Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
キッチハイク社内勉強会 / 2021-03-03
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
taogawa
April 15, 2021
Programming
1.2k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
キッチハイク社内勉強会 / 2021-03-03
taogawa
April 15, 2021
More Decks by taogawa
See All by taogawa
「一人でも多く、一円でも多く」 価値を届ける決済の仕組みと工夫 / 2022-11-30_10x_campfire_kanmu
taogawa
0
140
キッチハイク社内勉強会 ドメイン駆動設計のはなし / 2021-09-01
taogawa
0
1.7k
7年目を迎えたRails アプリケーションの傾向と対策/Rails Developers Meetup 2019 Day1
taogawa
8
4.3k
意図せぬレスポンスを防ぐAPI設計2つのコツ / Startup Rails #6
taogawa
0
2.8k
おいしい時間を支えるAPI設計 / Food Service Engineers Meetup #3
taogawa
1
2.8k
Other Decks in Programming
See All in Programming
Contextとはなにか
chiroruxx
1
390
jQueryをバージョンアップする前に使いたいjQuery Migrate
matsuo_atsushi
0
630
なぜ関数型プログラミングで「型」と「証明」が語られるのか #fp_matsuri
kajitack
0
360
作って学ぶ、 JSX (TSX) ランタイムの基本
syumai
7
1.7k
AI 輔助遺留系統現代化的經驗分享
jame2408
1
1.2k
LaravelLive Japan の裏方のすべて — 第188回 PHP勉強会@東京 (2026-06-24)
suguruooki
2
150
「なぜそう決めたのか」を残し続ける仕組み ― Notion AI カスタムエージェント × Slack連携による設計判断の自動記録 - NIKKEI Tech Talk #47
niftycorp
PRO
0
250
鹿野さんに聞く!『TypeScriptコードレシピ集』で磨く実践力
tonkotsuboy_com
4
990
