CloudFormation StackSets with AWS Organizations

$MPVE'PSNBUJPO4UBDL4FUTº "840SHBOJ[BUJPOTͰ ઃఆͷࣗಈԽ /3*ωοτίϜגࣜձࣾɹ ࠤʑ໦୓࿠ +"846(ேձୈճ #jawsug_asa

ࠤʑ໦୓࿠ CMPHIUUQTCMPHUBLVSPTOFU 5XJUUFS!ELGK ࣗݾ঺հ #jawsug_asa

+BQBO"1/"NCBTTBEPS બग़͞Ε·ͨ͠ ࣗݾ঺հ #jawsug_asa

ೝఆηΩϡϦςΟࢼݧͷରࡦຊ ཁ఺੔ཧ͔Β߈ུ͢Δ ʰ"84ೝఆηΩϡϦςΟઐ໳஌ࣝʱ IUUQTBN[OUP1,4D( "84ೝఆηΩϡϦςΟઐ໳஌ࣝͷษڧͷ࢓ํͱ "84ͷηΩϡϦςΟͷΨΠυϒοΫͱͯࣥ͠චʢͨͭ͠΋Γʣ #jawsug_asa

ࠓ೔࿩͢಺༰ "84ͷΞΧ΢ϯτηΩϡϦςΟ "84ͷηΩϡϦςΟαʔϏε $MPVE'PSNBUJPO4UBDL4FUTͱ"840SHBOJ[BUJPOT #jawsug_asa

ຊ೔ͷΰʔϧ "840SHBOJ[BUJPOTͱ $MPVE'PSNBUJPO4UBDL4FUTΛࣗ෼Ͱ࢖ͬͯΈΑ͏ 㱺ࣗ෼ͰखΛಈ͔͢ͷେࣄʂʂ #jawsug_asa

"84ͱηΩϡϦςΟ ͍Ζ͍Ζ΍Δ͜ͱ͕ଟͯ͘ɺ ΍΍͍͜͠ͱࢥͬͨ͜ͱ͋Γ·ͤΜ͔ શମ૾Λ೺Ѳ͢ΔͨΊʹɺͬ͘͟Γͱ ෼ྨͯ͠Έ·͠ΐ͏ #jawsug_asa

"84ͱηΩϡϦςΟ "84ͷηΩϡϦςΟ͸̏ͭͷ࣠Ͱߟ͑Δ ᶃ"84಺ʹߏஙͨ͠ωοτϫʔΫͱαʔόʔͷηΩϡϦςΟ ᶄ"84ૢ࡞ʹؔ͢Δݖݶʢ*".ʣ ᶅηΩϡϦςΟΛҡ࣋؅ཧ͢ΔͨΊͷ"84αʔϏε AWS Management Console Role VPC
AWS Cloud Subnet Internet gateway Amazon Simple Storage Service (S3) VPN gateway Endpoints User ૢ࡞ݖݶ Instance Instance Instance AWS Lambda Role ᶄ ᶃ AWS Command Line Interface AWS Config AWS Systems Manager AWS Service Catalog AWS Trusted Advisor AWS CloudTrail ᶅ ηΩϡϦςΟΛҡ࣋ ؅ཧ͢ΔαʔϏε #jawsug_asa

ᶃ"84಺ʹߏஙͨ͠ωοτϫʔΫͱ αʔόʔͷηΩϡϦςΟ ੹೚ڞ༗Ϟσϧͷ੺࿮ͷ෦෼ ઃܭͷߟ͑ํ͸ΦϯϓϨͱେ͖͘ҧΘͳ͍͕ɺઃఆͷ࢓ ํ͸"84ͷྲّྀʹै͏ඞཁ͕͋Δ IUUQTBXTBNB[PODPNKQDPNQMJBODFTIBSFESFTQPOTJCJMJUZNPEFM #jawsug_asa

