SREがセキュアなWebシステムを構築、維持するためにやれることはなにか / What can SRE do to build and maintain a secure Web system?

43&͕ηΩϡΞͳ8FCγεςϜΛߏஙɺ ҡ࣋͢ΔͨΊʹ΍ΕΔ͜ͱ͸ͳʹ͔ *TBP4IJNJ[V NJYJ *OD 43&/&95*/50,:0

ਗ਼ਫ܄ʢ͠Έ͍͓ͣ͞ʣ!JTBPTIJNJ[V ॴଐ w גࣜձࣾϛΫγΟ7BOUBHFελδΦΈͯͶࣄۀ෦։ൃάϧʔϓ43&νʔϜ ܦྺ w 4*FSͰडୗ։ൃɺϓϩμΫτ։ൃΛܦݧޙɺ೥ʹגࣜձࣾϛΫγΟ΁ೖࣾ w 4/4ӡ༻ɺϞϯελʔετϥΠΫͷ43&ΛܦͯɺݱࡏʮՈ଒ΞϧόϜΈͯͶʯͷ43& w
೥݄4PGUXBSF%FTJHO೥݄߸دߘ 43&ͬͯɼͳʹΛ΍Ε͹͍͍ͷʁઌۦऀʹ㘤͘ɼ୭͕ͨΊͷ৴པੑ w ೥݄"844VNNJU5PLZP ίϯςφҠߦͬͯ͜ΜͳʹେมʁʙʮՈ଒ΞϧόϜΈͯͶʯΛࢧ͑ΔΠϯϑϥͷཪଆʙ w ͦͷଞʮ43&5FDI5BMLTʯʮICTUVEZʯʮ*OUFSOFU8FFLʯ౳ 2 ࣗݾ঺հ

ΞδΣϯμ ʮՈ଒ΞϧόϜΈͯͶʯʹ͍ͭͯ ͸͡Ίʹ 43&ʹ͍ͭͯ 43&ͱηΩϡϦςΟ
ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ ·ͱΊ 3

1Ո଒ΞϧόϜΈͯͶ 4

ࢠͲ΋ͷࣸਅɾಈըΛɺແྉɾແ੍ݶʹڞ༗Ͱ͖ΔΞϓϦ ೥αʔϏεϦϦʔε ݱࡏɺࠃ಺֎ͷར༻ऀ਺ສਓҎ্ ଟݴޠରԠʢ೔ຊޠɺӳޠɺؖࠃޠɺൟମࣈʣ "QQ4UPSFϨϏϡʔ˒ (PPHMF1MBZετΞϨϏϡʔ˒ 5 ʮՈ଒ΞϧόϜΈͯͶʯʹ͍ͭͯ

6 ւ֎Ͱͷड৆ྺ 5)&8&##:"8"3%4 ࠃࡍσδλϧܳज़ՊֶΞΧσϛʔ *"%"4 ʹΑͬͯຖ೥ओ࠵͞Εɺ༏ΕͨΠϯλʔωοτʹଃΒΕΔ৆ /"5*0/"-1BSFOUJOH1SPEVDU /"11" "8"3%4 Ո଒ʹϑΥʔΧεͨ͠৆ʢ͓΋ͪΌ΍Ո଒޲͚ͷ঎඼ʹಛԽʣ
ʮՈ଒ΞϧόϜΈͯͶʯʹ͍ͭͯ

ʮΈͯͶϓϨϛΞϜʯΛ೥݄ϦϦʔε ֹ݄՝ۚܕͷ༗ྉϓϥϯ ֹ݄ԁ w ϒϥ΢β͔Βࣸਅ΍ಈըͷΞοϓϩʔυ͕Մೳʹ w ඵಈըͷຖ݄೥ؒ൛഑৴ w શ঎඼͕ૹྉແྉʢՈ଒શһʣ w
ެ։ൣғΛࡉ͔͘ઃఆՄೳ w ಈըΞοϓϩʔυͷ੍࣌ؒݶΛԆ௕෼͔Β෼΁ ΈͯͶΛ͓࢖͍ͷํɺͥͻ͓ࢼ͍ͩ͘͠͞ʂ 7 ʮՈ଒ΞϧόϜΈͯͶʯʹ͍ͭͯ

8 ʮՈ଒ΞϧόϜΈͯͶʯʹ͍ͭͯ AWS Cloud AWS OpsWorks Availability Zone VPC Availability
Zone Availability Zone AWS Cloud Availability Zone VPC Availability Zone Availability Zone Amazon Elastic Kubernetes Service Amazon Elastic Container Registry Auto Scaling group EC2 Instances EC2 Instances EC2 Instances Kubernetes Nodes Kubernetes Nodes Kubernetes Nodes Classic Load Balancer Application Load Balancer Before After ΈͯͶͷΠϯϑϥ͸,VCFSOFUFTʢ"NB[PO&,4ʣ΁ͷҠߦத

