JAWS-UG 福岡 #14:11度目はちょっと濃い目にAWS re:Inforce 2023を振り返ろう https://jaws-ug-kyushu.doorkeeper.jp/events/157035
JAWS-UG #14 11 AWS re:Inforce20 232023.7.23@seike4601
View Slide
@seike460-- @seike460- Fusic- /- /-- JAWS Days- AWS Dev Day- Serverless Days-- JAWS Festa2023in Kyushu Staff- ServerlessDays2023Organizer2
Agenda1.2.3.IAM4.5.3
1
AWS5 AWS Lambda AWS
6
-> 7
API21,172/ -> 1,543,602/ S3Select 1,000 /600 2000 rps8
9
2
11 API Gateway API KEY API KEY
12AWS WAF SQL IPDOS IP
3IAM
AWS Lambda IAM Role14AWS Lambda AWS Lambda AWS IAM IAM Role
IAM15SES S3DynamoDB
DynamoDB16DynamoDB IAMGetItem PutItem{"Version": "2012-1 0-17","Statement": [{"Effect": "Allow","Action": ["dynamodb:GetItem","dynamodb:PutItem"],"Resource": "arn:aws:dynamodb:us-west-2:12345678901 2:table/ExampleTable"}]}
S317S3IAMGetObject PutObject {"Version": "20 12-10-17","Statement": [{"Effect": "Allow","Action": ["s3:GetObject","s3:PutObject"],"Resource":"arn:aws:s3:::examplebucket/*"}]}
SES18SES IAM {"Version": "20 12-10-17","Statement": [{"Effect": "Allow","Action": ["ses:SendEmail","ses:SendRawEmail"],"Resource": "arn:aws:ses:us-west-2:1234 5 67 89 012:identity/example.com"}]}
IAM19 AdministratorAccess
4
21 HTML Javascript NG
22Secret Secret Secret Manager Secret
5
24Security Hub CloudTrail AWS Config
25Point1IAM AdministratorAccessPoint2SecretPoint3Point4
Serverless Days Tokyo202327
Thank YouWe are Hiring !https://recruit.fusic.co.jp/