Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWSで作る動画自動変換と配信機構

withelmo
April 27, 2021
Programming
1
140

 AWSで作る動画自動変換と配信機構

2021-04-27(Tue) 19:00〜
Fusic Tech Live Vol.1:AWS 活用事例 にて発表
https://fusic.connpass.com/event/206957/

withelmo

April 27, 2021
Tweet

Other Decks in Programming

See All in Programming
Apache Hive 4 on Treasure Data
ryukobayashi
0
360
使ってみよう Azure AI Document Intelligence
kosmosebi
2
330
Code Reviews
bkuhlmann
4
890
デフォルトにして至高、RubyMineの大好きな所
ruzia
0
450
Elm 0.19.0 Changes
bkuhlmann
0
490
VSCodeでのDatabricks開発もお勧めしたい/I would also recommend Databricks development with VSCode.
kazumain
0
260
大規模Reactアプリのリアーキテクチャ~8万行のTanStack Query移行の軌跡~
kj455
4
970
TYPO3 v13 – The road to LTS: What's new and new APIs
luisasofie_xoxo
0
210
Git Rebase
bkuhlmann
11
1.6k
Komplexe Oberflächen mit SVG und der Web Animation API
joergneumann
0
680
Let's learn code review
riofujimon
2
520
雑に思考を整理する技術と効能
konifar
60
29k

Featured

See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
51
8.6k
A Philosophy of Restraint
colly
197
16k
The Pragmatic Product Professional
lauravandoore
25
5.8k
[RailsConf 2023] Rails as a piece of cake
palkan
23
4k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
9
8.3k
Imperfection Machines: The Place of Print at Facebook
scottboms
260
12k
Music & Morning Musume
bryan
41
5.6k
Raft: Consensus for Rubyists
vanstee
132
6.3k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
659
120k
GitHub's CSS Performance
jonrohan
1025
450k
Designing Experiences People Love
moore
136
23k
RailsConf 2023
tenderlove
4
540

Transcript

  1. AWSͰ࡞Δಈըࣗಈม׵ͱ഑৴ػߏ 1 2021-04-27(Tue ) Fusic Tech Live Vol.1ɿAWS ׆༻ࣄྫ ઌਐٕज़෦໳

    ਿຊ৻ଠ࿠

  2. ࣗݾ঺հ ਿຊ ৻ଠ࿠ Sugimoto Shintaro ‣ I D - @withelmo

    @withelmo
 ‣ ࣗݾ঺հ • Fusic ઌਐٕज़෦໳/෦໳௕/γχΞɾϓϦϯγύϧΤϯδχΞ • ػցֶशνʔϜͱIoTνʔϜͱΤϯδχΞϦϯάͯ͠·͢ ‣ ޷͖ͳAWSαʔϏε • S 3 ‣ Skill s 2 image

  3. ࠓճ͓࿩͢Δ͜ͱ • AWSΛ࢖ͬͨಈըࣗಈม׵ͱ഑৴ͷΞʔΩςΫνϟʹ͍ͭͯ • ΞʔΩςΫνϟʔͷબ୒ࢶͱࠓճ࠾༻ͨ͠ߏ੒ʹ͍ͭͯ • Infrastructure as Codeʹ͍ͭͯ 3

  4. 00 ಈը഑৴ͱ͍͑͹…

  5. ಈը഑৴ͱ͍͑͹… Fusicʹ͸͔ͭͯʮzenpreʯͱ͍͏αʔϏε͕͋Γ·ͨ͠ɻ ษڧձͰͷൃදΛΫϦΞͳεϥΠυͱͱ΋ʹԕִ഑৴͢ΔαʔϏε ಈը഑৴෦෼(Ustream)ͷऔΓѻ͍͕೉͘͠ɺ ࣗࣾͰߏங͢Δ͔ݕ౼͠·͕ͨ͠ɺ ίετͷ؍఺Ͱஅ೦ͨ͜͠ͱ͕͋Γ·͢ɻ ͦͷޙɺUstream΋αʔϏεऴྃɺ Flash΋ਰୀؾຯͱ͍͏͜ͱͰɺαʔϏεͷఫୀΛܾஅ͠·ͨ͠ɻ ͋ͷͱ͖ʹ͍·͘Β͍खܰʹಈը഑৴ػߏΛ࡞ΕͨΒ ͋Δ͍͸…ͱ࠷ۙվΊͯࢥ͍·͢ɻ