͸͡Ίʹ 9 2

͜ͷൃදʹ͍ͭͯ w 43&͕ηΩϡϦςΟʹͲ͏औΓ૊Ήͱྑ͍͔ʹϑΥʔΧε͓ͯ͠࿩͠·͢ɻ w ηΩϡϦςΟ͕ͳͥॏཁͳͷ͔ʹ͍ͭͯ͸͋·Γ࿩͠·ͤΜɻ w ΈͯͶͰͷऔΓ૊Έͷࣄྫʹ͍ͭͯҰ෦঺հ͠·͢ɻ w ΈͯͶͷΠϯϑϥ΍ΞϓϦέʔγϣϯ։ൃͷৄࡉʹ͍ͭͯ͸औΓ্͛·ͤΜɻ w
"84Λ࢖͍ͬͯΔؔ܎Ͱɺ"84ʹಛԽͨ͠಺༰͕͋Γ·͕ྃ͢͝ঝ͍ͩ͘͞ɻ w ϋογϡλάTSFOFYUTSFOFYU" 10 ͸͡Ίʹ

ຊ೔͓࣋ͪؼΓ͍͖͍ͨͩͨ͜ͱ w 43&ʹ͍ͭͯͷجຊతͳ͜ͱ w 43&ͱηΩϡϦςΟʹؔ͢Δ֤छϓϥΫςΟε w ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ͔Βͷֶͼ 11 ͸͡Ίʹ

43&ʹ͍ͭͯ 12 3

%FW0QTͱͷҧ͍ 13 43&ʹ͍ͭͯ

class SRE implements DevOps 14 43&ʹ͍ͭͯ 43&WT%FW0QTDPNQFUJOHTUBOEBSETPSDMPTFGSJFOET IUUQTDMPVEHPPHMFDPNCMPHQSPEVDUTHDQTSFWTEFWPQTDPNQFUJOHTUBOEBSETPSDMPTFGSJFOET w
l%FW0QTΛϓϩάϥϛϯάݴޠʹ͓͚ΔΠϯλʔϑΣʔεͱଊ͑ΔͱɺΫϥε 43&͸%FW0QTͷ࣮૷Ͱ͋Δɻz w l43&ʹ͸ɺ%FW0QTͷΠϯλʔϑΣʔεͷ෦෼ʹݶΒͳ͍௥ՃͷϓϥΫςΟεͱ ਪ঑ࣄؚ߲͕·ΕΔɻ

DevOps and SRE are not two competing methods for software
development and operations, but rather close friends designed to break down organizational barriers to deliver better software faster. l%FW0QTͱ43&͸ɺιϑτ΢ΣΞ։ൃͱӡ༻͕ڝ߹͢ΔΑ͏ͳख๏Ͱ͸ͳ͘ɺ ΑΓྑ͍ιϑτ΢ΣΞΛΑΓ଎͘ఏڙ͢ΔͨΊʹ૊৫ͷোนΛଧഁ͢ΔΑ͏ʹ ઃܭ͞Εͨ਌ີͳ΋ͷͰ͋Δɻz 15 43&WT%FW0QTDPNQFUJOHTUBOEBSETPSDMPTFGSJFOET IUUQTDMPVEHPPHMFDPNCMPHQSPEVDUTHDQTSFWTEFWPQTDPNQFUJOHTUBOEBSETPSDMPTFGSJFOET 43&ʹ͍ͭͯ

16 %FpOJOHUIF3PMFPGB43& IUUQTEFWPQTDPNEFpOJOHUIFSPMFPGBTJUFSFMJBCJMJUZFOHJOFFSTSF 43&ʹ͍ͭͯ

Site reliability engineering (SRE) is a relatively new discipline, having
only been in existence for about 15 years. It originated at Google and has gained popularity recently with more companies advertising SRE positions or trying to implement SRE practices. In the technology field, 15 years may seem like an eternity, but the SRE role is very much still in its infancy. There are still challenges defining the role and understanding exactly what it is. Just look through one of the 1,000-plus job listings on LinkedIn for an SRE in the United States—you will see many different job expectations and requirements. l43&͸ൺֱత৽͍͠෼໺Ͱɺ໿೥͔͠ଘࡏ͍ͯ͠·ͤΜɻ(PPHMFͰ࢝·Γɺ࠷ۙͰ͸ 43&ͷ৬छΛએ఻ͨ͠Γɺ43&ͷϓϥΫςΟεΛ࣮૷͠Α͏ͱ͢Δاۀ͕૿͍͑ͯ·͢ɻ ςΫϊϩδʔ෼໺Ͱ͸ɺ೥͸௕͍࣌ؒͷΑ͏ʹࢥ͑Δ͔΋͠Ε·ͤΜ͕ɺ43&ͷ໾ׂ ͸·ͩॳظஈ֊ʹ͋Γ·͢ɻ໾ׂΛఆٛ͠ɺͦΕ͕ԿͰ͋Δ͔Λਖ਼֬ʹཧղ͢Δͱ͍͏՝ ୊͕·ͩ͋Γ·͢ɻ-JOLFE*Oͷ Λ௒͑ΔٻਓϦετͷͭͰ๺ถͷ43&Λௐ΂Δͩ ͚Ͱɺ͞·͟·ͳٻਓͱཁ͕݅දࣔ͞Ε·͢ɻz 17 43&ʹ͍ͭͯ %FpOJOHUIF3PMFPGB43& IUUQTEFWPQTDPNEFpOJOHUIFSPMFPGBTJUFSFMJBCJMJUZFOHJOFFSTSF