AI がコードを書く時代における新卒エンジニアの仕事風景 (2026) / New Graduate Engineers in the Era of AI Coding (2026)
sushichan044
0
200
Mujeres en SEO Summit 2026 - Greatest Disaster Hits en Web Performance
guaca
0
230
Observability in Practice:Grafana 與 Edge Device SRE 的那些事
blueswen
0
190
OS アップデート対応の取り組み方がもっと共有されてほしい
andpad
0
110
Featured
See All Featured
Odyssey Design
rkendrick25
PRO
2
720
RailsConf 2023
tenderlove
30
1.5k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
610
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
2.1k
Building an army of robots
kneath
306
46k
Heart Work Chapter 1 - Part 1
lfama
PRO
8
36k
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
300
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
3
880
A Modern Web Designer's Workflow
chriscoyier
698
190k
The Cult of Friendly URLs
andyhume
79
6.9k
Testing 201, or: Great Expectations
jmmastey
46
8.2k
Docker and Python
trallard
47
3.9k
Transcript
IAMͷ͖΄Μ 2021/3/3 ΩονϋΠΫ ࣾษڧձ
ຊͷςʔϚ
ܰࢹ͞Ε͕ͪͳ IAMͷجຊʹ͍ͭͯ ֶΜͰΈΑ͏
ΞδΣϯμ • ͡Ίʹ: IAMΛΔͱͲΜͳ͍͍͜ͱ͕͋Δͷ • IAMͲΜͳͷ͔ ◦ IAMͷʮೝূʯ ◦ IAMͷʮೝՄʯ
• IAMΛ҆શʹ͢ΔͨΊʹ • ·ͱΊ
͡Ίʹ
AWS IAM (Identity and Access Management)
• AWSϦιʔεͷΞΫηεΛ҆શʹཧ͢ΔͨΊͷαʔϏε • ϦιʔεΞΫηεͷೝূͱೝՄΛ͍࢘ͬͯΔ
• AWSͷதͰIAM༏ઌΛ͘͞Ε͕ͪͳαʔϏε(ࣗͷ؍ଌ ൣғௐ) • ͳ͔ͥɾɾɾԿઃఆ͠ͳ࣮ͯ͘ӡ༻ʹࠔΒͳ͍