    5

  6. 01 ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ

  7. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 7

  8. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 8 υʔʔϯοʂʂ

  9. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 9 ͽ͜ʔΜʂ

  10. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 10 ϐϡʔʂ

  11. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 11 ͕ ͕ ͕ ͕ ͕ ʔ ʂ

  12. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 12 ͽ͜ʔΜʂ

  13. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 13 Ά͍ͬʂ

  14. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 14 ͤͬͤͤͬͤʀ

  15. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 15 ͏͐ʔ͍ʂ

  16. ׬શཧղ͠·ͨ͠ʁ 16

  17. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 17

  18. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 18 1. ಈըϑΝΠϧͷΞοϓϩʔυ • ؅ཧऀ͕ΞϓϦܦ༝ͰΞοϓϩʔυ • ಈըೖྗ༻S3όέοτʹอଘ

  19. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 19 2. ಈըม׵ॲཧͷ։࢝ • S3ͷPUTΠϕϯτͰLambda͕
 τϦΨʔ • ҎԼΛࢦఆͯ͠Lambda͔Β

    MediaConvertͷJobΛ࡞੒ 1. MediaConvert Job Templat e 2. ೖྗϑΝΠϧͷS3Ωʔ 3. ग़ྗઌͷS3ϑΥϧμʔ 4. MediaConvert Queu e 5. IAM Role

  20. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 20 3. ಈըม׵ॲཧ • MediaConvert͕ಈըͷม׵Λ͠ɺ HLSϑΝΠϧ܈ΛS3ʹॻ͖ग़͠

  21. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 21 4. ಈըม׵ॲཧͷ׬ྃ • EventBridge͕MediaConvertͷಈը ม׵εςʔλεͷΠϕϯτΛड৴ • EventBridge͕Lambda͕τϦΨʔ

    • εςʔλε͕COMPLETEͷͱ͖ͷ ΈLambda͕S3ʹϑΝΠϧॻ͖ग़͠ • ಈըม׵׬ྃϑΝΠϧ(JSON)

  22. 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 22 5. ΞϓϦͰಈըεςʔλεΛߋ৽ • ΞϓϦͷఆظ࣮ߦͰಈըม׵׬ྃ ϑΝΠϧͷଘࡏνΣοΫ • ΞϓϦଆͰσʔλϕʔεͷಈըε

    ςʔλεΛߋ৽

  23. 23 01. ࠓճ࠾༻ͨ͠ΞʔΩςΫνϟ 6. ར༻ऀ͕ಈըΛετϦʔϛϯά࠶ੜ • ϩάΠϯࡁΈͷར༻ऀ͕ΞϓϦ͔Β ֘౰ಈը΁ͷΞΫηεΛڐՄͨ͠ॺ ໊෇͖CookieΛऔಘ •

    ಈըϓϨʔϠʔ͕ॺ໊෇͖CookieΛ ηοτͯ͠CloudFrontʹΞΫηε • ແࣄʹಈըࢹௌ

  24. 01. ࠓճ࢖༻ͨ͠AWSαʔϏεʹ͍ͭͯ 24

  25. 1-1. AWS Elemental MediaConvert ϑΝΠϧϕʔεͷಈըม׵αʔϏε ༷ʑͳίϯςφͱίʔσοΫ͕ೖग़ྗͰαϙʔτ͞Εɺ ߴ౓ͳಈըػೳ΍Ի੠ػೳΛɺैྔ੍ͷྉۚମܥͰ࢖༻Ͱ͖·͢ɻ https://aws.amazon.com/jp/mediaconvert/ ೖྗͷϑΝΠϧͱม׵ઃఆʢςϯϓϨʔτԽՄೳʣͱ ग़ྗઌͷS3όέοτΛࢦఆ͢Δ͚ͩͷγϯϓϧͳΠϯλʔϑΣʔε

    ม׵ॲཧ͸δϣϒͱͯ͠ड͚෇͚ΒΕɺॲཧʹඞཁͳϦιʔεͷ ϓϩϏδϣχϯά͔Β؂ࢹ·ͰϚωʔδυͰࣗಈͰߦΘΕ·͢ɻ 25

  26. 1-1. AWS Elemental MediaConvert ઃఆ߲໨͸๲େ … ͚ͩͲ΄ͱΜͲσϑΥϧτͰྑ͍ײ͡ʹͳΓ·͢ʢͨͿΜʣ ࠓճJob template࡞੒Ͱೖྗͨ͠ͷ͸ҎԼ5ͭͷ߲໨ͷΈ •