An SRE must possess a blend of technical as well
as soft skills and, perhaps most of all, must be adept at communicating eﬀectively and inspiring a teamwide approach to excellence. l43&͸ٕज़తεΩϧͱιϑτεΩϧͷ྆ํΛඋ͍͑ͯΔඞཁ͕͋Γɺ͓ͦ Β͘ԿΑΓ΋ɺޮՌతͳίϛϡχέʔγϣϯʹख़ୡ͍ͯ͠Δ͜ͱ΍ɺνʔϜ શମͷ୎ӽੑ΁ͷΞϓϩʔνΛଅ͢͜ͱ͕Ͱ͖ͳ͚Ε͹ͳΓ·ͤΜɻz 18 43&ʹ͍ͭͯ %FpOJOHUIF3PMFPGB43& IUUQTEFWPQTDPNEFpOJOHUIFSPMFPGBTJUFSFMJBCJMJUZFOHJOFFSTSF

19 43&ʹ͍ͭͯ /(*/9$POG4JUF3FMJBCJMJUZ&OHJOFFSJOH1BOFM-JOLFE*O %FMM BOE(SFNMJO IUUQTXXXZPVUVCFDPNXBUDI W00%);%H. Ashi Sareen Director
of Engineering, Site Reliability LinkedIn “A lot is people are just renaming their ops teams to call SRE. I don’t think that’s the right approach. SRE discipline requires investment it has a very clear set of practices set of team dynamics that makes a successful SRE team.” lଟ͘ͷਓ͸ɺӡ༻νʔϜͷ໊લΛมߋͯ͠43&ͱݺΜͰ͍Δ͚ͩͰ͢ɻࢲ͸ͦΕ͕ ਖ਼͍͠Ξϓϩʔνͩͱ͸ࢥ͍·ͤΜɻ43&ͷ౷੍ʹ͸ɺ43&νʔϜΛ੒ޭͤ͞Δ໌ ֬ͳνʔϜμΠφϛΫεͷϓϥΫςΟεηοτ͕ඞཁͰ͢ɻz

443&ͱηΩϡϦςΟ 20

21 43&ͱηΩϡϦςΟ 43&DPO ೥ʹʙճ։࠵͞ΕΔάϩʔόϧͳ43&ΧϯϑΝϨϯε "NFSJDBT8FTU "TJB1BDJpD &VSPQF.JEEMF&BTU"GSJDB "NFSJDBT&BTU "NFSJDBT "TJB1BDJpD
&VSPQF.JEEMF&BTU"GSJDB

22 43&ͱηΩϡϦςΟ 43&DPOʹ͓͚ΔηΩϡϦςΟؔ࿈ηογϣϯʢൈਮʣ

23 43&ͱηΩϡϦςΟ 43&DPO"NFSJDB.BSDIr -JOLFE*O 4FDVSJUZBOE43&/BUVSBM'PSDF.VMUJQMJFST IUUQTXXXVTFOJYPSHDPOGFSFODFTSFDPOBNFSJDBTQSFTFOUBUJPOTDPUU 'BDFCPPL 4FDVSJUZBTB4FSWJDF IUUQTXXXVTFOJYPSHDPOGFSFODFTSFDPOBNFSJDBTQSFTFOUBUJPOXPKUZOJBL “Remove
single points of security failure like you do for availability” “Understand your threats. Defense in depth. Make it simple And stable.”

24 43&ͱηΩϡϦςΟ 43&DPO"NFSJDB.BSDIr 1JWPUBM &YUFOEJOHUIF&SSPS#VEHFU.PEFMUP4FDVSJUZBOE 'FBUVSF'SFTIOFTT IUUQTXXXVTFOJYPSHDPOGFSFODFTSFDPOBNFSJDBTQSFTFOUBUJPOUIPNTPO “Vulnerability budget: How
long can we afford to be vulnerable to CVEs in our dependencies? Legacy budget: New enough that it gets support; and not so old that no- one wants to use it.”

25 43&ͱηΩϡϦςΟ 43&DPO"TJB+VOF 1BZ1BM &OTVSJOH4JUF3FMJBCJMJUZUISPVHI4FDVSJUZ$POUSPMT IUUQTXXXVTFOJYPSHDPOGFSFODFTSFDPOBTJBQSFTFOUBUJPOKBOBLJSBNBO “1/5th of internet trafﬁc
is bad! Layer 7 Application Defense is the most effective mechanism to detect & mitigate bad trafﬁc”

26 43&ͱηΩϡϦςΟ 43&DPO&VSPQF.JEEMF&BTU"GSJDBr0DUPCFS .*5 "4ZTUFNT"QQSPBDIUP4BGFUZBOE $ZCFSTFDVSJUZ IUUQTXXXVTFOJYPSHDPOGFSFODFTSFDPOFNFBQSFTFOUBUJPOMFWFTPO “Looks at system
as whole, not just components. Takes s larger view of causes than just failures.”