ᶄ"84ͷૢ࡞ʹؔ͢Δݖݶʢ*".ʣ "84ͷηΩϡϦςΟͷத֩ͷҰͭ ͲΜͳʹωοτϫʔΫ΍αʔόʔͷηΩϡϦςΟΛڧݻʹ ͍ͯͯ͠΋ɺ"84Λ௚઀ૢ࡞͞ΕΔͱ͕݀։͚ΒΕΔ "84ͷബ͍ຊɹ*".ͷϚχΞοΫͳ࿩ IUUQTCPPUIQNKBJUFNT #jawsug_asa

ᶅηΩϡϦςΟΛҡ࣋؅ཧ͢Δ ɹͨΊͷ"84αʔϏε "84ಠࣗͷ෦෼ ར༻͠ͳͯ͘΋γεςϜΛηΩϡΞͳঢ়ଶΛҡ࣋Ͱ͖Δ͕ɺ ্ख͘׆༻͢ΔͱࣗྗͰ΍ΔΑΓഒָʹͳΔ "84ͷബ͍ຊᶘΞΧ΢ϯτηΩϡϦςΟͷϕʔγοΫηΦϦʔ IUUQTCPPUIQNKBJUFNT #jawsug_asa

ηΩϡϦςΟΛҡ࣋͢ΔͨΊͷ "84αʔϏε

ΨʔυϨʔϧͱ͍͏"84ͷઃܭࢥ૝ ηΩϡϦςΟ͸Ұ౓ઃఆ͓ͯ͠ऴ͍Ͱ͸ͳ͍ɻ ؀ڥશମʹܧଓతͳΨόφϯεΛఏڙ͢Δҝͷϧʔϧ͕ඞཁɻ"84͸ རศੑΛอͪͳ͕Βɺαϙʔτ͢ΔαʔϏεΛఏڙ͍ͯ͠Δ ᶃ༧๷ɹʜɹ*".΍4$1Ͱېࢭࣄ߲ͷૢ࡞ࣄ߲Λग़དྷͳ͘͢Δ͜ͱ ᶄݕ஌ɹʜɹېࢭࣄ߲ͷૢ࡞͕͞ΕͨΒؾ͕෇͚Δঢ়ଶʹ͢Δ͜ͱ ΨʔυϨʔϧ ؔॴ #jawsug_asa

$MPVE5SBJM AWS Management Console User AWS Command Line Interface AWS
CloudTrail Amazon Simple Storage Service (S3) Amazon CloudWatch "84Ϧιʔεͷૢ࡞ཤྺΛه࿥ɾ௨஌ ᶃϚωδϝϯτίϯιʔϧͱ"1*ͷૢ࡞ཤྺΛ4ʹอଘ ᶄ$MPVE8BUDI-PHTΛར༻ͯ͠4/4ܦ༝Ͱ௨஌΋Մೳ AWSϦιʔε #jawsug_asa

$POpH ఆ఺ˍΠϕϯτൃੜ࣌ʹ"84ͷঢ়ଶΛه࿥ ᶃ"84ͷঢ়ଶΛه࿥͠؅ཧ͢ΔαʔϏε ᶄ$POpH3VMFTΛར༻͢Δ͜ͱʹΑΓɺ͋Δ΂͖ঢ়ଶ͔Β֎Ε ͨ͜ͱΛݕ஌͢Δ͜ͱ͕Ͱ͖Δ AWS Config User AWSϦιʔε ͷߏ੒มߋ
ߏ੒؅ཧɾه࿥ ͷอଘ มߋޙͷߏ੒ͷ ධՁ ʢConfig Rulesʣ Amazon Simple Notification Service #jawsug_asa

