Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS Summit Tokyo の思ひ出/Memories_of_AWS_Summit_To...
Search
Yohei Kawahara
July 13, 2017
0
92
AWS Summit Tokyo の思ひ出/Memories_of_AWS_Summit_Tokyo_2017
JAWS-UG 福岡@集団山見せと AWS Summit Tokyo 振り返ら Night#5
Yohei Kawahara
July 13, 2017
Tweet
Share
More Decks by Yohei Kawahara
See All by Yohei Kawahara
20191002_CircleCIMeetupFukuoka#2
inokappa
1
840
kix_009_20190429
inokappa
0
840
2019-04-18 CircleCI Meetup Fukuoka #1
inokappa
2
8.3k
開発で使える AWS の API 操作を模倣する (OSS) ツールを探してみた/JAWS-UG Kagoshima Vol.8
inokappa
1
1.2k
隙間時間を使って exercism.io を始め隊 | リモートで勉強会 #2
inokappa
0
440
Congratulations fukuokarb#100
inokappa
0
4k
moto を 'もっと' 使おう/PyFukuoka#4
inokappa
0
4.6k
github-enterprise-user-kai-desuyone
inokappa
0
110
Elixir and AWS Tutorial
inokappa
0
560
Featured
See All Featured
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
11
1.4k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Automating Front-end Workflow
addyosmani
1369
200k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.5k
The Power of CSS Pseudo Elements
geoffreycrofte
76
5.7k
BBQ
matthewcrist
87
9.5k
A better future with KSS
kneath
238
17k
Typedesign – Prime Four
hannesfritz
41
2.6k
What's in a price? How to price your products and services
michaelherold
244
12k
Mobile First: as difficult as doing things right
swwweet
223
9.5k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
49k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
28
2k
Transcript
AWS Summit Tokyo ͷ ࢥͻग़ JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5 1 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͋Μͨ୭Ͷʁ • ݪ ༸ฏ(ʮ͔ͬͺʯͱݺΜͰͶ ! ) • iret גࣜձࣾ cloudpack
ࣄۀ෦ • Github : inokappa • twitter : @inokara • Facebook : inokappa • Blog : http:/ /inokara.hateblo.jp 2 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
࣮... 3 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS GameDay 2016 ༏উϝϯόʔ Ͱ͢ 4 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
ΞδΣϯμ 1. AWS Summit Tokyo ͷࢥ͍ग़ΛࡾߦͰ 2. ηογϣϯৼΓฦΓ ʙ DevSecOps
on AWS - Policy in Code ʙ 5 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS Summit Tokyo ͷ ࢥ͍ग़ΛࡾߦͰ 6 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
ࡾߦ • ձ͕େ͖͍ • ͱʹ͔͘ਓ͕ଟ͍ • ৭ΜͳҙຯͰ͍ʢॵ͍ʣ 7 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
ձ͕େ͖͍ • άϥϯυϓϦϯεϗςϧ৽ߴྠͱ ϓϦϯεϗςϧΛିͬͯࣥ͠ΓߦΘ Εͨ • ϗςϧΛೋͭି͠ΔύϫʔΛೋͭͷ ϗςϧΛߦ͖དྷ͠ͳ͕Βײͨ͡ 8 JAWS-UG
Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͱʹ͔͘ਓ͕ଟ͍ • ࢀՃऀ͞Δ͜ͱͳ͕Βɺһͷਓ͕ͨͪଟ͔ͬͨ • ͓ӄ༷Ͱ΄ͱΜͲ໎͏͜ͱͳ͘తͷձ·ͰḷΓண͚Δͨ 9 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit
Tokyo ৼΓฦΒ Night#5
৭ΜͳҙຯͰ͍ʢॵ͍ʣ • ਓ͕ଟ͍ͷͰવ...ώʔτΞΠϥϯυ • ίϯύχΦϯͷ͓࢞ͪΌΜʹυΪϚΪͯ͠৺ഥ্͕ͬͯମ Թ্͕Δ 10 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
͜ΕΒ࣮ࡍʹࢀՃ͠ ͨਓʹ͔͠ղΒͳ͍͚ ͲɺͲʔͰΠΠࣄͰ ͟͝Δʢʣ 11 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5
ͦͯ͠ɺࢀՃग़དྷͳͯ͘... 12 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
13 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
14 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
΄΅΄΅ʢ˞ʣࢿྉ ಈըެ։͞Ε͍ͯ Δʂ͋Γ͕ͨɺ͋Γ ͕ͨ ※ ࢿྉͷΈಈըඇެ։ͱ͍͏ύλʔϯ͋Δ 15 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
ͱ͍͏͜ͱͰɺࢀՃ͠ ͨηογϣϯͷৄ͍͠ ༰ׂѪʂͤͯ͞ ͖·͢ͷͰ... ※ ಈըࢿྉΛޚཡ͍ͩ͘͞ʂ! 16 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS
Summit Tokyo ৼΓฦΒ Night#5
ऴΘΓʂ 17 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
18 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͑ɺ ͏ऴΘΓʂʁ 19 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࣗओن੍ 20 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͱ͍͏͜ͱͰ... 21 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࢀՃͨ͠ηογϣϯ͔ Β໘ന͍σϞΛͬͯ ͍ͨηογϣϯΛৼΓ ฦͬͯΈ·͢ 22 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo
ৼΓฦΒ Night#5
͕ࣗࢀՃͨ͠ηογϣϯ 1. DevSecOps on AWS - Policy in Code 2.