27 43&ͱηΩϡϦςΟ 43&DPO"NFSJDBT8FTU 4"/5"$-"3" $" 64".BSDIr 43&DPO"TJB1BDJpD 4:%/&: "6453"-*"+VOFr
43&DPO&VSPQF.JEEMF&BTU"GSJDB ".45&3%". /&5)&3-"/%4 43&DPO"NFSJDBT&BTU #0450/ ." 64"

28 43&ͱηΩϡϦςΟ #VJMEJOH4FDVSF3FMJBCMF4ZTUFNT 43&BOE4FDVSJUZ#FTU1SBDUJDFTz

29 43&ͱηΩϡϦςΟ 5XFFUIUUQTUXJUUFSDPNHPPHMFTSFTUBUVT ެࣜIUUQTMBOEJOHHPPHMFDPNTSFSFTPVSDFTGPVOEBUJPOTBOEQSJODJQMFTTSTCPPL "NB[PODPNIUUQTXXXBNB[PODPN#VJMEJOH4FDVSF3FMJBCMF4ZTUFNT1SBDUJDFTEQ

30 43&ͱηΩϡϦςΟ #VJMEJOH4FDVSF3FMJBCMF4ZTUFNT 43&BOE4FDVSJUZ#FTU1SBDUJDFz&BSMZ3FMFBTF w ηΩϡϦςΟʔͱ৴པੑΛςʔϚʹͨ͠ॻ੶ɻ w (PPHMFͷΤϯδχΞ໊ʹΑΔࣥචɻ w &BSMZ3FMFBTFͷνϟϓλʔ͸ҎԼͷͭͷΈʢͦͷଞͷষ͸ݱࡏෆ໌ʣ
w 5IF*OUFSTFDUJPOPG4FDVSJUZBOE3FMJBCJMJUZ w 6OEFSTUBOEJOH"EWFSTBSJFT w 5FTUJOH$PEF

31 43&ͱηΩϡϦςΟ $IBQUFS 5IF*OUFSTFDUJPOPG4FDVSJUZBOE3FMJBCJMJUZ ͷཁ఺·ͱΊ

32 43&ͱηΩϡϦςΟ w ৴པੑͱηΩϡϦςΟ͸ɺιϑτ΢ΣΞͱγεςϜͷϥΠϑαΠΫϧʹෆ ՄܽͰ͋Δɻ w ৴པੑͱηΩϡϦςΟΛཱ྆ͨ͠γεςϜΛߏங͢Δͷ͸؆୯Ͱ͸ͳ͍ɻ w ͲͪΒ΋͋ͱͰ࣮૷͠Α͏ͱ͢Δͷ͸೉͍͠ɻ w
ॳظ͔ΒߟྀͰ͖͍ͯΔ͜ͱ͕๬·͍͠ɻ w ໰୊͕ى͖ͳ͍ͱίετΛ͔͚ͳ͍ྖҬɻ w ໰୊͕ى͖͔ͯΒͩͱਂࠁʹͳΓ͕ͪɻ w γϯϓϧͳઃܭɺ࠷খԽ͞Εͨݖݶ؅ཧ͕ॏཁͰ͋Δɻ

33 43&ͱηΩϡϦςΟ w Α͘Ͱ͖ͨϩΪϯά͸ڴҖͷݕग़ͱো֐΁ͷඋ͑ͱͳΔɻ w ༗ࣄͷࡍͷࢦشܥ౷ɺνΣοΫϦετɺϓϨΠϒοΫɺϓϩτίϧ͸ॏཁɻ w ੬ऑੑύον͸ૉૣ͍ద༻͕ॏཁɻ w ύονͷ಺༰ʹ࣍ୈͰ͸໰୊ʢόάɺੑೳྼԽͳͲʣΛى͜͢Մೳੑ΋͋Δɻ
w ϦεΫΛߟྀͯ͠ɺద༻λΠϛϯάʹ͍ͭͯϏδωεαΠυͱ΋ௐ੔͢Δɻ ଞʹ΋༷ʑͳϓϥΫςΟε͕ࡌ͍ͬͯΔͷͰڵຯͷ͋Δํ͸͓ಡΈ͍ͩ͘͞ɻ w ୈষॳΊͷʮ0OQBTTXPSETBOEQPXFSESJMMTʯɻ w &BSMZ3FMFBTF൛ͳͷͰग़൛࣌ʹ͸಺༰ʹมߋ͕͋ΔՄೳੑ͕͋Γ·͢ɻ

5 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ 34

43&νʔϜ͸૊৫಺ͷ༷ʑͳνʔϜͱ࿈ܞͯ͠ ༷ʑͳ՝୊ʹऔΓ૊Ή 35 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