(VBSE%VUZ ڴҖͷݕग़ ᶃηΩϡϦςΟ؍఺͔ΒͷڴҖϦεΫΛݕग़ ᶄϩάσʔλʢ71$'MPX-PHT $MPVE5SBJM&WFOU-PHT %/4-PHTʣΛ෼ੳ ᶅڴҖΛ"*ʹΑΓΠϯςϦδΣϯεʹݕग़ ѱҙͷ͋ΔεΩϟϯ Πϯελϯε΁ͷڴҖ ΞΧ΢ϯτ΁ͷڴҖ
Amazon GuardDuty Flow logs Event Logs DNS Logs ϩά ڴҖͷ൑அ Amazon Simple Notification Service Amazon CloudWatch Events ௨஌ #jawsug_asa

4FDVSJUZ)VC https://aws.amazon.com/jp/security-hub/ ηΩϡϦςΟΞϥʔτΛҰݩ؅ཧ ᶃ(VBSE%VUZ .BDJF *OTQFDUPSͷΞϥʔτΛ౷߹ͯ͠؅ཧ ᶄ֤छϩάΛݩʹίϯϓϥΠΞϯενΣοΫ ᶅαʔυύʔςΟπʔϧͱͷ࿈ܞɾෳ਺"84ΞΧ΢ϯτͷ౷߹ ΋Մೳ #jawsug_asa

5SVTUFE"EWJTPS "84ͷར༻ঢ়گΛධՁ ᶃ̑ͭͷ؍఺ʢίετ࠷దԽɾύϑΥʔϚϯεɾηΩϡϦςΟɾ ϑΥʔϧττϨϥϯεɾαʔϏε੍ݶʣͰධՁ ᶄσϑΥϧτͰద༻͞Ε͍ͯΔͷͰɺҰ౓ݟͯΈΔ͜ͱ ᶅ௨஌ʢ&ϝʔϧͷΈʣ΋Մೳ #jawsug_asa

$POUSPM5PXFS https://aws.amazon.com/jp/controltower/ ෳ਺ΞΧ΢ϯτͷηΩϡϦςΟઃఆͱ؂ࢹ ᶃ"84ͷϕετϓϥΫςΟεΛ੝ΓࠐΜͩઃఆͰɺ"84ΞΧ΢ ϯτͷߏங ᶄΞΧ΢ϯτͷϙϦγʔΛܧଓతʹ؅ཧͱՄࢹԽ ᶅطଘͷΞΧ΢ϯτΛ$POUSPM5PXFSʹొ࿥͢Δͷා͍ #jawsug_asa

ηΩϡϦςΟͷઃܭͷࢦ਑

/*45αΠόʔηΩϡϦςΟϑϨʔϜϫʔΫ ෼ྨ ΧςΰϦʔ ಛఆ ʢ*EFOUJGZʣ ɾࢿ࢈؅ཧ ɾϏδωε؀ڥ ɾΨόφϯε ɾϦεΫΞηεϝϯτɺϦεΫΞηεϝϯτ؅ཧ ɾαϓϥΠνΣʔϯϦεΫϚωδϝϯτ
๷ޚ ʢ1SPUFDUʣ ɾΞΫηε੍ޚ ɾҙࣝ޲্͓ΑͼτϨʔχϯά ɾσʔληΩϡϦςΟ ɾ৘ใΛอޢ͢ΔͨΊͷϓϩηε͓Αͼखॱ ɾอक ɾอޢٕज़ ݕ஌ ʢ%FUFDUʣ ɾҟৗͱΠϕϯτ ɾηΩϡϦςΟͷܧଓతͳϞχλϦϯά ɾݕ஌ϓϩηε ରԠ ʢ3FTQPOEʣ ɾରԠܭըͷ࡞੒ ɾίϛϡχέʔγϣϯ ɾ෼ੳ ɾ௿ݮ ෮چ ʢ3FDPWFSʣ ɾ෮چܭըͷ࡞੒ ɾվળ ɾίϛχέʔγϣϯ IPA CSFίΞ https://www.ipa.go.jp/files/000071204.pdf

