re:Invent 2017 Ͱൃද ͞Εͨੵۃతʹ࢖͍͍ͨ αʔϏε5ͭʂ JAWS-UG ௕໺ࢧ෦ ࣉా ྯਅ 

Α͏ͦ͜দຊ΁ • લ͔ΒɺদຊͰJAWS-UGΛ΍Γ͔ͨͬͨ • 11݄ͷ௕໺ࢧ෦ͷRebootʹ͸ମௐෆྑͰߦ͚ͣɻɻɻ • ͜ʹΌ͞Μ͕ɺ΅ͦͬͱͭͿ΍͍ͨͷΛؾʹɺদຊͰ΋΍Δ͜ͱʹ! • 1೥ʹ਺ճ͸ߦ͍͍ͨͱࢥ͍ͬͯ·͢ɻ࣍͸ 3 or 4݄͝Ζʹ΍ΕΕ͹ • ௕໺ࢢͱ࿈ܞاը΋ߟ͑த • ͪͳΈʹɺ௕໺ݝத෦Ͱձ৔Λିͯ͠௖͚͚Δاۀ༷͕͋Ε͹ɺඇ ৗʹخ͍͠Ͱ͢ 

• ࣉా ྯਅ(Reima TERADA) • ॴଐ1ɿ
 גࣜձࣾαʔόʔϫʔΫε
 Ϋϥ΢υΠϯςάϨʔγϣϯ෦
 ٕज़2՝ (AWSΤϯδχΞ) • ॴଐ2ɿ
 ৴भେֶେֶӃ
 ߴΤωϧΪʔ෺ཧֶݚڀࣨ ത࢜1೥ • Twitterɿ@re__maɹfacebook: https://www.facebook.com/reima.terada 

ֶੜͬͯʁ • ͍ΘΏΔɺ͘͝ී௨ͷࣾձਓυΫλʔ • ౦ژΛԕ͘཭Εͯɺ௕໺ݝࡏॅ • جຊɺϦϞʔτϫʔΫͰશͯͷ࢓ࣄΛ • னؒ࢓ࣄͯ͠ɺே൩+ٳ೔ʹݚڀɾ࣮ ݧɾղੳ 

ݚڀ಺༰ • ߴΤωϧΪʔ෺ཧֶ͕ઐ໳ • εΠεɺδϡωʔϒͷڊେͳՃ଎ثͱ͔ʹԑ͕͋Γ ·͢ • ΍͍ͬͯΔͷ͸ɺ౦๺ʹ࡞Ζ͏ͱߦ͍ͬͯΔɺϦχ ΞίϥΠμʔܭըͷଌఆثR&D 

࢓ࣄͷํͷ࿩ • ΠϯϑϥΤϯδχΞΛ΍͍ͬͯ·͢ • ओʹɺVPCͱEC2ͱRDSΛຖ݄࡞੒͍ͯ͠·͢ • CloudFormation͸৬ਓʹͳΕ·͢ • ίʔυ͸PythonͰগ͠ॻ͚·͕͢ɺ࢓ࣄͰίʔ σΟϯά͸͍ͯ͠·ͤΜ • ࠷ۙ͸ɺӡ༻ͱ͔ηΩϡϦςΟपΓ͕ଟΊͰ͢ 

re:InventͰൃද͞ΕͨαʔϏε • 2ϲ݄΄Ͳܦաͯ͠͠·ͬͨͷͰɺ؆୯ʹ͓ ͞Β͍Λ • ৽αʔϏεͱͯ͠ɺ60ݸఔ౓ग़ͨΑ͏Ͱ͢
 https://aws.amazon.com/jp/new/reinvent/ • re:Inventલޙʹ΋ز͔ͭ࿩͕͋Γ·ͨ͠ 

ಠஅͱภݟͱࣗ෼ͷ࢓ࣄ෼໺͔ Β͑ΒͿɺ࢖͍͍ͨαʔϏε • ྑ͍ͳͱࢥ͍ͬͯΔαʔϏεΛ5ͭબΜͰ࿩͠·͢ • AWS Fargate • Amazon Time Sync Service • Amazon Aurora Serverless • Inter-Region VPC Peering • Amazon GuardDuty 