    ςϯϓϨʔτͷ໊শ • ೖྗͷ௥Ճ • ग़ྗάϧʔϓͷ௥ՃʢετϦʔϛϯάύοέʔδλΠϓͷબ୒ʣ • ग़ྗϑΝΠϧͷ໊લम০ࢠͷઃఆ • ग़ྗϏσΦͷϏοτϨʔτ 26 { "Name": “mc-template-name", "Settings": { "TimecodeConfig": { "Source": "ZEROBASED" }, "OutputGroups": [ { "Name": "Apple HLS", "Outputs": [ { "ContainerSettings": { "Container": "M3U8", "M3u8Settings": { "AudioFramesPerPes": 4, "PcrControl": "PCR_EVERY_PES_PACKET", "PmtPid": 480, "PrivateMetadataPid": 503, "ProgramNumber": 1, "PatInterval": 0, "PmtInterval": 0, "Scte35Source": "NONE", "NielsenId3": "NONE", "TimedMetadata": "NONE", "VideoPid": 481, "AudioPids": [ 482, 483, 484, 485, 486, 487, 488, 489, 490, 491, 492 ], "AudioDuration": "DEFAULT_CODEC_DURATION" } }, "VideoDescription": { "ScalingBehavior": "DEFAULT", "TimecodeInsertion": "DISABLED", "AntiAlias": "ENABLED", "Sharpness": 50, "CodecSettings": { "Codec": "H_264", "H264Settings": { "InterlaceMode": "PROGRESSIVE", "ScanTypeConversionMode": "INTERLACED", "NumberReferenceFrames": 3, "Syntax": "DEFAULT", "Softness": 0, "GopClosedCadence": 1, "GopSize": 90, "Slices": 1, "GopBReference": "DISABLED", "MaxBitrate": 1000000, "SlowPal": "DISABLED", "EntropyEncoding": "CABAC", "FramerateControl": "INITIALIZE_FROM_SOURCE", "RateControlMode": "QVBR", "QvbrSettings": { "QvbrQualityLevel": 7,

  27. 1-1. AWS Elemental Media Convert • ग़ྗάϧʔϓͷ௥ՃʢετϦʔϛϯάύοέʔδλΠϓͷબ୒ʣ • HLSΛબ୒ʢH.264/ACC͕σϑΥϧτબ୒ʣ •

    ಈը࠶ੜଆͷཁ݅ʹ߹Θͤͯબ୒ɺௐ੔͕ඞཁ • ࠓճ͸ϒϥ΢βͰͷಈը࠶ੜ͕ཁ݅ͰɺϓϨʔϠʔ͸react-playerͰ࣮૷ • ͜͜΋ϋϚΓͲ͜ΖຬࡌͰ͕͢ɺࠓճ͸ׂѪ • ࠓޙͷFusic Tech LiveͰReactձ͕͋Ε͹ൃද͋Δ͔΋!? 27

  28. 1-1. AWS Elemental Media Convert • ग़ྗϑΝΠϧͷ໊લम০ࢠͷઃఆ • ೖྗͱಉҰՕॴʹग़ྗ͢Δ͜ͱΛ૝ఆͷ޻෉ʢ͔ͳʁͱࢥͬͯΔ )

    • ग़ྗϑΝΠϧ໊ͷҰ෦ͱͯ͠෇༩ͯ͠ग़ྗ͞ΕΔ • ҎԼͷਤ͸ɺೖྗϑΝΠϧmovie.mp4ͷͱ͖ͷग़ྗྫ 28

  29. 1-1. AWS Elemental Media Convert • ग़ྗϏσΦͷϏοτϨʔτ • Ϩʔτ੍ޚϞʔυ͸QVBRʢࣗಈͰྑ͍ײ͡ʹͯ͘͠ΕΔʣ •

    ࠷େϏοτϨʔτ͸1Mbpsɺ඼࣭Ϩϕϧ7(σϑΥϧτ ) • ม׵ͷ࣮੷ྫ • ݩಈըɿϑΝΠϧαΠζ3.8GB (mp4, 1920x1080, Ϩʔτ10Mbps, 50෼ ) • ม׵ޙɿϑΝΠϧαΠζ213.2MB 29

