Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
月額10円から作るServerLess Website
Search
Kunihiro Morita
March 21, 2016
Technology
47
19k
月額10円から作るServerLess Website
JAWS-UG福岡 2016/3/21「また濃い目にAWSの話をしてみよう」でお話した資料です。
Kunihiro Morita
March 21, 2016
Tweet
Share
More Decks by Kunihiro Morita
See All by Kunihiro Morita
絵で覚える AWS 全 (?) サービス入門 〜 できるAWSカルタ 〜/jawsug-20191019
morita92hiro
1
2.2k
決戦用MSセンチネル/alterbooth-20190606
morita92hiro
1
230
勝手にAlibaba Cloud White Beltシリーズ Elastic Compute Service(ECS)/alieaters-20190301
morita92hiro
0
370
夏休みで差がつく!Ansible/ansiblejp-20180803
morita92hiro
2
2.5k
希望のRancher〜コンテナをアウフヘーベン〜/ranchermeetup-20171006
morita92hiro
0
260
いまからDockerで始めるGitLab CE/gitlabjp-20170919
morita92hiro
1
1.3k
月額10円から作るServerless Website〜Azure編〜/serverlessfukuoka-20170825
morita92hiro
8
16k
コンテナ運用いきのこるには/ranchermeetup-20170807
morita92hiro
1
540
AWS Summit Tokyoをお探しですか?/jawsug-20170713
morita92hiro
0
150
Other Decks in Technology
See All in Technology
テストケースの自動生成に生成AIの導入を試みた話と生成AIによる今後の期待
shift_evolve
0
180
Classmethod Odyssey 登壇資料
yamahiro
0
390
エンジニア向け会社紹介資料
caddi_eng
14
220k
RAGのサービスをリリースして1年3ヶ月が経ちました
segavvy
4
900
AWS IAMのアンチパターン/AWSが考える最低権限実現へのアプローチ概略(JAWS-UG朝会#59資料改修20分版)
htan
0
330
シフトレフトで挑む セキュリティの生産性向上
sekido
PRO
0
270
Azure AI ことはじめ
tsubakimoto_s
0
130
コンテナ・K8s研修 - 後半 Kubernetes 基礎&ハンズオン【MIXI 24新卒技術研修】
mixi_engineers
PRO
1
120
AOAI Dev Day - Opening Session
yoshidashingo
2
430
AutomatedLabを使って内部ペンテストを勉強しよう! -やられ社内ネットワークの自動構築-
n_etupirka
1
610
スレットハンティングについて知っておきたいこと
hacket
0
130
What is DRE? - Road to SRE NEXT@広島
chanyou0311
3
620
Featured
See All Featured
The Brand Is Dead. Long Live the Brand.
mthomps
52
36k
Designing with Data
zakiwarfel
96
5k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
90
47k
Mobile First: as difficult as doing things right
swwweet
219
8.8k
Statistics for Hackers
jakevdp
792
220k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
245
1.2M
The Pragmatic Product Professional
lauravandoore
29
6.1k
Designing the Hi-DPI Web
ddemaree
276
34k
No one is an island. Learnings from fostering a developers community.
thoeni
17
2.8k
Infographics Made Easy
chrislema
238
18k
Adopting Sorbet at Scale
ufuk
71
8.8k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
36
9.1k
Transcript
ֹ݄10ԁ͔Β࡞Δ ServerLess Website 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 1
ాɹ༟ @morita92hiro kunihiro.morita.52 - ܦྺ - ΈࠐΈΤϯδχΞ - ΅ͬͪΠϯϑϥΤϯδχΞ 2013ʙ
2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 2
ʮ1܅ɺLPαΠτ࡞ͬ ͯɻCMS͍Βͳ͍ɻʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 3
>>1ʮS3ͷग़൪ʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 4
Static Website Hosting • ͙͢࡞ΔΕͯ(10ఔ) • ҆ͯ͘(ֹ݄10ԁʙ) • ݎ࿚(99.999999999%) 2016/3/21
JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 5
ʮ1܅ɺ͓͍߹Θͤϖʔδ࡞ͬͯʯ >>1 ʮS3੩త͔͠ɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 6
ʮ1܅ɺ͓͍߹Θͤʯ >>1 ʮ͍ɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 7
>>1ʮJSͰS3ʹPUT͓͍ͯ͠߹Θͤ σʔλஔ͍ͯɺʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 8
>>1ʮJS͕S3ͷॻ͖ࠐΈݖݶඞཁ ͠ɺJSʹೝূใॻ͖ࠐΉͷ ɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 9
>>1ʮͤʂCognito͕ ͋ΔΜʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 10
ະೝূήετʹॻ͖ࠐΈݖݶ • IAMͰCognitoʹS3ͷॻ͖ࠐΈݖݶΛ༩ • JSCognito͔ΒҰ࣌తͳAWSೝূใऔಘ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 11