νʔϜؒʹ͓͚Δίϛϡχέʔγϣϯ͸ͱͯ΋େࣄ 36 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

43&νʔϜʹ͓͚Δίϛϡχέʔγϣϯͷݪଇ 37 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ʢࢲ͕ߟ͑Δʣ43&νʔϜʹ͓͚Δίϛϡχέʔγϣϯͷݪଇ w ։ൃνʔϜͳͲɺଞνʔϜͱͷؒʹนΛ࡞Βͳ͍ w ԡ͠෇͚߹Θͳ͍ w ྫྷ੩ʹ͔ͬ͠Γͱٞ࿦͢Δ w ͓ޓ͍ͷঢ়گͷཧղ͠߹͏ w
Ϗδωε΍ࣄۀʹͱͬͯ༏ઌ͢΂͖͔Ͳ͏͔࿩͠߹͏ 38 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ηΩϡϦςΟͷ޲্ʹߩݙͰ͖Δࢪࡦࣄྫ 39 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ηΩϡϦςΟͷ޲্ʹߩݙͰ͖Δࢪࡦࣄྫ w ։ൃνʔϜ΁ͷώΞϦϯά w *OGSBTUSVDUVSFBT$PEF w ϩάऩूͱݕࡧ w Ξοϓσʔτ w
ϞχλϦϯάɺఆظϨϙʔτ w ϙετϞʔςϜ 40 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

43&νʔϜ͕։ൃνʔϜʹରͯ͠ ਵ࣌ώΞϦϯάΛ࣮ࢪ ʢྫ৽ػೳ΍৽αʔϏεΛ։ൃ͢Δ࣌ͳͲʣ 41 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ώΞϦϯά಺༰ͷྫʢʣ w ͲΜͳϥΠϒϥϦΛ࢖༻͍ͯ͠Δ͔ w ϢʔβʔͷτʔΫϯͷऔΓѻ͍ w ༗ޮظݶ w อଘ৔ॴ͸Ͳ͔͜ w
Ұൠతͳ944ɺ$43'ͷରࡦ͸Ͱ͖͍ͯΔ͔ w "1*ͷύϥϝʔλΛ௚઀มߋͯ͠ɺଞਓͷσʔλΛݟΔ͜ͱ ͸Ͱ͖ͳ͍͔ 42 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ώΞϦϯά಺༰ͷྫʢʣ w ΞϓϦέʔγϣϯ಺෦ʹൿಗ৘ใΛ͍࣋ͬͯͳ͍͔Ͳ͏͔ w Ϣʔβʔ؅ཧͷύεϫʔυ w ฏจͰอଘ͍ͯ͠ͳ͍͔ w ฏจͰૹ৴ʢϝʔϧͳͲʣ͍ͯ͠ͳ͍͔ w
ύεϫʔυͷڧ౓ʢจࣈ਺ɺจࣈछͳͲʣ͸ద੾͔ w ϦϚΠϯμͷख๏͸ͲΜͳ΋ͷ͔ 43 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ώΞϦϯά಺༰ͷྫʢʣ w ΫϥΠΞϯτɾαʔόʔؒͷ௨৴ʹ5-4WҎ߱ͷϓϩτ ίϧΛ࢖͍ͬͯΔ͔ w ΫϥΠΞϯτʹอ࣋͞ΕΔσʔλ w ϥΠϑλΠϜ͸Ͳͷ͘Β͍͔ w σʔλͷอଘ৔ॴ͸Ͳ͔͜
44 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ώΞϦϯά಺༰ͷྫʢʣ w ΞΫηεϩά͸ϢʔβʔΛಛఆͰ͖ΔܗͰ࢒͍ͯ͠Δ͔ w ϩά্ͷݸਓ৘ใʢࢯ໊ɺϝʔϧΞυϨεɺॅॴͳͲʣ͸ϚεΫ ॲཧ͍ͯ͠Δ͔ w ύεϫʔυ૯౰Γ߈ܸΛݕ஌ग़དྷΔ͔ w ΞϓϦଆʹ੬ऑੑ͕ݟ͔ͭͬͨͱ͖౳ɺΞοϓσʔτΛڧ੍Ͱ͖
ΔΑ͏ʹͳ͍ͬͯΔ͔ w Ͳ͜ͷܾࡁαʔϏεΛ࢖͍ͬͯΔ͔ w ͲΜͳ࣮૷ʹͳ͍ͬͯΔ͔ 45 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

*OGSBTUSVDUVSFBT$PEF 46 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

*OGSBTUSVDUVSFBT$PEF *B$ w ΠϯϑϥͷߏஙΛख࡞ۀͰ΍Βͳ͍ w ଐਓతɺมߋ؅ཧɺઃఆ΍υΩϡϝϯτͷൈ͚࿙ΕͳͲͷ໰୊͕ى͖΍͍͢ w *B$ͷπʔϧΛ࢖͏ʢ5FSSBGPSNɺ$MPVE'PSNBUJPOͳͲʣ w
1VMM3FRVFTUΛ࡞ΓɺίʔυϨϏϡʔΛड͚Δ w ྫ*".΍ηΩϡϦςΟάϧʔϓ͕࠷খݶͱͳ͍ͬͯΔ͔ w $*πʔϧͱ࿈ܞͯ͠ESZSVOΛ࣮ߦ͢Δ w 1VMM3FRVFTUͷϚʔδʹΑͬͯΠϯϑϥʹద༻͢Δ 47 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ϩάऩूͱݕࡧ 48 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ϩάऩूͱݕࡧ w ҟৗͳΞΫηεɺτϥϑΟοΫͷݕग़ w ΞΫηεݩͷڴҖݕग़ w ϩάʹ͸ೝূ৘ใ΍ݸਓ৘ใͳͲͷػີ৘ใ͸ࡌͤͳ͍ w ϩάͷྔ͸ίετʹӨڹ͠΍͍͢ʢҰ࣌อଘઌɺ௕ظอଘઌʣ w
ෆཁͳϩά͕ͳ͍͔Ͳ͏͔ఆظతʹνΣοΫ͢Δ w Ϋϥ΢υଆͷϩάʢྫ4ɺ$MPVE'SPOUɺ&-#ͳͲʣ΋Ͱ͖Δ͚ͩ༗ޮԽ w ϩάΛऩूɺݕࡧͰ͖Δ4BB4ར༻΋ݕ౼͢Δ 49 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