[ϝϧΧϦ] Cloud connect the world as a Glue 3. [Intelligence] ΦϯϓϨ͔ΒҠߦ͢ΔͷͰɺAmazon ECS Ͱίϯς φԽͱ Terraform ͰΠϯϑϥίʔυԽͨ͠ 23 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ࡾͭͷத͔Β DevSecOps on AWS - Policy in Code Λͬ͘͟ Γհ͠·͢
24 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
DevSecOps on AWS - Policy in Code 25 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
DevSecOps on AWS - Policy in Code ʢུʣεϞʔϧελʔτ AWS Ϋϥυͷྑ͞Ͱ͕͢ɺن͕େ
͖͘ͳΔʹ࿈Εɺ։ൃ͕ෳͷ AWS ΞΧϯτʹ·͕ͨͬͨΓɺ ΑΓηΩϡϦςΟɾΨόφϯεͷڧԽΛٻΊΒΕΔ͜ͱ͕͋Γ· ͢ɻຊηογϣϯͰɺσϕϩούʔͷօ͞Μ͕ར༻͢Δ AWS Ϋ ϥυڥཧΛԿʹࣗಈԽͤ͞ɺ։ൃʹूதͰ͖ΔڥΛσ ϓϩΠ͢Δ͔ʹ͍ͭͯσϞΛަ͓͖͑ͤͯ͞·͢ʢུʣ 26 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
ͦͦɺDevSecOps ͬͯ • ձͰʮԶ DevSecOps ͬͯΔͥʯͬͯਓҰׂ͘Β͍ • DevOps (Developer:։ൃ ͱ
Operation:ӡ༻͕࿈ܞͯ͠ڠྗ͢Δ։ ൃٕ๏) ͷ֤ఔͷதͰ Security Ճͯࣗ͠ಈԽΛਤΔࢥ • ࣗಈԽʢSecurity AutomationʣΛ DevOps ͱҰॹʹӡ༻͢Δͷ ͍͠ • ͦͦηΩϡϦςΟϧʔϧͷӡ༻ࣗମ͕োนͱͳΓ͏Δ 27 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
AWS ͳΒ֤αʔϏεΛ Έ߹Θͤͯɺ؆୯ʹ Security Automation Λ ӡ༻ग़དྷΔʂ 28 JAWS-UG Ԭ@ूஂࢁݟͤͱ
AWS Summit Tokyo ৼΓฦΒ Night#5
Security Automation • Security Control • Proactive Monitoring 29 JAWS-UG
Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Security Control • ͍ΘΏΔݖݶཧ • IAM Role ͱ STS Λར༻ͨ͠Ұ࣌తͳೝূใ͕ॏཁ
• STS Λར༻͢Δ͜ͱͰҰ࣌తͳೝূใͷൃߦ͕ՄೳʢAssume Role ͢Δʣ • ݖݶ͕ߜΒΕ͍ͯΔͷͰɺ։ൃऀ͕͍͍ͨαʔϏεΛ͙ʹ ར༻ग़དྷͳ͍߹͕͋Δ 30 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Proactive Monitoring • ͋Β͔͡Ί؇ΊͷݖݶΛ༩͓͍͑ͯͯɺ֤छΠϕϯτΛࢹ͠ ͯɺͦΕʹԠͯ͡ΞΫγϣϯΛى͜͢ΈΛ࣮͢Δ • ؔ࿈͢ΔαʔϏε • CloudTrailʢAPI ૢ࡞ͷϩΪϯάʣ
• CloudWatch Eventsʢ֤छΠϕϯτΛݕͯ͠ΞΫγϣϯʣ • Configʢมߋཧʣ 31 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
Proactive Monitoring ͷσϞ 32 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ
Night#5
Proactive Monitoring ͷσϞ 33 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ
Night#5
ࢀߟ URL • https:/ /www.youtube.com/watch?v=s5JD82594uY ! • https:/ /d0.awsstatic.com/events/jp/2017/summit/devday/ D3T7-2.pdf
! • http:/ /qiita.com/sgp/items/07a9d1a40870b3faf75f ! • http:/ /dev.classmethod.jp/cloud/aws-summit-2017-report-dev- day-d3t7-2/ ! • https:/ /www.fsz.co.jp/?press=aws-summit-dev-day-2017-tokyo- 34 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
͓ΘΓ 35 JAWS-UG Ԭ@ूஂࢁݟͤͱ AWS Summit Tokyo ৼΓฦΒ Night#5
inokappa
reverentgeek
chriscoyier
addyosmani
mongodb
geoffreycrofte
matthewcrist
kneath
hannesfritz
michaelherold
swwweet
chrisshort
marcduiker