• AWSͷதͰIAM༏ઌΛ͘͞Ε͕ͪͳαʔϏε(খͷ؍ଌ ൣғௐ) • ͳ͔ͥɾɾɾԿઃఆ͠ͳ࣮ͯ͘ӡ༻ʹࠔΒͳ͍ IAMʁΑ͘Θ͔Μͳ͍͚Ͳૣ͘αʔϏεϦϦʔε͠Α͏Αʂ
ͦͷઌʹ͋Δͷɾɾɾ
AWSͷෆਖ਼ར༻ʹΑΔ ߴֹٻ
ۚમతଛ͚ͩ͡Όͳ͍
اۀͷ߹େ͖ͳηΩϡϦςΟΠϯγσϯτͱͳΔ SSRF߈ܸʹΑΔCapital Oneͷݸਓใྲྀग़ʹ͍ͭͯ·ͱΊͯΈͨ https://piyolog.hatenadiary.jp/entry/2019/08/06/062154
IAMΛΔ͜ͱ ͜ͷΑ͏ͳࣄଶΛ͙ୈҰาͱ ͳΔͷͰ͢
ͰAWS৮Βͳ͍͠ɾɾɾ Δඞཁ͋Δͷʁ
͋Γ·͢ʂ
IAMΛΔ͜ͱ ϢʔβʔͷೝূɾೝՄཧ ͷΑΓΑ͍ϞσϧΛ ֶͿ͜ͱʹͭͳ͕Γ·͢
ͱ͍͏Θ͚Ͱ ݟ͍͖ͯ·͠ΐ͏
IAMͱͲΜͳͷ͔
IAMAWSϦιʔεͷೝূͱೝՄͷཧׂ͕
ೝূͱೝՄ ೝূ(Authentication) ύεϫʔυͳͲ(ޙड़)ͷखஈͰɺA͞Μ͔Ͳ͏͔ ͷಉҰੑ֬ೝΛ͢Δ ೝՄ(Authorization) A͞Μʹର͢ΔAWS্ͷϦιʔεݖݶΛ༩͢Δ
ೝূͱೝՄ ೝূ(Authentication) ຊਓ͔͠Βͳ͍ใɺ࣋ͨͳ͍ใΛར༻͠ ͯɺຊਓͱͷಉҰੑΛ֬ೝ͢Δ͜ͱ ೝՄ(Authorization) Ϧιʔεʹର͢Δར༻ݖݶΛ༩͑Δ͜ͱ
IAMͷೝূ
IAMͷʮೝূʯ • AWSͷαʔϏεར༻ʹର͢Δೝূ • IAMϢʔβʔʹର͢ΔύεϫʔυϙϦγʔͷઃఆ ◦ ύεϫʔυXจࣈҎ্ɺه߸ͷ༗ແɺ༗ޮظݶͷઃఆ • MFA(ଟཁૉೝূ) ◦
ෳͷຊਓ͔͠Βͳ͍ / ࣋ͨͳ͍ใʹΑͬͯೝূڧΛڧ͘ ͢Δ ◦ ύεϫʔυ + ຊਓͷ࣋ͭσόΠεͰੜͨ͠ίʔυ
ʮೝূʯΘ͔Γ͍͢ • ଞαʔϏεͱڞ௨ͨ֓͠೦ͰೃછΈ͕͋Δ • AWS͔ͩΒͱ͍ͬͯಛผͳཁૉͦΜͳʹ ͳ͍ • ҰൠతͳೝূཧͷϕετϓϥΫςΟε͕ ͦͷ··௨༻͢Δͱߟ͑ͯྑ͍ ◦
ύεϫʔυ͍ͷΛઃఆ ◦ ଟཁૉೝূΛ༗ޮʹ͢ΔɾɾɾͳͲ
IAMͷೝՄ
IAMͷʮೝՄʯ • AWSͷϦιʔεʹର͢Δݖݶͷ༩ ◦ ඇৗʹॊೈͰ͋ΔΏ͑ʹෳࡶͰ͋Δ ◦ IAMϢʔβʔɺIAMϙϦγʔɺIAMάϧʔϓɺIAMϩʔϧɺΦʔΨ φΠθʔγϣϯϢχοτ(OU)ͷ֓೦(ޙड़) ◦ AWSͷαʔϏε
x ͦΕͧΕͷαʔϏεͷݖݶ͕େʹ͋Δ • ͜ͷʮೝՄʯͷઃఆϛε͕ॾʑͷΠϯγσϯτͷඃΛඇৗʹਙେͳ ͷʹ͍ͯ͠Δ
ʮೝՄʯࣗମ͘͠ͳ͍ • ݖݶΛ༩͢ΔϞσϧ伴ͷΑ͏ͳͷ ◦ ΉΈͨΒʹԿͰ։͚ΒΕΔ伴Λͨ͠ Γɺ͔Γ͍͢ͱ͜Ζʹஔ͍͓͚ͯɺϚζ Πͷ͙͢Θ͔Δͣ • ͰAWSͰͦ͏͍͏͜ͱ͕·͔Γ௨ͬͯ͠· ͏ɾɾɾͳͥʁ