Ξοϓσʔτ 50 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

Ξοϓσʔτର৅ͷྫ w ΞϓϦέʔγϣϯʹґଘ͢ΔϥΠϒϥϦ w 04ɺ.Z42-ɺ3FEJTɺ/HJOYɺ'MVFOUEͳͲͷϛυϧ΢ΣΞɺ֤छύοέʔδ w ϞχλϦϯάͳͲৗ࣌ىಈ͍ͯ͠ΔΤʔδΣϯτιϑτ΢ΣΞ w ,VCFSOFUFTΫϥελɺ)FMNνϟʔτ w
5FSSBGPSNɺϞδϡʔϧ ੬ऑੑ͸ఆظతʹൃݟ͞Εमਖ਼͞ΕΔɻ͍ͣΕ΋ࣗಈԽ͠ͳ͍ͱ์ஔ͞Ε͕ͪɻ ࣗಈԽ͕ࠔ೉ͳ৔߹ɺఆظతͳΞοϓσʔτͷ࢓૊Έ࡞Γ͕େࣄɻ 51 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ϞχλϦϯάɺఆظϨϙʔτ 52 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ϞχλϦϯάɺఆظϨϙʔτͷྫ w ωοτϫʔΫτϥϑΟοΫ΍σʔλϕʔεͷෛՙͳͲɺҙਤ͠ͳ͍ෛՙ͕ ൃੜ͍ͯ͠ͳ͍͔ఆظతʹ֬ೝɻ w ೝূͷࣦഊճ਺ɺ͖͍͠஋Λ௒͑ͨճ਺ΛఆظϨϙʔτ͢Δɻ ϩάʹ͸อଘ͍ͯ͠Δ͕ɺखಈͰຖճूܭ͢Δͷ͸๨Ε͕ͪʹͳΔɻ ࣗಈͰఆظతʹूܭͯ͠άϥϑԽ͢ΔͳͲ޻෉͢Δͷ͕͓͢͢Ίɻ 53 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ϙετϞʔςϜ 54 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

ϙετϞʔςϜ w ো֐΍໰୊͕ൃੜͨ͠ࡍʹࣄ৅΍ରԠΛه࿥͢Δɻ w ηΩϡϦςΟʹݶఆͨ͠΋ͷͰ͸ͳ͍ɻ w αʔϏε΁ͷӨڹͷ༗ແʹؔΘΒͣɺੵۃతʹ࡞੒͢Δɻ w ϙετϞʔςϜͷ࡞੒ऀΛশࢍ͢ΔจԽΛ࡞Δɻ w
ઈରʹ੹ΊͨΓɺ൷൑͠ͳ͍ɻ 43&Ҏ֎ʢͰ͖Δ্͚ͩͷ໾৬ͷਓ͕Α͍ʣ΋ר͖ࠐΜͰɺఆظతʹ ϙετϞʔςϜΛৼΓฦΓɺվળΛଓ͚Δ͜ͱ͕ཧ૝ɻ 55 ηΩϡϦςΟ΁ͷऔΓ૊Έࣄྫ

6 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ ηΩϡϦςΟରࡦʢ"84ฤʣ 56

57 ʢྫʣ"84ͷηΩϡϦςΟجຊίϯηϓτ l"84͸೥͔ΒΫϥ΢υίϯϐϡʔςΟϯάͷઌۦऀͱͯ͠ηΩϡ ΞͳγεςϜΛߏங͠ɺ͓٬༷ͷΠϊϕʔγϣϯʹਝ଎ʹରԠՄೳͳΫϥ ΢υΠϯϑϥετϥΫνϟΛ૑଄͖ͯ͠·ͨ͠ɻΫϥ΢υηΩϡϦςΟ͸ "84ͷ࠷༏ઌࣄ߲Ͱ͢ɻ"84Ͱ͸ηΩϡϦςΟ΍ίϯϓϥΠΞϯε্ͷ ౷੍Λ࣮૷ɺΦʔτϝʔγϣϯɾγεςϜΛߏங͠ɺୈࡾऀ؂ࠪʹΑΔη ΩϡϦςΟ΍ίϯϓϥΠΞϯεʹ͍ͭͯͷݕূ͕࣮ࢪ͞Ε͍ͯ·͢ɻz IUUQTBXTBNB[PODPNKQBXTUFOSFBTPOT Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

