Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ヤプリにおけるAWS Control Towerの活用 / Using AWS ControlTower in Yappli

MotokiHabuchi
October 04, 2022
Technology
0
310

ヤプリにおけるAWS Control Towerの活用 / Using AWS ControlTower in Yappli

Yappli Tech Conference 2022の発表資料です。

MotokiHabuchi

October 04, 2022
Tweet

More Decks by MotokiHabuchi

See All by MotokiHabuchi
コード化できていなかったヤプリをTerraform文化に変えていった話
motokihabuchi
2
390
Fargateでサクっとバッチ処理実行してみる/quick-batch-processing-in-Fargate.
motokihabuchi
0
39
re:Inventラスベガスはこうやって楽しむんや / lasvegas-tanoshimu2019
motokihabuchi
0
930
re:Inventはこうやって楽しむんや / reinvent-wa-ko-yatte-tanoshimunnya
motokihabuchi
0
510
ヤプリの完全にモダンとは言いづらいけど、そこそこ攻めてるインフラ環境をもっと良くしたいエンジニアを募集しています。 / Yappli's infrastructure environment
motokihabuchi
0
1.4k
【AWS re:Invent報告会 by Yappli】で、結局re:Inventって何なの? / What is re: Invent?
motokihabuchi
0
870
【YappliMeetup#3】Fargateでサクッと作る開発環境 / Make development environment with Fargate
motokihabuchi
0
290
【JAWS-UGさいたま】20170610_CFnでALBとWAFを連携
motokihabuchi
0
260

Other Decks in Technology

See All in Technology
学びが形になる!〜DeNAで6年間プロダクト開発に携わって学んだこと〜
dena_tech
PRO
0
350
開幕LT
makamaka
0
360
八王子からお届けするノベルティ - YAPC::Kyoto 2023
uzulla
0
390
BUILD UP for Web3 engineer
aramaki
0
310
大規模言語モデルで変わるMLシステム開発
hirosatogamo
11
8.5k
Autonomous Database Cloud 技術詳細 / adb-s_technical_detail_jp
oracle4engineer
PRO
10
24k
ビギナー向け エッジランタイムのすすめ | エッジランタイムを意識した開発をはじめよう
aiji42
1
610
就活は相談したもの勝ち
carta_engineering
0
120
Svelte/SvelteKitを採用した理由とその魅力
oekazuma
3
200
未来の開発者へ負債を残さないために取り組んだこと
hayatokudou
0
200
チームで導入する Jetpack Compose あの素晴らしいLTをもう一度.ver
kako351
1
160
Invitation to K8s-Docs ja
nasa9084
0
770

Featured

See All Featured
Intergalactic Javascript Robots from Outer Space
tanoku
261
26k
Designing for Performance
lara
600
65k
Fashionably flexible responsive web design (full day workshop)
malarkey
396
64k
Bootstrapping a Software Product
garrettdimon
299
110k
How GitHub (no longer) Works
holman
299
140k
What the flash - Photography Introduction
edds
64
10k
No one is an island. Learnings from fostering a developers community.
thoeni
12
1.6k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
217
21k
Atom: Resistance is Futile
akmur
256
24k
Designing with Data
zakiwarfel
91
4.3k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
The Art of Programming - Codeland 2020
erikaheidi
36
11k

Transcript



  1. AWS Control Tower
    SESSION 04

    View Slide

  2. @modokkin




    2018


    Youtube
    🙇


    https://www.youtube.com/c/timesyappliradio

    View Slide

  3. INDEX
    01
    02
    03
    04
    05
    AWS
    AWS Control Tower
    AWS Control Tower
    AWS Control Tower

    View Slide

  4. 01


    AWS

    View Slide

  5. AWS CloudTrail


    AWS
    AWS Con
    fi
    g


    AWS
    AWS Organizations


    AWS IAM Identity Center


    (AWS Single Sign-On )


    View Slide

  6. AWS
    Production Staging
    Production Account
    Develop
    AWS CloudTrail AWS Con
    fi
    g

    View Slide

  7. Production Staging
    Production Account
    Develop
    Develop Account
    AWS CloudTrail AWS Con
    fi
    g AWS CloudTrail AWS Con
    fi
    g

    View Slide

  8. Production Staging
    Production
    Corporate
    AWS CloudTrail AWS Con
    fi
    g
    Develop Corporate
    Develop
    AWS CloudTrail AWS Con
    fi
    g AWS CloudTrail AWS Con
    fi
    g

    View Slide

  9. Production Staging
    Production
    etc.
    Develop
    Develop
    Corporate
    Corporate

    View Slide

  10. AWS Organizations
    Workloads OU
    Production OU
    SCP
    Staging OU
    Develop OU
    SCP
    SCP
    Security OU
    SCP
    SCP
    Exceptions OU
    SCP

    View Slide

  11. AWS IAM Identity Center
    (AWS Single Sign-On )
    IAM User
    IAM
    AWS IAM Identity Center
    okta

    View Slide

  12. AWS IAM Identity Center IAM


    AWS Organizations


    ( OU SCP )


    SCP( )
    1


    AWS Config

    View Slide



  13. AWS

    View Slide

  14. 02 AWS Control Tower

    View Slide

  15. AWS
    : https://aws.amazon.com/jp/controltower/

    View Slide

  16. Guardrails( )
    AWS Control Tower



    Amazon S
    3



    SSH DB

    View Slide

  17. Landing Zone ( )
    • AWS
    ( )


    AWS Control Tower


    H

    View Slide

  18. AWS CloudTrail AWS Con
    fi
    g
    AWS Organizations
    AWS ControlTower


    View Slide

  19. 03 AWS Control Tower

    View Slide

  20. 1
    . AWS


    2
    .


    3. AWS


    4
    . AWS Control Tower


    5
    .


    6
    .
    Control Tower Workshops https://controltower.aws-management.tools/ja/

    View Slide



  21. ( )


    AWS Control Tower 🤗

    View Slide

  22. AWS Control Tower


    View Slide

  23. 04 AWS Control Tower


    View Slide











  24. https://docs.aws.amazon.com/ja_jp/controltower/latest/userguide/accounts.html
    AWS Organizations

    View Slide







  25. AWS CloudTrail


    Amazon S3 🆕


    KMS

    View Slide

  26. View Slide




  27. View Slide

  28. 05

    View Slide





  29. AWS IAM MFA


    Amazon S3

    View Slide



  30. Slack


    AWS Chat Bot Amazon CloudWatch

    View Slide

  31. Okta 築
    • AWS Control Tower AWS IAM Identity Center(AWS SSO)


    • Okta
    Okta


    Okta AWS IAM Identity Center 築

    View Slide

  32. View Slide

  33. AWS Control Tower


    AWS





    AWS Control Tower


    View Slide

  34. AWS

    View Slide

  35. View Slide

  36. AWS Control Tower


    Yappli Tech Blog
    https://tech.yappli.io/entry/
    yapplitechconf2022-sre

    View Slide



  37. 🙇

    View Slide