AWSͷʮೝՄʯͱ͖ͬͭʹ͍͘ • ༩͢Δݖݶ͕େͰ͋Δ ◦ େͳαʔϏεͷ x ͦͷݖݶͷΈ߹ Θͤ • Γ͍ͨ͜ͱʹൺͯ͠ɺΕΔ͜ͱ͕ඇৗʹଟ
͍ • ݖݶઃఆʑ͍͘͢ͳ͍ͬͯΔ͕ɺͦ ΕͰ͍͠ ◦ ӈͷΑ͏ͳJSONΛमਖ਼͢Δػձଟ ͍ { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ssm:GetOpsItem", "ssm:UpdateOpsItem", "ssm:DescribeOpsItems", "ssm:CreateOpsItem", "ssm:CreateResourceDataSync", "ssm:DeleteResourceDataSync", "ssm:ListResourceDataSync", "ssm:UpdateResourceDataSync" ], "Resource": "*" } ] }
ϧʔτϢʔβʔ͍͕ͪ • AWSͷαΠϯΞοϓ࣌ʹ࡞͞ΕΔΞΧϯτ ◦ AWSͷϦιʔεͷͯ͢ͷΞΫηεݖݶΛ࣋ͭ࠷ڧͷϢʔβʔ ◦ IAMϢʔβʔͱҧ͏ • AWS͋Δ͋Δ: IAMϢʔβʔΛ࡞ΒͣɺϧʔτϢʔβʔΛͦͷ··ͬͯ
͠·͏ ◦ AWSΛ͏ਓαʔϏεΛ࡞Γ͍ͨ ◦ IAMͷઃఆΛௐͯ಄௧͕ͯ͘͠Δ→ϧʔτϢʔβʔ͏ ◦ ԿͰͰ͖Δݖݶ͔ͩΒαʔϏεΛ࡞ΔͷʹࠔΒͳ͍
ϧʔτϢʔβʔৗ༻ͷ࿏ • ͦͷ͏ͪɺϧʔτϢʔβʔ͕ͨΓલԽ͢Δ ◦ IAMϢʔβʔͰదͳݖݶ༩Λޙճ͠ʹ͢Δ ◦ ϧʔτϢʔβʔͷΞΫηεΩʔ / γʔΫϨοτΩʔΛ͏ͳͲɺة ݥͳΦϖϨʔγϣϯ͕ৗଶԽ͢Δ
• ΞΫηεΩʔ / γʔΫϨοτΩʔͦΕͦͷͷ͕ೝূใ ◦ ID / ύεϫʔυͷΈ߹Θͤͱ΄΅ಉٛ ◦ ޡͬͯϦϙδτϦʹPushͯ͠શੈքʹެ։ → ΞΧϯτ͕ୣΘΕΔ ◦ ϧʔτϢʔβʔԿͰग़དྷΔͷͰඃ͕ਙେͳͷͱͳΔ
͜͜·Ͱͷ·ͱΊ • IAM(Identity and Access Management)AWSϦιʔεͷೝূͱೝՄ ͷཧׂ͕ • ʮೝূʯຊਓͱͷಉҰੑ֬ೝ •
ʮೝՄʯϦιʔεʹର͢ΔݖݶΛ༩͑Δ͜ͱ • AWSͷ߹ɺʮೝՄʯَ͕Ͱ͋Δ ◦ ઃఆͷϋʔυϧ͕ߴ͘ޙճ͠ʹ͞Ε͕ͪ ◦ ҰํͰAWSϢʔβʔͷ૾Ҏ্ʹͳΜͰͰ͖Δ ◦ ݁Ռɺྲྀग़࣌ʹμϝʔδ͕େ͖͍
Ͱ ۩ମతʹԿΛ͢Ε͍͍ͷʁ
IAMΛ ҆શʹ͢ΔͨΊʹ
IAMηΩϡϦςΟϕετϓϥΫςΟεʹै͓͏ • AWS͕ެࣜʹग़͍ͯ͠ΔIAMͷ ϕετϓϥΫςΟεू • AWSϦιʔεͷηΩϡϦςΟ֬ อͷͨΊʹ16ͷਪࣄ߲Λڍ͛ ͍ͯΔ IUUQTEPDTBXTBNB[PODPNKB@KQ*".MBUFTU6TFS(VJEFCFTUQSBDUJDFTIUNM
