenderlove
morganepeng
reverentgeek
lemiorhan
3n
mclloyd
tammielis
mojombo
marcduiker
marcelosomers
brettharned
