ωοτϫʔΫઃܭ Ξϯνύλʔϯ ΠϯϑϥɾωοτϫʔΫΤϯδχΞษڧձ Vol1 

ωοτϫʔΫઃܭ Ξϯνύλʔϯ ωοτϫʔΫ͘͠͡Γઌੜ ΠϯϑϥɾωοτϫʔΫΤϯδχΞษڧձ Vol1 

ࣗݾ঺հ Takashi Kaga QA (5೥) ɹˠɹαʔόαΠυ (3೥) ɹˠɹΠϯϑϥ (5೥) ※͍·͜͜ ɹɹ TAKA_0411 ɹɹ kaga.takashi ɹɹ taka1111 

iOSDC 2016 - 2019 ελοϑ (ࡱӨ୲౰) 

PHPerKaigi 2018 - 2019 ελοϑ (ࡱӨ୲౰) 

͋͐͡Μͩ ɾVPCʹ͍ͭͯ ɾϕετϓϥΫςΟε ɾωοτϫʔΫ͘͠͡Γઌੜ ɾ·ͱΊ 

͋͐͡Μͩ ɾVPCʹ͍ͭͯ ɾϕετϓϥΫςΟε ɾωοτϫʔΫ͘͠͡Γઌੜ ɾ·ͱΊ 

VPCͱSubnet Virtual Private Cloud (VPC) ͸ɺAWS ΞΧ΢ϯτઐ༻ͷԾ૝ωοτϫʔΫͰ͢ɻ VPC ͸ɺAWS Ϋϥ΢υͷଞͷԾ૝ωοτϫʔΫ͔Β࿦ཧతʹ੾Γ཭͞Ε͓ͯ ΓɺAWS ͷϦιʔεʢྫ͑͹ Amazon EC2 ΠϯελϯεʣΛ VPC ಺ʹىಈͰ ͖·͢ɻVPC ͷ IP ΞυϨεൣғΛࢦఆͯ͠ɺαϒωοτΛ௥Ճ͠ɺηΩϡϦ ςΟάϧʔϓΛؔ࿈෇͚ͯɺϧʔτςʔϒϧΛઃఆͰ͖·͢ɻ https://docs.aws.amazon.com/ja_jp/vpc/latest/userguide/what-is-amazon- vpc.html αϒωοτ͸ɺVPC ͷ IP ΞυϨεͷൣғͰ͢ɻAWS Ϧιʔε͸ɺࢦఆͨ͠αϒ ωοτ಺ʹىಈͰ͖·͢ɻΠϯλʔωοτʹ઀ଓ͢Δඞཁ͕͋ΔϦιʔεʹ͸ύ ϒϦοΫαϒωοτΛɺΠϯλʔωοτʹ઀ଓ͠ͳ͍Ϧιʔεʹ͸ϓϥΠϕʔτ αϒωοτΛ࢖༻͍ͯͩ͘͠͞ɻύϒϦοΫαϒωοτͱϓϥΠϕʔταϒωο τͷৄࡉʹ͍ͭͯ͸ɺʮVPC ͱαϒωοτͷجຊʯΛࢀর͍ͯͩ͘͠͞ɻ 

͜͜ʹ3ͭͷߏ੒ਤ͕͋Γ·͢
 (؆ུ൛) 

ͦͷ̍ɿVPCͰ੾ͬͨ΋ͷ 

ͦͷ̎ɿSubnetͰ੾ͬͨ΋ͷ 

ͦͷ̏ɿdefaultߏ੒ 

ωοτϫʔΫͷઃܭ͸ Ͳ͏͋Δ΂͖͔ 

ɹɹ࿦ཧతͳ୯ҐͰ ɹɹ෼ׂ͢Δͱྑ͍ͷͰ͸ 

࿦ཧతͳ୯Ґͱ͸ ɾ؀ڥ (Environment) ୯Ґ ɹɾdevelopment, staging, production ɹɾઌఔͷͦͷ̍, ͦͷ2ͷߏ੒ਤ ɾఏڙ͢ΔαʔϏε୯Ґ ɾ૊৫୯Ґ 