AWS Fargate • ͓ͳ͡ΈͷίϯςφͷϑϧϚωʔδυαʔϏε • ͍͍ͱ͜Ζ • ίϯςφΛಈ͔͢αʔόʔͷӡ༻Λ͠ͳ͍͍ͯ͘
 (ECSͰ͸͕͜͜ωοΫͩͬͨ • AutoScalingΑΓ΋ىಈ͕ૣ͍ • AutoScalingͷνϡʔχϯάෆཁ • ஫ҙ఺ • ·ͩɺ౦ژϦʔδϣϯʹདྷ͍ͯͳ͍ • ྉۚ͸ɺECS ͱ͔ EKS ͱ͔ΑΓ͸ߴΊ (αʔόʔӡ༻ͷίετΛߟ͑Ε͹ଟ෼ଥ౰ 

AWS Fargate ͜͜ͷ؅ཧ͸ͨ͘͠ͳ͔ͬͨ
 AutoScalingͩͱνϡʔχϯά΋ඞཁ εέʔϦϯά͢Δ࣌ؒ΋͔͔Δ FargateͩͱEC2ͷϦιʔε؅ཧ͸ෆཁʂ ίϯςφͩͱىಈ΋਺ඵͰՄೳʂ 

Amazon Time Sync Service • NTPΛVPCͳ͍͔Β࢖͑Δɺ͋Δҙຯ஍ຯͳαʔϏεͰ͢ • αʔϏε͕ग़Δલ • NTPͷઃఆͰɺ ntp.nict.jp ͱ͔ʹ޲͚͍ͯͨɻ • GIPΛ͍࣋ͬͯΔαʔόʔ͸ɺΠϯλʔωοτ͔ΒΞΫηε͕Մೳ
 ϓϥΠϕʔταϒωοτ͔Β͸ɺNAT͕ඞཁ
 NAT΋͓͚ͳ͍৔߹͸ɺNTPதܧαʔόʔ͕ඞཁ • ࠓճͷαʔϏεͷ͍͍ͱ͜Ζ • 169.254.169.123 Λࢦఆ͢Ε͹VPC಺ͳΒͲ͜Ͱ΋ΞΫηεՄೳʂ • ஫ҙ఺ • ͱ͘ʹͳ͠ (ͲΜͲΜ࢖͑͹ྑ͍ʂ 

Amazon Time Sync Service ͍Ζ͍Ζ༨෼ʹඞཁ
 NTPαʔόʔ͸؂ࢹ΋ඞཁ 

Amazon Aurora Serverless • ଴๬ͷ RDB ͷServerlessͷαʔϏε • ΞϓϦΛ No SQL (Dynamo DB)޲͚ʹॻ͖׵͑ͳͯ͘΋ར༻Մ ೳ • ߟ͑ΒΕΔϢʔεέʔε • Serveless (Lambda) Λओʹ༻͍ͨΞϓϦέʔγϣϯ • RDB͕ඞཁͳϨΨγʔͳαʔϏε͔ͭɺখن໛ͳαʔϏε • ex) ࣾ಺޲͚ͷ؆୯ͳ؅ཧγεςϜɺࣗલͷblogαΠτ 

Amazon Aurora Serverless • ݸਓతʹ·ͣਪ͍ͨ͠఺͸ɺখن໛ͳγεςϜͰͷར༻ • খن໛ͳ৔߹Ͱ΋ɺt2ܥΛར༻͠ͳͯ͘΋αʔϏε͕Մೳ ͔ͭɺطଘt2.smallͱ΄ͱΜͲಉ͡஋ஈʹͳΔͱߟ͑ΒΕΔ • ΋͠ɺΞΫηε͕૿͑Ε͹ɺࣗಈతʹεέʔϧ (εέʔϧʹ ඞཁͳ࣌ؒ͸ཁݕূ • RDSͷαʔόʔͷఀࢭػೳ͸ग़͕ͨɺ͜ΕΛར༻͢Ε͹ αʔόʔͷఀࢭ͕ෆཁ 

Amazon Aurora Serverless • ଞͷྫͱͯ͠͸ɺEC2͕AutoScaling͢ΔγεςϜͰͷ ར༻ • RDSͷΩϟύγςΟ͕ωοΫͱͳΓɺγεςϜશମ͕ εέʔϧ͠ͳ͘ͳΔͷΛ๷͛Δ • Aurora ReadReplica AutoScaling Ͱ΋͍ۙ͜ͱ͸Մ ೳ͕ͩɺύϥϝʔλνϡʔχϯά΋ෆཁ (EC2ͷ AutoScalingͱLambdaͱ͔ɺFargateͷؔ܎ͱҰॹʂ 