"848FMM"SDIJUFDUFEϑϨʔϜϫʔΫ ப ઃܭݪଇ ӡ༻্ͷ ༏लੑ ɾӡ༻Λίʔυͱͯ͠ӡ༻ ɾఆظతʹɺখن໛ͳɺݩʹ໭͢͜ͱ͕Ͱ͖ΔมߋΛద༻͢Δ ɾӡ༻खॱΛఆظతʹվળ͢Δ ɾো֐Λ༧૝͢Δ ɾ͋ΒΏΔӡ༻্ͷো֐͔ΒֶͿ
ηΩϡϦςΟ ɾڧݻͳೝূج൫ͷ࣮૷ ɾτϨαϏϦςΟʔͷ࣮ݱ ɾશϨΠϠʔ΁ͷηΩϡϦςΟͷద༻ ɾηΩϡϦςΟͷϕετϓϥΫςΟεͷࣗಈԽ ɾ఻ૹத͓Αͼอ؅தͷσʔλอޢ ɾσʔλʹਓͷखΛೖΕͳ͍ ɾηΩϡϦςΟΠϕϯτ΁ͷඋ͑ ৴པੑ ɾো֐͔Βࣗಈతʹ෮چ͢Δ ɾ෮چखॱΛςετ͢Δ ɾਫฏํ޲ʹεέʔϧͯ͠ू߹తͳϫʔΫϩʔυͷՄ༻ੑΛߴΊΔ ɾΩϟύγςΟʔΛײʹཔΒͳ͍ ɾࣗಈԽͰมߋΛ؅ཧ͢Δ ύϑΥʔϚϯεޮ཰ ɾߴ౓ͳςΫϊϩδʔΛ୭Ͱ΋࢖͑ΔΑ͏ʹ͢Δ ɾ͢෼Ͱάϩʔόϧʹల։͢Δ ɾαʔόʔϨεΞʔΩςΫνϟΛ࢓༷͢Δ ɾΑΓසൟʹ࣮ݧ͢Δ ɾϝΧχΧϧγϯύγʔΛߟྀ͢Δ ίετ࠷దԽ ɾΫϥ΢υͷࡒ຿؅ཧͷӡ༻ ɾফඅϞσϧΛಋೖ͢Δ ɾશମతͳޮ཰Λଌఆ͢Δ ɾඅ༻Λ෼ੳ͠ɺؼ݁ͤ͞Δ AWS Well-Architected ϑϨʔϜϫʔΫ https://aws.amazon.com/jp/architecture/well-architected/

"84ͷηΩϡϦςΟαʔϏεΛ ׆༻ྫ

ϑϨʔϜϫʔΫʹ౰ͯ͸ΊͯΈΔͱʁ Lambda Systems Manager Automation CloudFormation Organizations SCP IAM SNS
Config CloudWatch Inspector Macie GuardDuty Shield Firewall Manager WAF VPC ༧๷ ๷ޚ ݕ஌ ରԠ ෮چ ௨஌ ࣗಈԽ Lambda CloudWatch ௐࠪ CloudWatch CloudTrail ౷߹ Security Hub #jawsug_asa

ΞʔΩςΫνϟʔผʹݟͯΈΔͱ Shield WAF CloudFront ELB ߈ܸରࡦ ର৅Ϧιʔε NACL Security Group
ωοτϫʔΫ๷ޚ ର৅Ϧιʔε ELB EC2 RDS KMS σʔλอޢ ର৅Ϧιʔε EC2 RDS S3 %%P4߈ܸ ΞϓϦέʔγϣϯ ߈ܸ ෆਖ਼ ωοτϫʔΫ ΞΫηε ෆਖ਼ ɹσʔλΞΫηε Inspector Systems Manager αʔόʔ؅ཧ Security Hub CloudTrail CloudWatch GuardDuty Config VPC Flow logs ՄࢹԽɾϞχλϦϯά ௨஌ ௨஌ SNS ௨஌ ӡ༻୲౰ ؂ࢹ ɾશϨΠϠʔ΁ͷηΩϡϦςΟͷద༻ ɾτϨαϏϦςΟʔͷ࣮ݱ #jawsug_asa