͋͐͡Μͩ ɾVPCʹ͍ͭͯ ɾϕετϓϥΫςΟε ɾωοτϫʔΫ͘͠͡Γઌੜ ɾ·ͱΊ 

ϕετϓϥΫςΟε ɾAWSͷެࣜυΩϡϝϯτʹ ɹ͋Δఔ౓هࡌ͞Ε͍ͯΔ ɾBlack Belt ΦϯϥΠϯηϛφʔͷ ɹεϥΠυΛࢀߟʹ͢Δ ɾVPC΢ΟβʔυΛ׆༻͢Δ 

https://docs.aws.amazon.com/ja_jp/quickstart/latest/vpc/architecture.html Amazon VPC Λ࢖༻ͨ͠Ϟδϡʔϧࣜͷ εέʔϥϒϧͳԾ૝ωοτϫʔΫΞʔΩςΫνϟͷߏங 

https://www.slideshare.net/AmazonWebServicesJapan/20190313-aws- black-belt-online-seminar-amazon-vpc-basic 20190313 AWS Black Belt Online Seminar Amazon VPC Basic 

VPC΢Οβʔυ 

͋͐͡Μͩ ɾVPCʹ͍ͭͯ ɾϕετϓϥΫςΟε ɾωοτϫʔΫ͘͠͡Γઌੜ ɾ·ͱΊ 

ͱ͋ΔαʔϏε 

ͱ͋ΔαʔϏε 

ͱ͋ΔαʔϏεͷωοτϫʔΫ ɾ1 VPC (σϑΥϧτ) ɾ2 Subnet (σϑΥϧτ) ɾෳࡶͳSecurity Group ɾՔಇதͷෳ਺ͷαʔϏε 

ͱ͋Δઃఆมߋґཔ ʮS3 EndpointΛ௥Ճ͍ͨ͠ʯ 

ͱ͋Δઃఆมߋ S3 Endpointͱ͸ ɾVPC಺͔ΒS3ʹΞΫηε͢ΔͨΊͷΤϯυϙΠϯτ ɾVPCͷSubnet (Route Table) ʹઃఆ͢Δ ɾઃఆ͢ΔͱPrivate IPܦ༝ͰͷΞΫηεͱͳΔ ɾϦʔδϣϯະࢦఆͩͱ௨৴Ͱ͖ͳ͍৔߹͕͋Δ 

S3 Endpoint Πϝʔδ https://www.slideshare.net/AmazonWebServicesJapan/20190313-aws- black-belt-online-seminar-amazon-vpc-basic/75 

ͱ͋Δઃఆมߋ Θͨ͠ʮςετ؀ڥແ͍ͳʯ Θͨ͠ʮผSubnetͰҰࣜ࡞Δ͔ʁʯ Θͨ͠ʮɾɾɾʯ Θͨ͠ʮઃఆνΣοΫ͠Α͏ɾɾɾʯ 

ͱ͋Δઃఆมߋ Θͨ͠ʮS3पΓͷઃఆ֬ೝϤγʂʯ Θͨ͠ʮSecurity Groupͷ֬ೝϤγʂʯ Θͨ͠ʮιʔείʔυͷgrepϤγʂʯ Θͨ͠ʮS3 EndpointΛ௥Ճͬͱʯ ɹ 

ͱ͋Δઃఆมߋ αʔϏεͷ؅ཧը໘͔Β S3ʹΞΫηεͰ͖ͳ͘ͳͬͨ (ඵ଎ͰઃఆΛ໭ͨ͠) 

ͱ͋Δઃఆมߋ S3 Endpointͱ͸ ɾVPC಺͔ΒS3ʹΞΫηε͢ΔͨΊͷΤϯυϙΠϯτ ɾVPCͷSubnet (Route Table) ʹઃఆ͢Δ ɾઃఆ͢ΔͱPrivate IPܦ༝ͰͷΞΫηεͱͳΔ ɾϦʔδϣϯະࢦఆͩͱ௨৴Ͱ͖ͳ͍৔߹͕͋Δ ɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹ͓લ͔ͩͬͨɾɾɾ 