Inter-Region VPC Peering • ࠓ·Ͱͳ͔ͬͨɺϦʔδϣϯؒͷVPCͷ઀ଓ͕Մೳʹ • άϩʔόϧʹ·͕ͨΔγεςϜΛ࡞Δͱ͖ʹཉ͔ͬͨ͠΍ ͭ • ·ͨɺDRରࡦͱͯ͠΋ར༻Մೳ • جຊతͳ࢖༻͸ɺVPC-Peeringͱ΄΅ಉ͡ • ஫ҙ఺ • ౦ژ͸·ͩ 

Inter-Region VPC Peering Transit VPC͕ඞཁͩͬͨ https://aws.amazon.com/jp/answers/networking/aws-multiple-region-multi-vpc-connectivity/ Transit VPCଆͷϧʔλʔ͸ ϧʔςΟϯά΋อक΋ϥΠηϯείετ΋ඞཁ ϧʔλෆཁ ϧʔςΟϯάͷઃఆ΋
 VPCͰ׬݁ 

Amazon GuardDuty • AWSͷ௨৴ͳͲΛ؂ࢹ͠ɺෆ৹ͳߦಈ͕͋ͬͨ৔߹ʹΞϥʔτΛ౤͛ͯ͘ΕΔ αʔϏε • ྑ͍఺ • AgentΛΠϯετʔϧ͢Δඞཁ͕ͳ͍(Agent Less) • طଘͷ΋ͷʹ؆୯ʹ௥ՃՄೳ • ͍··ͰͷηΩϡϦςΟιϑτͱൺ΂Δͱ͍҆ʂ • ԿΑΓ΋େࣄͳͷ͸ɺ໘౗ͳηΩϡϦςΟͷ؂ࢹӡ༻ͱ௨஌ΛࣗಈͰ΍ͬͯ͘ ΕΔͱ͜Ζ
 (͔͠΋AWSͷ͍࣋ͬͯΔσʔλͱ෇͖߹Θ͕ͤߦΘΕΔͨΊɺࣗ෼ͰಘΒΕ Δ৘ใΑΓ΋ͨ͘͞Μͷ৘ใͱಥ͖߹Θͤͯ͘ΕΔ 

Amazon GuardDuty • ஫ҙ఺ • ΢ΟϧεରࡦιϑτͰ͸ͳ͍ (DeepSecurityͳͲͷ୯७ͳஔ͖׵͑ ʹ͸ͳΒͳ͍ • WAFͰ΋ͳ͍ (WAF͸ AWS WAF Λઃఆ͢Δඞཁ͋Γ • ݱࡏͷର৅͸EC2ͱIAM (ͱ͸͍͑ɺඞཁ࠷௿ݶ͸Χόʔ͞Ε͍ͯΔ • Ξϥʔτ্͕͕ͬͨΒɺࣗ෼ͰରԠ͕ඞཁ • શମతͳηΩϡϦςΟ؂ࢹ͕͚ͨ͠Ε͹ɺAlert LogicͳͲΛ࢖ͬͨ΄ ͏͕͍͍ (͓ͨͩۚ͠͸͔͔Δ 

ଞʹ΋αʔϏε͸ଟ਺ • Cloud9 (IDE • Amazon MQ (ϝοηʔδϒϩʔΧʔαʔϏε • ৽͍͠ΠϯελϯελΠϓ (M5, H1 • Aurora Multi-Master • Dynamo DB Global Tables (ϦʔδϣϯΛ௒͑ͨϚϧνϚε λ • etc 

·ͱΊ • ྫ೥ͷ͜ͱͳ͕Βɺ re:Invent Ͱͷଟ਺ͷαʔϏε͕ग़·͠ ͨΑͱ • ͓͢͢ΊͰ͖ΔαʔϏεΛϐοΫΞοϓͯ͠5ͭ঺հͯ͠Έ ·ͨ͠ • ઃఆෆཁͳαʔϏεͱ͔ɺ͜ΕͰ͖Δͱӡ༻͕ΉͬͪΌָ ʹͳΔαʔϏεͱ͔Λ·ͱΊͯΈͨͭ΋ΓͰ͢ • IoT·ΘΓͱ͔MLपΓͱ͔͸͍͍͚͍ͭͯͯͳ͍ͷͰɺؤ ுͬͯΩϟονΞοϓ͠ͳͯ͘͸ɻɻɻ 

JAWS DAYS 2018 ! • https://jawsdays2018.jaws-ug.jp