58 "848FMM"SDIJUFDUFE'SBNFXPSL https://aws.amazon.com/jp/architecture/well-architected/ lΫϥ΢υΞʔΩςΫτ͕ΞϓϦέʔγϣϯ޲͚ʹ࣮૷Մೳͳɺ ҆શͰߴ͍ύϑΥʔϚϯεɺো֐଱ੑΛඋ͑ɺޮ཰తͳΠϯϑϥ ετϥΫνϟΛߏங͢ΔͷΛαϙʔτ͢Δ໨తͰ։ൃz Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

59 "848FMM"SDIJUFDUFE'SBNFXPSL ͭͷப w ӡ༻্ͷ༏लੑ w ηΩϡϦςΟ w ৴པੑ w
ύϑΥʔϚϯεޮ཰ w ίετ࠷దԽ Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

60 "848FMM"SDIJUFDUFE'SBNFXPSLʮηΩϡϦςΟʯ ΞΠσϯςΟςΟ؅ཧͱΞΫηε؅ཧ ൃݟత౷੍ ΠϯϑϥετϥΫνϟอޢ σʔλอޢ
ΠϯγσϯτରԠ Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

61 ΞΠσϯςΟςΟ؅ཧͱΞΫηε؅ཧ w 4&$ೝূ৘ใͱೝূΛͲͷΑ͏ʹ؅ཧ͍ͯ͠·͔͢ w 4&$ਓҝతͳΞΫηεΛͲͷΑ͏ʹ੍ޚ͍ͯ͠·͔͢ w 4&$ϓϩάϥϜʹΑΔΞΫηεΛͲͷΑ͏ʹ੍ޚ͍ͯ͠·͔͢
ൃݟత౷੍ w 4&$ηΩϡϦςΟΠϕϯτΛͲͷΑ͏ʹݕग़͠ɺௐ͍ࠪͯ͠·͔͢ʁ w 4&$৽͍͠ηΩϡϦςΟڴҖʹରͯ͠ͲͷΑ͏ʹ๷ޚ͍ͯ͠·͔͢ w Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

62 ΠϯϑϥετϥΫνϟอޢ w 4&$ωοτϫʔΫΛͲͷΑ͏ʹอޢ͍ͯ͠·͔͢ w 4&$ίϯϐϡʔςΟϯάϦιʔεΛͲͷΑ͏ʹอޢ͍ͯ͠·͔͢ σʔλอޢ w
4&$σʔλΛͲͷΑ͏ʹ෼ྨ͍ͯ͠·͔͢ w 4&$อ؅தͷσʔλΛͲͷΑ͏ʹอޢ͍ͯ͠·͔͢ w 4&$఻ૹதͷσʔλΛͲͷΑ͏ʹอޢ͍ͯ͠·͔͢ ΠϯγσϯτରԠ w 4&$ηΩϡϦςΟΠϯγσϯτʹͲͷΑ͏ʹରԠ͍ͯ͠·͔͢ Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

63 ֤߲໨ͷରԠঢ়گΛఆظతʹνΣοΫ͠ ඞཁ͕͋Ε͹ࠓޙͷରԠͷ༏ઌ౓Λݕ౼͢Δ Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

"84Λѻ͏ࡍʹؾΛ͚ͭΔ΂͖جຊతͳϙΠϯτ 64 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

"84Λѻ͏ࡍʹؾΛ͚ͭΔ΂͖جຊతͳϙΠϯτ ಺༰ʹ͍ͭͯ w هࡌͷ಺༰͸ͲΕ΋جຊతͳ΋ͷͰ͢ɻ w "84͕ެࣜʹਪ঑͍ͯ͠Δ΋ͷͰ͸͋Γ·ͤΜɻ w ࠓ·Ͱͷӡ༻ܦݧ΍"84ͷυΩϡϝϯτͳͲΛࢀߟʹ͍ͯ͠·͢ɻ w ࠓޙͷ"84ͷΞοϓσʔτʹΑͬͯɺ಺༰͕มΘΔՄೳੑ͕͋Γ·͢ɻ
w .645͔4)06-%͔Ͳ͏͔͸ࣗ਎ʹͯ͝൑அ͍ͩ͘͞ɻ 65 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

ηΩϡϦςΟαʔϏε w "84$MPVE5SBJMɺ"NB[PO(VBSE%VUZɺ"84$POpHͷ༗ޮԽ͢Δɻ w "845SVTUFE"EWJTPSͰఆظతʹηΩϡϦςΟνΣοΫ͢Δɻ w "84$FSUJpDBUF.BOBHFSͰൃߦͨ͠5-4ূ໌ॻΛ࢖͏ɻ w "848FMM"SDIJUFDUFEϨϏϡʔΛड͚Δɻ w
"NB[PO&$3ͷ੬ऑੑεΩϟϯΛ࢖͏ɻ 66 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

71$ɺηΩϡϦςΟάϧʔϓ w σϑΥϧτ71$ɺσϑΥϧτηΩϡϦςΟάϧʔϓ͸࢖Θͳ͍ɻ w ηΩϡϦςΟάϧʔϓͷ໋໊نଇΛઃ͚Δɻ w ύϒϦοΫαϒωοτͱϓϥΠϕʔταϒωοτΛ෼͚Δɻ w 5$1൪ϙʔτΛ࢖ͬͨ44)ΞΫηεΛ΍Ίͯɺ4FTTJPO.BOBHFSΛ࢖ͬͨ 44)ΞΫηεʹ͢Δɻ
67 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