  30. 1-2. Amazon EventBridge αʔόʔϨεΠϕϯτόεαʔϏε AWSͷαʔϏεҎ֎ʹ΋ಠࣗΞϓϦέʔγϣϯ΍SaaSͷΠϕϯτͱ΋࿈ܞՄೳ ΠϕϯτۦಈܕΞϓϦέʔγϣϯͷߏஙʹ͸͔ܽͤͳ͍αʔϏεͰ͢ɻ CloudWatchEvents͕֦ு͞ΕɺαʔϏε໊͕มΘΓ·ͨ͠ɻ ࠓճ͸MediaConveterͰͷಈըม׵ͷεςʔλεΛड͚औΓɺ ॲཧ͢ΔͨΊʹ࢖༻͠·ͨ͠ɻ ͦͷͨΊɺCloudWatchEventsͰ΋ߏஙՄೳͰ͕͢ɺ

    ৽͍͠αʔϏεͷ΄͏͕ࠓޙͷ֦ுੑ͕ظ଴͞ΕΔͷͰ࠾༻͠·ͨ͠ɻ 30

  31. 1-2. Amazon EventBridge • Πϕϯτόε • ΞΫηεͰ͖ΔϢʔβʔΛఆٛ͠ɺΠϕϯτͷΞΫηείϯτϩʔϧΛ͕ॊೈʹՄೳ • σϑΥϧτόε͸ॴ༗ऀͷΈ͕࢖༻Մೳ •

    ϧʔϧ • ύλʔϯఆٛ • CloudWatchEventsͱ΄΅ಉ͡ • εέδϡʔϧ࣮ߦʹ΋ରԠ • λʔήοτબ୒ • ͞·͟·ͳAWSαʔϏεʹରԠ • ࠓճ͸Lambdaؔ਺Λઃఆ 31

  32. 1-3. Amazon CloudFront ίϯςϯπ഑৴ωοτʔϫʔΫ(CDN)αʔϏε ը૾΍ελΠϧγʔτͳͲͷ੩తΦϒδΣΫτͷΈͳΒͣɺಈըͷετϦʔϛϯάʹ΋ରԠ ݴΘͣ΋͕ͳɺΈΜͳ͕͓ੈ࿩ʹͳ͍ͬͯΔαʔϏεͰ͢Ͷ ೥ʑόʔδϣϯΞοϓΛଓ͚͍ͯͯɺ୯ͳΔΩϟογϡαʔόͰ͸ͳ͘ɺ ࡉ੍͔͍ޚ͕Մೳʹͳ͍͍ͬͯͬͯ·͢ɻ աڈʹʮCloudFrontʯͰ͸Ͱ͖ͳ͔ͬͨ͜ͱ͕ɺࠓͩͱՄೳʹͳ͍ͬͯΔ ͜ͱ͕ͨ͘͞Μ͋Γ·͢ͷͰɺࠓҰ౓ɺௐ΂ͯΈΔ͜ͱΛΦεεϝ͠·͢ʂ

    ࠓճ΋ΩϟογϡͳͷʹϢʔβʔ୯ҐɺΦϒδΣΫτ୯ҐʹΞΫηε੍ݶ͕ ॊೈʹͰ͖ΔΑ͏ʹͳ͍ͬͯΔ͜ͱʹڻ͖·ͨ͠ɻ 32

  33. 1-3. Amazon CloudFront • ϓϥΠϕʔτίϯςϯπ഑৴ • ॺ໊෇͖URLͱॺ໊෇͖Cookieͷ2छྨ • ࠓճ͸ಈըͷετϦʔϛϯά഑৴ͷͨΊɺ୯ҰͳURLͰ͸ͳ͘ɺ 


    ར༻ऀ͕ෳ਺ϑΝΠϧΛॱ࣍μ΢ϯϩʔυ͢Δඞཁ͕͋ΔͨΊɺॺ໊෇͖CookieΛબ୒ 33

  34. 1-3. Amazon CloudFront • ॺ໊෇͖Cookie • Ҏલ͸AWSΞΧ΢ϯτϧʔτϢʔβʔ͕ൃߦ͢ΔΩʔͰͷॺ໊ͷΈͰ͕ͨ͠ɺ 
 ͍·͸Ϣʔβʔ͕ੜ੒ͨ͠ΩʔϖΞΛ࢖༻͢Δ͜ͱ͕Մೳɺ͔ͭਪ঑ •