·ͣখ͘͞ʮೝূʯ͔Β࢝ΊͯΈΔ • 16ݸʂʁͱͳΔ͕ɺશͯΛ͍͖ͳΓ࢝ΊΔඞཁͳ ͍ ◦ ࠷ॳ͔Βඞཁͳ͍ͷ͋Δ • ͜͏͍͏ͱ͖՝Λׂɻ·ͣʮೝূʯ͔Βͬͯ ΈΑ͏ •
ʮೝূʯͻͱΓͻͱΓͷಉҰੑ֬ೝɻͦͷ؍͔Β ਐΊͯΈΔ ◦ MFAͷ༗ޮԽ ◦ IAMϢʔβʔΛڞ༻Ͱͳ͘ɺϢʔβʔ͝ͱʹൃ ߦ͢Δ ◦ ύεϫʔυϙϦγʔͷڧԽ ◦ ΞΫηεΩʔͷແޮԽɾඇڞ༗ • ͜Ε͚ͩͰେϚγʹͳΔ ϕετϓϥΫςΟεͰͷʮೝূʯؔ࿈߲ ɾAWSΞΧϯτͷϧʔτϢʔβʔΞΫηεΩʔΛϩοΫ͢Δ ɾݸʑͷIAMϢʔβʔΛ࡞͢Δ ɾϢʔβʔͷͨΊʹڧͷߴ͍ύεϫʔυϙϦγʔΛઃఆ͢Δ ɾMFAͷ༗ޮԽ ɾΞΫηεΩʔΛڞ༗͠ͳ͍ ɾೝূใΛఆظతʹϩʔςʔγϣϯ͢Δ ɾෆཁͳೝূใͷআ ɾՃηΩϡϦςΟʹର͢ΔϙϦγʔ݅Λ༻͢Δ
͍ͭͮͯʮೝՄʯʹऔΓΜͰΈΑ͏ • ϩʔϧάϧʔϓɺϙϦγʔͳͲͷݴ༿͕ग़ͯ ͖ͨɻͳʹ͜Εʁ • ·ͣ͜ΕΒʹΛͭΉΖ͏ɻ • ඞཁͳ͚ͩͷʮೝՄʯͷ༩ʹऔΓΉ • ۩ମతʹҎԼͷ߲
◦ ࠷খݶͷಛݖΛೝΊΔ ◦ AWSཧϙϦγʔΛ༻ͨ͠ΞΫηεڐ Մͷ༻։࢝ ϕετϓϥΫςΟεͰͷʮೝՄʯؔ࿈߲ ɾIAMϢʔβʔͷΞΫηεڐՄΛׂΓͯΔͨΊʹάϧʔϓΛ͍·͢ ɾ࠷খݶͷಛݖΛೝΊΔ ɾΞΫηεϨϕϧΛ༻ͯ͠ɺIAM ΞΫηεڐՄΛ֬ೝ͢Δ ɾAWSཧϙϦγʔΛ༻ͨ͠ΞΫηεڐՄͷ༻։࢝ ɾΠϯϥΠϯϙϦγʔͰͳ͘ΧελϚʔཧϙϦγʔΛ༻͢Δ ɾAmazon EC2ΠϯελϯεͰ࣮ߦ͢ΔΞϓϦέʔγϣϯʹର͠ɺϩʔ ϧΛ༻͢Δ ɾϩʔϧΛ༻ͯ͠ΞΫηεڐՄΛҕ͢Δ
AWSͷϨʔϧʹΔ • ݖݶʁͲΕΛ͚͍͍ͭͯͷ͔͔Βͳ͍Αʂ • ͦΜͳਓͷͨΊʹAWS͕ϏϧτΠϯͷཧϙ Ϧγʔ(ݖݶͷηοτ)Λ༻ҙͯ͘͠Ε͍ͯΔ ◦ αʔϏε͝ͱʹΞΫηεݖݶ͕ύοέʔ δԽ͞Ε͍ͯΔ ◦
ݖݶΛ࠷ॳ͔Βॻ͔ͳͯ͘ࡁΈɺϋʔυ ϧ͕Լ͕Δ ◦ ͜ͷϙϦγʔʹՃ͢ΔܗͰɺݸผͷη ΩϡϦςΟϙϦγʔΛՃ͑Δͷ͕ఆੴ ϕετϓϥΫςΟεͰͷʮೝՄʯؔ࿈߲ ɾIAMϢʔβʔͷΞΫηεڐՄΛׂΓͯΔͨΊʹάϧʔϓΛ͍·͢ ɾ࠷খݶͷಛݖΛೝΊΔ ɾΞΫηεϨϕϧΛ༻ͯ͠ɺIAM ΞΫηεڐՄΛ֬ೝ͢Δ ɾAWSཧϙϦγʔΛ༻ͨ͠ΞΫηεڐՄͷ༻։࢝ ɾΠϯϥΠϯϙϦγʔͰͳ͘ΧελϚʔཧϙϦγʔΛ༻͢Δ ɾAmazon EC2ΠϯελϯεͰ࣮ߦ͢ΔΞϓϦέʔγϣϯʹର͠ɺϩʔ ϧΛ༻͢Δ ɾϩʔϧΛ༻ͯ͠ΞΫηεڐՄΛҕ͢Δ
ϢʔβʔɺϩʔϧɺάϧʔϓɺϙϦγʔΛཧղ͠Α͏ • ଓ͍ͯϢʔβʔɺϩʔϧɺάϧʔϓɺϙϦγʔͷ֓೦Λཧղ ͢Δ ◦ IAMϢʔβʔ ◦ IAMάϧʔϓ ◦ IAMϙϦγʔ