*". w ιʔεϨϙδτϦ಺ʹΞΫηεΩʔɺγʔΫϨοτΩʔΛอ࣋͠ͳ͍ɻ w Ϛωʔδϝϯτίϯιʔϧ΁ϩάΠϯͰ͖Δ*".Ϣʔβʔ͸.'"Λઃఆ͢Δɻ w ୀ৬ऀҟಈऀͳͲར༻͠ͳ͘ͳͬͨ*".ϢʔβʔΞΫηεΩʔ͸࡟আ͢Δɻ w ϧʔτϢʔβʔʹ.'"Λઃఆ͢Δɻ w
ΞΫηεΩʔɺγʔΫϨοτΩʔΛڞ༗͠ͳ͍ɻ w ֎෦αʔϏεʹΞΫηεΩʔɺγʔΫϨοτΩʔΛઃఆ͠ͳ͍ɻ w "84ΞΧ΢ϯτΛ؀ڥ͝ͱʹ෼͚Δɻ w εΠονϩʔϧ͢Δ৔߹͸.'"Λඞਢͱ͢Δɻ 68 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

ͦͷଞʢʣ w ग़ॴෆ໌ͷύϒϦοΫ".*Λ࢖Θͳ͍ɻ w Ͱ͖Δ͚ͩ৽͍͠όʔδϣϯͷ".*Λ࢖͏ɻ w 4όέοτΛ௚઀Πϯλʔωοτʹެ։͠ͳ͍ɻ w $MPVE'SPOUΩʔϖΞϑΝΠϧΛιʔείʔυϨϙδτϦʹؚΊͳ͍ɻ w
$MPVE'SPOUͷ5-4ηΩϡϦςΟϙϦγʔ͸5-4WҎ߱Λ࢖͏ɻ 69 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

ͦͷଞʢʣ w 3%4͸Πϯλʔωοτ͔ΒΞΫηεͤ͞ͳ͍ɻ w 3%4ͷύονΛఆظతʹద༻͢Δɻ w &$4ίϯςφΤʔδΣϯτΛఆظతʹΞοϓσʔτ͢Δɻ w &,4ΫϥελΛఆظతʹΞοϓσʔτ͢Δɻ w
"84ΞΧ΢ϯτΛ؀ڥ͝ͱʹ෼͚Δɻ 70 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

"84ʹݶΒͣ΍ͬͨ΄͏͕Α͍͜ͱ΋·ͱΊ͓ͯ͘ͱʜ w ੹೚ڞ༗ϞσϧΛཧղ͢ΔʢΫϥ΢υ಺ͷηΩϡϦςΟ͸Ϣʔβʔͷ੹೚ʣɻ w Ϋϥ΢υʹ༻ҙ͞Ε͍ͯΔηΩϡϦςΟιϦϡʔγϣϯΛ׆༻͢Δɻ w ωοτϫʔΫΛ෼཭͢ΔʢΠϯλʔωοτ͔ΒͷΞΫηε͸࠷খݶʹʣɻ w ෆཁͳϙʔτ͸ۭ͚ͳ͍ɻ w
࠷খݶͷ*".ϙϦγʔΛઃఆ͢Δɻ w ΞοϓσʔτͰ͖Δ΋ͷ͸ఆظతʹΞοϓσʔτ͢Δɻ 71 Ϋϥ΢υΛѻ͏ࡍʹऔΓ૊Ή΂͖ηΩϡϦςΟରࡦʢ"84ฤʣ

7 ·ͱΊ 72

w 43&͕ηΩϡϦςΟʹߩݙͰ͖Δ͜ͱ͸ͨ͘͞Μ͋Δɻ w ৴པੑʢ3FMJBCJMJUZʣͱηΩϡϦςΟ͸Ͱ͖Δཱ͚͍ͩ྆ͤͨ͞ɻ w ΠϯϑϥɺΞϓϦέʔγϣϯͲͪΒ΋ૣ͍ஈ֊͔ΒηΩϡϦςΟΛߟྀͰ ͖Δ͜ͱ͕ཧ૝తɻ w ηΩϡϦςΟʹؔ͢Δ՝୊΍໰୊΁ͷରॲ͸Ͱ͖Δ͚ͩૣ͍΄͏͕ྑ͍ɻ w
໰୊Λൃݟ͠΍͍͢؀ڥͮ͘Γ͕େࣄɻ w ख͕͔͔ؒΔ͜ͱ͸ޙճ͠ʹ͞Ε΍͍͢ͷͰɺͰ͖ΔݶΓࣗಈԽ͢Δɻ w Ϋϥ΢υͰ༻ҙ͞Ε͍ͯΔηΩϡϦςΟιϦϡʔγϣϯΛ׆༻͢Δɻ 73 ·ͱΊ

SREがセキュアなWebシステムを構築、維持するためにやれることはなにか / What can...

SREがセキュアなWebシステムを構築、維持するためにやれることはなにか / What can SRE do to build and maintain a secure Web system?

More Decks by Isao Shimizu

Other Decks in Technology

Featured

Transcript