    ॺ໊෇͖Cookieͷੜ੒ʹ͸ҎԼ͕ඞཁ • ൿີ伴 • CloudFront Public Key ID • ΧελϜϙϦγʔ • ॺ໊෇͖Cookieͷੜ੒͸AWS SDKͰՄೳ • ྫʣRubyͰ͸Aws::CloudFront::CookieSigner#signed_cookie • https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudFront/CookieSigner.html 34

  35. 1-3. Amazon CloudFront [Tips] • CloudFrontͰͷಈ࡞֬ೝ͸͘͢͝೉͍͠ • ઃఆ൓өʹ͕͔͔࣌ؒΔ • ґଘ͍ͯ͠ΔαʔϏε͕ଟذʹΘͨΔͨΊɺ໰୊Օॴͷಛఆͮ͠Β͍

    • ΫϥΠΞϯτͷΩϟογϡ͕ޮ͍͍ͯΔ͜ͱ΋͋Δ • γϯϓϧͳઃఆ͔Β࢝ΊɺҰͭͣͭઃఆΛ૿΍͠ɺ֬ೝ͠ͳ͕ΒਐΊΔͷ͕ྑ͍Ͱ͢ 35

  36. 1-3. Amazon CloudFront [Tips] • ࠓճͷྫʢͬ͘͟ΓͰ͕͢ʣ • ॺ໊෇͖Cookie੍ݶͳ͠ͰCloudFront(+S3)Λߏங • ίϯςϯπͷμ΢ϯϩʔυΛcurlίϚϯυͰ֬ೝ

    • ಈըϓϨʔϠʔͰHLS͕࠶ੜՄೳ͔֬ೝ • ॺ໊෇͖CookieͷઃఆΛͯ͠ɺcurlίϚϯυͰμ΢ϯϩʔυΛ֬ೝ • ࠷ޙʹಈըϓϨʔϠʔͰ࠶ੜՄೳ͔֬ೝ 36

  37. 02 ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ

  38. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 38

  39. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 39 ಈըม׵εςʔλεͷߋ৽ॲཧ

  40. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 40 • ಈըม׵εςʔλεͷߋ৽ॲཧ • ࠓճ࠾༻ͨ͠ͷ͸ɺ • MediaConverterͷ׬ྃΠϕϯτΛड͚औͬͯɺ •

    Lambda͕S3ʹϑΝΠϧΛPUT • ΞϓϦͷఆظॲཧͰϑΝΠϧνΣοΫ͠ɺ 
 σʔλϕʔεΛߋ৽ ಈըม׵׬ྃ ϑΝΠϧ(JSON)

  41. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 41 • ଞʹݕ౼ͨ͠ΞʔΩςΫνϟʢಈըม׵εςʔλεͷߋ৽ॲཧʣ • EventBridgeͷλʔήοτΛSQSʹͯ͠ɺΞϓϦ͕ΩϡʔΛऔಘͯ͠εςʔλεߋ৽ • ΞϓϦଆʹεςʔλεߋ৽༻APIΛ࡞੒ͯ͠ɺLambda͕APIίʔϧͯ͠εςʔλεߋ৽ •

    RDS ProxyΛ༻ҙͯ͠ɺLambda͕σʔλϕʔεʹ௚઀઀ଓͯ͠εςʔλεߋ৽

  42. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 42 • EventBridgeͷλʔήοτΛSQSʹͯ͠ɺΞϓϦ͕ΩϡʔΛऔಘͯ͠εςʔλεߋ৽

  43. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 43 • ΞϓϦଆʹεςʔλεߋ৽༻APIΛ࡞੒ͯ͠ɺLambda͕APIίʔϧͯ͠εςʔλεߋ৽

  44. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 44 • RDS ProxyΛ༻ҙͯ͠ɺLambda͕σʔλϕʔεʹ௚઀઀ଓͯ͠εςʔλεߋ৽

  45. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 45 S3 SQS ALB RDS Proxy ෛՙ଱ੑ ʢಈըม׵ͷස౓ʣ