γεςϜͷϨΠϠʔผʹ౰ͯ͸ΊΔͱ Ϛωδϝϯτ ίϯιʔϧ 71$Ծ૝ઐ༗ྖҬ &$04ྖҬ &#4ϩʔΧϧσΟεΫ 3%4σʔλϕʔε 4ετϨʔδ $MPVE8BUDI؂ࢹ %JSFDU$POOFDU/8
ηΩϡϦςΟͷରԠྫʢ๷ޚʣ ݕ஌ͷରԠྫ (VBSE%VUZ $POUSPM5PXFS 4FDVSJUZ)VC 'JSFXBMM.BOBHFS .BDJF 5SVTUFE"EWJTPS ɾ"84ΞΧ΢ϯτɿར༻੍ݶ ɾ*".Ϣʔβɿૢ࡞ݖݶͱ઀ଓݩ੍ݶ ɹར༻ՄೳϦιʔεʹର͢ΔΞΫηείϯτϩʔϧɺଟཁૉೝূͷಋೖ ɾຊ൪؀ڥɺ։ൃ؀ڥͱ͍ͬͨ؀ڥ୯ҐͰ71$ͷ෼཭ ɾαϒωοτ୯ҐͰͷ௨৴੍ޚɺϧʔςΟϯάઃఆ ɾ71$ϑϩʔϩάͷऔಘ ɾ4FDVSJUZ(SPVQʹΑΔαʔόؒ௨৴੍ޚ ɾ4ZTUFNT.BOBHFS౳Λར༻ͯ͠ͷɺαʔόঢ়ଶͷ೺ѲͱҰׅύον౰ͯ ɾαʔόͷϩάΠϯ؅ཧͷ࢓૊Έͱɺϩάू໿ͷ࢓૊Έͷಋೖ ɾ҉߸ԽΦϓγϣϯʹΑΔσΟεΫશମͷ҉߸Խ $MPVE5SBJMʹΑΔ "84ૢ࡞ཤྺ τϥϑΟοΫϩά ֤छΞϓϦέʔγϣϯϩά 04ϩάΠϯཤྺ %#؂ࠪϩά "84αʔϏε֤छʹΑΔ ϩάɾΞϥʔτ ݕࠪ͢Δ΂͖ϩά ɾઐ༻ઢʢ%9ʣ΍71/Λར༻ͨ͠ܦ࿏҆શͷ֬อ ɾ5SBOTJU(BUFXBZΛར༻ͨ͠71$ɾܦ࿏ͷ؅ཧ ɾܦ࿏ͷ৑௕ԽʹΑΔࣄۀܧଓੑͷ֬อ ɾDBMSͷػೳʹΑΔςʔϒϧશମʢදྖҬʣͷ҉߸Խ ɾDBʹର͢ΔΞΫηεݖݶͷ؅ཧ ɾ҉߸ԽΦϓγϣϯʹΑΔετϨʔδશମͷ҉߸Խ ɾΫϥΠΞϯταΠυ͸҉߸ԽΩʔʹΑΓσʔλΛอޢ ɾCloudWatchʹΑΔAWSͷ؂ࢹͱɺӡ༻؂ࢹιϑτ΢ΣΞΛར༻ͨ͠αʔ ϏεɺΞϓϦέʔγϣϯ؂ࢹͷซ༻ *OTQFDUPS "84ͷར༻ঢ়گͷ؂ࠪ "84ΞΧ΢ϯτͷઃఆͱΨόφϯε ηΩϡϦςΟʔΞϥʔτͷू໿ͱݕ஌ɾରԠ "84ͷෆਖ਼ར༻ͷݕ஌ 04ɺΞϓϦͷηΩϡϦςΟධՁ 'JSFXBMMͷҰݩ؅ཧͱݕ஌ɾରԠ 4಺ͷػີ৘ใͷݕग़ɺ෼ྨɺอޢ 0SHBOJ[BUJPOT #jawsug_asa