◦ IAMϩʔϧ ˔ ͜ΕΒΛཧղ͢Δ͜ͱϝϯςφϒϧͳIAMͷӡ༻ʹͭͳ͕ Δ ◦ ٯʹ͍͑ɺ͜ΕΒΛཧղ͍ͯ͠ͳͯ͘࠷ݶͷೝ Մ༩Ͱ͖Δ ▪ ϢʔβʔʹϙϦγʔΛ༩ ◦ ࠷ॳ͔Β͖ͬͪΓΖ͏ͱͯ͠࠳ં͢ΔΑΓɺ·ͣ ϝϯςφϒϧͰͳͯ͘ೝՄΛඋ͢Δ΄͏͕Α͍ Α͏ʹࢥ͏ ϕετϓϥΫςΟεͰͷʮೝՄʯؔ࿈߲ ɾIAMϢʔβʔͷΞΫηεڐՄΛׂΓͯΔͨΊʹάϧʔϓΛ͍·͢ ɾ࠷খݶͷಛݖΛೝΊΔ ɾΞΫηεϨϕϧΛ༻ͯ͠ɺIAM ΞΫηεڐՄΛ֬ೝ͢Δ ɾAWSཧϙϦγʔΛ༻ͨ͠ΞΫηεڐՄͷ༻։࢝ ɾΠϯϥΠϯϙϦγʔͰͳ͘ΧελϚʔཧϙϦγʔΛ༻͢Δ ɾAmazon EC2ΠϯελϯεͰ࣮ߦ͢ΔΞϓϦέʔγϣϯʹର͠ɺϩʔ ϧΛ༻͢Δ ɾϩʔϧΛ༻ͯ͠ΞΫηεڐՄΛҕ͢Δ
ϢʔβʔɺϩʔϧɺάϧʔϓɺϙϦγʔͷׂ • IAMϢʔβʔ ◦ AWS Λར༻͢Δ֤ར༻ऀ͚ʹ࡞͞ΕΔΞΧϯ τ • IAMάϧʔϓ ◦
ಉҰͷׂΛ࣋ͭIAM ϢʔβʔΛάϧʔϓԽ͢Δػ ೳɻIAM Ϣʔβʔಉ༷ʹΞΫηεݖݶΛ༩͢Δ͜ͱ ͕Ͱ͖Δɻ • IAMϙϦγʔ ◦ AWS ϦιʔεͷΞΫηεݖݶΛͻͱ·ͱΊʹͨ͠ ͷɻ • IAMϩʔϧ ◦ AWS αʔϏεΞϓϦέʔγϣϯ(ඇϢʔβʔ)ʹର ͯ͠AWS ͷૢ࡞ݖݶΛ༩͑ΔΈɻผΞΧϯτ ͷϢʔβʔʹ༩͢Δ͜ͱͰ͖Δɻ
IAM͔ΒೝՄཧͷϕετϓϥΫςΟεΛֶ΅͏ • IAMͷϞσϧඇৗʹΑ͘Ͱ͖͍ͯΔ • IAMϢʔβʔͰͳ͘ɺάϧʔϓʹϙϦγʔ(ݖݶͷηοτ)Λ ͨͤΔ͜ͱͰɺϢʔβʔͷҟಈ͕͋ͬͯɺϢʔβʔ͔Β άϧʔϓΛऔΓ֎͚ͩ͢Ͱ࡞ۀ͕ࡁΉɻ • ϙϦγʔ(ݖݶͷ·ͱ·Γ)ͱ༩͢Δର(Ϣʔβʔɺάϧʔ ϓɺϩʔϧ)͕ૄ݁߹ͳ͜ͱͰɺॊೈʹݖݶΛཧ͢Δ͜ͱ͕
Ͱ͖Δɻ ◦ άϧʔϓ͕ϙϦγʔΛෳ࣋ͭ͜ͱͰ͖Δ ◦ άϧʔϓͷݖݶมߋΛϙϦγʔͷ͚֎͚ͩ͠ͰͰ͖Δ ◦ ΧελϚʔཧϙϦγʔʹϓϥεͯ͠ɺΑΓৄࡉͳ੍ݶ Λ༩ͨ͠ϙϦγʔΛՃ͢Δͱ͍ͬͨ͜ͱͰ͖Δ
IAMͷೝূೝՄཧͷߟ͑ํ৭Μͳͱ͜ΖͰ͑Δ • AWSͱ͍͏ڊେͰෳࡶͳγεςϜͷݖݶϞσϧͦͷϕ ετϓϥΫςΟεΛֶͿ͜ͱɺଞͷγεςϜαʔϏε ʹ׆͔͢͜ͱ͕Ͱ͖Δ ◦ GCPAzureͳͲڝ߹αʔϏεͰେͷߟ͑ํม ΘΒͳ͍ ◦ ۀγεςϜશൠʹ͜ͷϞσϧద༻Ͱ͖Δ
• ܾͯ͠AWSͰ͔͑͠ͳ͍ࣝͰͳ͍
·ͱΊ
·ͱΊ • IAMΛΖ͏ • IAMΛΔ͜ͱͰɺΫϥυഁ࢈ηΩϡϦςΟΠϯγσϯτͷՄೳ ੑΛେ෯ʹݮͤ͞Δ͜ͱ͕Ͱ͖Δ • ͱ͖ͬͭʹ͍͘ͷࣄ࣮ɻ͚ͩͲɺʮೝূʯʮೝՄʯʹண͢Εɺ ϋʔυϧ͘ɺ͙͢ʹऔΓΉ͜ͱ͕Ͱ͖Δ •
IAMΛֶͿ͜ͱɺAWSʹดͨࣝ͡ΛֶͿ͜ͱͰͳ͍ɻΑΓ͍ ೝূͱೝՄͷϞσϧΛֶͿ͜ͱͰ͋Δɻ