    ◦ ◦ ˚ ✕ ϦΞϧλΠϜੑ ✕ ✕ ◦ ◦ ࣮૷ίετ ◦ ◦ ✕ ✕ ӡ༻ίετ ◦ ˚ ✕ ✕

  46. 2. ΞʔΩςΫνϟͰ໎ͬͨͱ͜Ζ 46 ಈըม׵εςʔλεͷߋ৽ॲཧ

  47. 03 Infrastructure as Cod e

  48. 3-1. Infrastructure as Codeͱͯ͠΍ͬͨ͜ͱ 48

  49. 3-1. Infrastructure as Codeͱͯ͠΍ͬͨ͜ͱ 49 ಈըͷೖग़ྗ༻S3Λ SAMͰ؅ཧ͢΂͖͔ʁ Terraformʹ͢΂͖͔ʁ

  50. 3-1. Infrastructure as Codeͱͯ͠΍ͬͨ͜ͱ 50 • ݁࿦ • ಈըม׵ॲཧपΓ͸SAMͰ؅ཧ •

    S3͸TerraformͰ؅ཧ • ཧ༝ • S3͸LambdaΑΓ΋ΞϓϦؔ࿈Ϧιʔεͱͷ݁߹౓͕ߴ͔ͬͨ • ྫʣEC2 Role, CloudFront(Origin, CORSͳͲ)

  51. 3-1. Infrastructure as Codeͱͯ͠΍ͬͨ͜ͱ 51

  52. 3-2. Infrastructure as CodeͰ͖ͳ͔ͬͨ͜ͱ • CloudFront༻Ωʔάϧʔϓͷ࡞੒ • CloudFrontͷॺ໊෇͖CookieͰͷΞΫηε੍ݶͷઃఆ • Restrict

    Viewer Access • Trusted Key Groups 52

  53. 3-2. Infrastructure as CodeͰ͖ͳ͔ͬͨ͜ͱ 53

  54. 3-2. Infrastructure as CodeͰ͖ͳ͔ͬͨ͜ͱ 54

  55. 3-2. Infrastructure as CodeͰ͖ͳ͔ͬͨ͜ͱ 55

  56. 3-2. Infrastructure as CodeͰ͖ͳ͔ͬͨ͜ͱ 56 » terraform -version Terraform v0.14.6

    + provider registry.terraform.io/hashicorp/aws v3.35.0 + provider registry.terraform.io/hashicorp/template v2.2.0

  57. Ͱ͖ΔΑ͏ʹͳͬͯͦ͏ 57 ઌिɺؾ͍ͮͪΌͬͨ…

  58. 3-2. Infrastructure as CodeͰ͖ͳ͔ͬͨ͜ͱΛ΍ͬͯΈͨʂ 58 • CloudFront༻Ωʔάϧʔϓͷ࡞੒ 
 
 


    
 
 • CloudFrontͷॺ໊෇͖CookieͰͷΞΫηε੍ݶઃఆ(Restrict Viewer Access/Trusted Key Groups) resource aws_cloudfront_public_key cf_public_key { name = "movie-public-key " comment = "CloudFront public key " encoded_key = file("./cloudfront/public_key.pem" ) } resource aws_cloudfront_key_group cf_key_group { name = "movie-key-group " items = [aws_cloudfront_public_key.cf_public_key.id ] comment = “movie-key-group " } resource aws_cloudfront_distribution movie-cf { default_cache_behavior { trusted_key_groups = [aws_cloudfront_key_group.cf_key_group.id ] } }

  59. 04 ·ͱΊ

  60. ·ͱΊ AWSΛ࢖ͬͨಈըม׵ɾ഑৴ͷΞʔΩςΫνϟʔʹ͍ͭͯઆ໌͠·ͨ͠ Point 2 ΞʔΩςΫνϟͷબ୒ࢶʹ͍ͭͯࠓճ࠾༻ͨ͠΋ͷͱͦ͜·Ͱͷ໎͍ͱͦͷաఔΛ࿩͠·ͨ͠ Point 3 Infrastructure as Code΁ͷࢼΈͱͯ͠ɺͰ͖ͨ͜ͱͱͰ͖ͳ͔͚ͬͨͲͰ͖ͨ͜ͱʹ͍ͭͯ࿩͠·ͨ͠

    Point 4 ҎલͰ͖ͳ੍͔ͬͨ໿͕͍·͸Մೳʹͳ͍ͬͯΔ͜ͱ͕͋ΔͷͰɺվΊͯௐ͕ࠪඞཁͱֶͼ·ͨ͠ 60 Point 1

  61. ͝ਗ਼ௌ͍͖ͨͩ͋Γ͕ͱ͏͍͟͝·ͨ͠ Thank You We are Hiring ! https://recruit.fusic.co.jp/