// Cognito AWS.config.region = 'ap-northeast-1'; // Region AWS.config.credentials = new
AWS.CognitoIdentityCredentials({ IdentityPoolId: 'ap-northeast-1:12345679-1234-1234-1234-123456789012', }); AWS.config.credentials.get(); // S3 Put var s3 = new AWS.S3({ params: { Bucket: bucket } }); s3.putObject({ Key: now.getTime() + '.json', ContentType: 'application/json', Body: blob }, function(err, data) { if (data !== null) { alert('Success'); } else { alert('Fail'); } } ); 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 12
ิ • ͓͍߹Θͤσʔλஔ͖ͷS3όέοτʹCORSઃఆ • S3 PUT߈ܸ͞Εͨ͘ͳ͍ͷͰ͔ͬ͠Γ੍ݶ <?xml version="1.0" encoding="UTF-8"?> <CORSConfiguration
xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <CORSRule> <AllowedOrigin>http://hoge.com</AllowedOrigin> <AllowedMethod>PUT</AllowedMethod> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration> 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 13
>>1ʮ͓͍߹ΘͤΛͲ͏ͬͯΖ͏͔ɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 14
>>1ʮͤʂLambda͕ ͋ΔΜʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 15
LambdaͰαʔόʔϨεʹϝʔϧૹ৴ • S3ϑΝΠϧՃΠϕϯτΛτϦΨʔʹLambdaΩοΫ • Lambda͔ΒSESͰϝʔϧૹ৴ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 16
>>1ʮϝʔϧ௨͚͚ͩͩͲɺޙ͔Β Ճ͘͢͠ɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 17
>>1ʮSNSڬΜͲ͚͍ ͍Ζʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 18
நతʹ • S3ΠϕϯτΛSNSܦ༝ͰLambdaΩοΫ • ΞΫγϣϯՃSNSαϒεΫϦϓγϣϯՃ͚ͩͰࡁΉ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 19
ʮ1܅ɺS3͍͠HTTP ͷΈɻ࣌HTTPSʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 20
>>1ʮCloudFrontͰര ʹͨ͠Δʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 21
CDN • ίϯςϯπσϦόϦʔαʔϏε • GzipѹॖػೳͰ͞Βʹߴɺసૹίετݮʂ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 22
ʮ1܅ɺαʔόʔূ໌ॻ͍҆ͷͰʯ >>1ʮɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 23
>>1ʮͤʂACM͕͋Δ Μʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 24
AWSͷແྉSSLূ໌ॻ • υϝΠϯೝূ(DV) • ରԠαʔϏεCloudFrontͱELB(us-east-1ͷΈ) 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 25
>>1ʮͳΜ͔߈ܸ͞Εͯ Δؾ͕͢ɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 26
ิ ̏ߦͰΞΫηεղੳ • S3, CloudFrontͷΞΫηεϩάS3ʹग़ྗՄೳ • ΞΫηεϩά͕S3PUT͞ΕͨτϦΨʔͰLambdaΩοΫ • Lambda͔ΒElasticsearchʹ์ΓࠐΜͰKibanaͰੳ 2016/3/21
JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 27
>>1ʮWAFͰϒϩοΫʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 28
WAF • ରԠαʔϏεCloudFrontͷΈ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 29
>>1ʮੲCloudFrontམͪͨɻ·ͨݺ ͼग़͞Εͨ͘ͳ͍ϯΰɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 30
>>1ʮRoute53ʹม͑Δʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 31
҆৺ͷSLA100%ͷDNS • DNSϔϧενΣοΫͰCloudFrontΛࢹ • ϔϧενΣοΫNGͰS3ʹDNSΓସ͑(ϑΣΠϧΦʔόʔ) 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 32
ʮ1܅ɺܞଳʹϝʔϧಧ͔ͳ͍Μͩʯ >>1ʮSESΩϟϦΞϝʔϧ͕͕ɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 33
>>1ʮSendGridʹมߋɻͰ LambdaʹೝূใΛຒΊࠐΈͨ͘ͳ ͍ϯΰɾɾɾʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 34
>>1ʮͤʂKMS͕͋Δ Μʂʯ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 35
҉߸ˍ෮߸ • KMSͰೝূใΛ҉߸Խͯ͠ຒΊࠐΈ • ͏ͱ͖ʹKMSͰ෮߸ɻLambdaʹ෮߸ͷIAM Role༩͑Δɻ 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 36
·ͱΊ • ֹ݄10ԁ͙Β͍ • ֹ݄1000ԁ͙Β͍?ɺWAFআ͚300ԁ͙Β͍? 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 37
σϞ (σϞΠϝʔδͰ͢) 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 38
͓ΘΓ! 2016/3/21 JAWS-UGԬ ·ͨೱ͍ʹAWSͷΛͯ͠ΈΑ͏ 39