൓ল (1) ɾυΩϡϝϯτΛ͔ͬ͠ΓಡΜͰ͓͘΂͖ͩͬͨ ඞͣ AWS ίϚϯυϥΠϯΠϯλʔϑΣʔε (AWS CLI) Λߏ੒͠ɺσϑΥ ϧτͷ AWS ϦʔδϣϯΛઃఆ͍ͯͩ͘͠͞ɻσϑΥϧτͷϦʔδϣϯ໊ Λࢦఆ͢Δʹ͸ɺaws configure ίϚϯυΛ࢖༻͠·͢ɻ σϑΥϧτͷϦʔδϣϯΛࢦఆ͠ͳ͍৔߹΍ɺσϑΥϧτͷϦʔδϣϯ Λ্ॻ͖͢Δ৔߹͸ɺඞ֤ͣ AWS CLI ίϚϯυͰ --region ΦϓγϣϯΛ ઃఆ͠·͢ɻ https://aws.amazon.com/jp/premiumsupport/knowledge-center/connect-s3- vpc-endpoint/ 

൓ল (2) ɾςετ༻ͷ؀ڥΛ࡞ͬͯࢼ͢΂͖ͩͬͨ ɹɾ్தͰఘΊͯ͠·ͬͨ ɹɾ·ΔͬͱҰࣜ࡞Δͷ͸ݫ͍͠ ɹɹɾWeb,DB,Cache,S3,etc… ɾίʔυԽʢ͠ͳ͍͞ʣ ɹɾͦ͏ͩͳʢਖ਼࿦ʣ 

͋͐͡Μͩ ɾVPCʹ͍ͭͯ ɾϕετϓϥΫςΟε ɾωοτϫʔΫ͘͠͡Γઌੜ ɾ·ͱΊ 

͜ͷωοτϫʔΫͷ Կ͕μϝͩͬͨͷ͔ 

·ͱΊ ɾdefaultͷVPC, defaultͷSubnetͱ͸ͭ·Γ ɹˠɹdev / stg / prod͕ಉҰωοτϫʔΫ ɹˠɹLB / Web / DB͕ಉҰϨΠϠʔ ɹˠɹSecurity GroupཔΈͷίϯτϩʔϧ 

·ͱΊ ɾdev / stg / prod͕ಉҰωοτϫʔΫ ɹઃఆมߋ͕ଞͷ؀ڥʹӨڹ͠΍͍͢ ɹɹˠɹಛఆ؀ڥ͚ͩͷςετ͕͠ʹ͍͘ ɹηΩϡϦςΟతʹΑΖ͘͠ͳ͍ ɹɹˠɹͲ͔͜৵ೖ͞ΕͨΒશ෦ࢮ 

·ͱΊ ɾLB / Web / DB͕ಉҰϨΠϠʔ ɹ௚઀Πϯλʔωοτͱ௨৴Ͱ͖ͯ͠·͏ ɹɹˠɹΠϯλʔωοτ͔Βͷ઀఺ΛߜΔ 
 ɹηΩϡϦςΟతʹΑΖ͘͠ͳ͍ ɹɹˠɹͲ͔͜৵ೖ͞ΕͨΒશ෦ࢮ 

·ͱΊ ɾSecurity GroupཔΈͷίϯτϩʔϧ ΊͪΌͪ͘ΌͭΒ͍ 

͜ͷωοτϫʔΫ͸ Կ͕ྑ͔ͬͨͷ͔ 

·ͱΊ ɾͱΓ͋͑ͣಈ͘ ɹɾωοτϫʔΫʹৄ͍͠ਓ͕͍ͳͯ͘΋ ɹɹ͋Δఔ౓ͷ΋ͷΛಈ͔͢͜ͱ͕Ͱ͖Δ ɾαʔϏε(Ձ஋ΛఏڙͰ͖Δ΋ͷ)ʹ஫ྗͰ͖Δ ɹɾʮࠓͲ͏ͯ͠΋ಈ͘΋ͷΛఏڙ͍ͨ͠ʯ ɹɾ͔͜͠͠ͷߟ͑͸ෛ࠴Λ࢈Ή☠ ɹɹɾͩͬͨΒPaaSΛݕ౼͢Δ 

ωοτϫʔΫ΋αϘΒͣ ͪΌΜͱઃܭ͠·͠ΐ͏ 

͓ΘΓ