༧๷త౷੍ͱൃݟత౷੍ ηΩϡϦςΟͷϕετϓϥΫςΟεͷҰͭ 0SHBOJ[BUJPO6OJU Automation AWS Systems Manager AWS Config Rule
ઃఆෆඋΛ ݕ஌ म෮ࢦࣔ ༧๷త౷੍ ൃݟత౷੍ SCP AWS Organizations SCPΛར༻ͯ͠ ΞΧ΢ϯτશମʹ ېࢭࣄ߲ͷઃఆ AWSΞΧ΢ϯτ IAM User ྫʣ SPPUϢʔβʔͷΞΫηεΩʔͷ ࡞੒Λېࢭ͢Δ ྫʣ *".Ϣʔβʔͷ.'"͕༗ޮʹ ͳ͍ͬͯΔ͔νΣοΫ͢Δ Ұ࣌తʹ IAMϢʔβʔͷ ແޮԽ #jawsug_asa

αʔϏεΛ্ख͘׆༻͢Δͱ ӡ༻ָ͕ʹͳΔ

ηΩϡϦςΟͷઃఆΛखಈͰઃఆ͢Δͱʁ ̍ʙ̎ݸͩͱରԠՄೳ͕ͩɺΞΧ΢ϯτ ͕ݸ͋ͬͨͱͨ͠Βʁ ਓ͕ؒखͰ΍Δͱϛε΍ൈ͚࿙Ε͕ൃੜ͢Δɻ ͦΕҎલʹ໘౗͍͘͞ #jawsug_asa

"840SHBOJ[BUJPOTͷ׆༻

"840SHBOJ[BUJPOTͷ༻ޠ #jawsug_asa ཁૉ໊ ֓ཁ ૊৫ "840SHBOJ[BUJPOTͰ؅ཧ͢Δର৅ͷશମ ࢀՃ͢Δ"84ΞΧ΢ϯτશͯ Ϛελʔ ΞΧ΢ϯτ "840SHBOJ[BUJPOTΛઃఆͨ͠"84ΞΧ΢ϯτ
ʢ૊৫಺ʹ̍ͭͷΈʣ ϝϯόʔ ΞΧ΢ϯτ ૊৫಺ͷϚελʔΞΧ΢ϯτҎ֎ͷશͯͷ"84ΞΧ΢ ϯτ ૊৫୯Ґ ʢ06 ૊৫಺ͷ࿦ཧతͳάϧʔϓ ؅ཧ༻ϧʔτ ʢSPPUʣ ૊৫಺ͷ֊૚ͷ࠷্Ґ αʔϏείϯτϩ ʔϧϙϦγʔ ར༻Ͱ͖Δ"84αʔϏεͷ੍ޚΛهड़ͨ͠ϙϦγʔ

0SHBOJ[BUJPOTͷ֊૚ߏ଄ Account Account Account Organizational unit Organizational unit 3PPU Account
Root௚Լʹ ΞΧ΢ϯτͷ ഑ஔ΋Մೳ ʢඇਪ঑ʣ OUͷ֊૚ߏ଄΋ ઃఆՄೳ #jawsug_asa ૊৫୯Ґʢ06ʣͰ؅ཧ͞Εɺ্Ґͷઃఆ͸ ԼҐʹܧঝ͞ΕΔ

αʔϏείϯτϩʔϧϙϦγʔʢ4$1ʣ 4$1Λ࢖͏ͱ"84ΞΧ΢ϯτ୯ҐͰͷݖݶ੍ޚ͕Մೳ 4FSWJDF$POUSPM 1PMJDZʢ4$1ʣ *EFOUJUZCBTFE QPMJDZʢ*".ʣ ˓ ˓ ˓ ☓
☓ ༗ޮͳݖݶ *".ͷΈͳΒͣϧʔτΞΧ΢ϯτͷ੍ݶ΋ Մೳʢ1FSNJTTJPOTό΢ϯμϦʔΑΓڧྗʣ

4$1ͷ੍ޚͷܧঝ #jawsug_asa 0SHBOJ[BUJPOTͷ֊૚ͱݖݶͷܧঝ Account Account Account Organizational unit Organizational unit
SCP ΞΧ΢ϯτ୯Ґʹ ద༻ SCP OUશମʹ ద༻ 3PPU ΞΧ΢ϯτ಺Ͱ*".ΛؤுΔΑΓɺ੍ޚ͞Εͨαϯυ ϘοΫεΞΧ΢ϯτΛ࡞Δ΄͏ָ͕͔΋͠Εͳ͍

$MPVE'PSNBUJPO4UBDL4FUT

$MPVE'PSNBUJPO4UBDL4FUT #jawsug_asa CloudFormation StackSets Stack ΞΧ΢ϯτAʢϝϯόʔΞΧ΢ϯτʣ ౦ژϦʔδϣϯ Stack ΦϋΠΦϦʔδϣϯ ਌ΞΧ΢ϯτʢϚελʔΞΧ΢ϯτʣ
Stack ΞΧ΢ϯτBʢϝϯόʔΞΧ΢ϯτʣ ౦ژϦʔδϣϯ Stackͷ࡞੒ͱ࣮ߦ ෳ਺ͷ"84ΞΧ΢ϯτ΍Ϧʔδϣϯʹର͠ $MPVE'PSNBUJPOͷελοΫΛ࡞੒Ͱ͖Δػೳ

0SHBOJ[BUJPOTº4UBDL4FUT #jawsug_asa AWS Account AWS Account OUʢ૊৫୯Ґʣ 3PPU CloudFormation StackSets
with Organizations AWS Account OUʹࢀՃ AWS Account ελοΫͷ࡞੒ ʢOUઃఆͷ௥Ճʣ ελοΫͷ࡟আ ʢOUઃఆͷ࡟আʣ OU͔Β཭୤ 0SHBOJ[BUJPOTͱ࿈ܞͤͯ͞ɺ 06ࡿԼʹࣗಈతʹ4UBDL4FUTͷద༻ ΊͪΌͪ͘Όศར

"840SHBOJ[BUJPOT º $MPVE'PSNBUJPO4UBDL4FUT ࢼͯ͠ΈΑ͏ʂʂ

ࢧ෷͍୅ߦ࢖ͬͯΔ͚Ͳʁ ࢧ෷͍୅ߦͰ΋"840SHBOJ[BUJPOTͷػೳ͕ ར༻Մೳͳϓϥϯ͕͋Γ·͢ /3*ωοτίϜɹʲ"840SHBOJ[BUJPOTରԠʳ "84ࢧ෷͍୅ߦαʔϏε IUUQTXXXOSJOFUDPNQSPEVDUTBXTQBZNFOU #jawsug_asa

·ͱΊ

ࠓ೔࿩ͨ͠಺༰ "84ͷΞΧ΢ϯτηΩϡϦςΟ "84ͷηΩϡϦςΟαʔϏε $MPVE'PSNBUJPO4UBDL4FUTͱ"840SHBOJ[BUJPOT #jawsug_asa

ຊ೔ͷΰʔϧ "840SHBOJ[BUJPOTͱ $MPVE'PSNBUJPO4UBDL4FUTΛࣗ෼Ͱ࢖ͬͯΈΑ͏ 㱺࢖ͬͯΈͨ͘ͳΓ·͔ͨ͠ʁ ɹ-FU`͂5SZʂʂ #jawsug_asa

CloudFormation StackSets with AWS Organizations

CloudFormation StackSets with AWS Organizations

More Decks by Takuro SASAKI

Other Decks in Technology

Featured

Transcript