Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS Organizationsでマルチアカウント戦略を始めよう
Search
MasahiroKawahara
February 08, 2023
Technology
1
4.6k
AWS Organizationsでマルチアカウント戦略を始めよう
MasahiroKawahara
February 08, 2023
Tweet
Share
More Decks by MasahiroKawahara
See All by MasahiroKawahara
AWS環境のリソース調査を Claude Code で効率化 / aws investigate with cc devio2025
masahirokawahara
2
1.5k
ここ一年のCCoEとしてのAWSコスト最適化を振り返る / CCoE AWS Cost Optimization devio2025
masahirokawahara
1
1.6k
生まれ変わった AWS Security Hub (Preview) を紹介 #reInforce_osaka / reInforce New Security Hub
masahirokawahara
0
830
Amazon DevOps Guru のベースラインを整備して1ヶ月ほど運用してみた #jawsug_asa / Amazon DevOps Guru trial
masahirokawahara
3
390
DuckDB MCPサーバーを使ってAWSコストを分析させてみた / AWS cost analysis with DuckDB MCP server
masahirokawahara
0
2.2k
セキュリティ系アップデート全体像と AWS Organizations 新ポリシー「宣言型ポリシー」を紹介 / reGrowth 2024 Security
masahirokawahara
0
990
わたしとトラックポイント / TrackPoint tips
masahirokawahara
1
510
AWS CLIとシェルスクリプト、いつ使う?活用できる場面とTips紹介 #devio2024 / AWS CLI and Shell Tips
masahirokawahara
0
1.4k
EC2の脆弱性対応で何が使える? Inspector や SSM あたりを整理する #nakanoshima_dev
masahirokawahara
2
2.4k
Other Decks in Technology
See All in Technology
JTCにおける内製×スクラム開発への挑戦〜内製化率95%達成の舞台裏/JTC's challenge of in-house development with Scrum
aeonpeople
0
250
Autonomous Database - Dedicated 技術詳細 / adb-d_technical_detail_jp
oracle4engineer
PRO
4
10k
20250912_RPALT_データを集める→とっ散らかる問題_Obsidian紹介
ratsbane666
0
100
S3アクセス制御の設計ポイント
tommy0124
3
200
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
10
75k
Apache Spark もくもく会
taka_aki
0
130
プラットフォーム転換期におけるGitHub Copilot活用〜Coding agentがそれを加速するか〜 / Leveraging GitHub Copilot During Platform Transition Periods
aeonpeople
1
230
IoT x エッジAI - リアルタイ ムAI活用のPoCを今すぐ始め る方法 -
niizawat
0
110
slog.Handlerのよくある実装ミス
sakiengineer
4
460
要件定義・デザインフェーズでもAIを活用して、コミュニケーションの密度を高める
kazukihayase
0
120
サラリーマンの小遣いで作るtoCサービス - Cloudflare Workersでスケールする開発戦略
shinaps
2
470
機械学習を扱うプラットフォーム開発と運用事例
lycorptech_jp
PRO
0
610
Featured
See All Featured
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.5k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
30
9.7k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
850
Typedesign – Prime Four
hannesfritz
42
2.8k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.6k
Rails Girls Zürich Keynote
gr2m
95
14k
The Straight Up "How To Draw Better" Workshop
denniskardys
236
140k
Into the Great Unknown - MozCon
thekraken
40
2k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Become a Pro
speakerdeck
PRO
29
5.5k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
580
Transcript
"840SHBOJ[BUJPOTͰ ϚϧνΞΧϯτઓུΛ࢝ΊΑ͏ ݪେ
εϥΠυޙʹೖखՄೳͰ͢ ൃදதͷ༰ΛϝϞ͢Δඞཁ͋Γ·ͤΜ Attention
Έͳ͞Μ͕ৗͰ͍ͬͯΔ AWSΞΧϯτΛࢥ͍ු͔͍ͯͩ͘͞
EC2Πϯελϯεͷ ϦιʔεҰཡը໘
Α͍ͬͯ͘Δ IAMϢʔβʔIAMϩʔϧ
AWSར༻ͷٻใ
͜Μͳײ͡ʹͳ͍ͬͯ·ͤΜ͔ʁ
͍ΖΜͳϓϩδΣΫτ/ڥͷ EC2Πϯελϯε͕ͪ͝Ό·ͥ
IAMϙϦγʔਫ਼ࠪʹർฐ͍ͯ͠Δ
ٯʹաͳIAMϙϦγʔΛ༩͍ͯ͠Δ
৭ΜͳϓϩδΣΫτͷ ίετ͕ͪ͝Ό·ͥ
ͯ·Δํɾɾɾ ͥͻϚϧνΞΧϯτઓུ with AWS OrganizationsΛʂ
͜Ε͔Β͢͜ͱ ɾϚϧνΞΧϯτઓུͳͥඞཁʁ ɾ"840SHBOJ[BUJPOTͳͥඞཁʁ ɾϚϧνΞΧϯτઓུɺԿ͔Β࢝ΊΔʁ ݪ େ ɾΫϥεϝιου ɾAWSࣄۀຊ෦ ίϯαϧςΟϯά෦ॴଐ
ɾ͖ͳAWSαʔϏε: AWS IAM ɾ2022 APN AWS Top Engineers (Service) https://dev.classmethod.jp/author/kawahara-masahiro/
ϚϧνΞΧϯτઓུͳͥඞཁʁ
ͦͦ ϚϧνΞΧϯτઓུͱʁ
"84ͷϚϧνΞΧϯτઓུ ʰಛఆͷ୯Ґج४Ͱ"84ΞΧϯτΛ͚Δʱઓུ
ͳͥඞཁʁ
AWSΞΧϯτͷಛੑΛ͏·͘׆༻ͯ͠ ΞδϦςΟͱΨόφϯεΛཱ྆ͤ͞ΔͨΊ Q. AWSϚϧνΞΧϯτઓུͳͥඞཁʁ
ϚϧνΞΧϯτઓུͷϝϦοτ
ϝϦοτηΩϡϦςΟ্ "84ΞΧϯτηΩϡϦςΟͷڥքઢ lશͳݖݶzΛ࣮ݱ
ϝϦοτ։ൃεϐʔυͷଅਐ "84ΞΧϯτϦιʔεͷڥքઢ ଞϦιʔεͱͷlґଘؔzΛഉআ
ϝϦοτίετ࠷దԽ "84ΞΧϯτίετͷڥքઢ l؆୯ʹz͔ͭlݫີʹzίετྨ
͜͜·Ͱͷ·ͱΊ ϚϧνΞΧϯτઓུͰʰಛఆͷ୯Ґج४ʱͰ "84ΞΧϯτΛׂͯ͠ӡ༻͍ͯ͘͠ɻ ΞδϦςΟͱΨόφϯεΛཱ྆ͤ͞ΔͨΊʹඞཁɻ "84ΞΧϯτͷಛੑ ༷ʑͳڥքઢ Λ͏·͘׆༻ɻ
AWS Organizationsͳͥඞཁʁ
"840SHBOJ[BUJPOT ෳ"84ΞΧϯτΛ৫Խͯ͠৭ʑͰ͖ΔΑ͏ʹ͢ΔαʔϏε ը૾Ҿ༻: AWS Organizations ͷ༻ޠͱ֓೦ - AWS Organizations
ͳͥඞཁʁ
ϚϧνΞΧϯτઓུͷಛੑ্ ౷੍͕ࡶʹͳΓ͕ͪͳ෦Λ αϙʔτ͢ΔͨΊ Q. AWS Organizationsͳͥඞཁʁ
AWS Organizations͕αϙʔτ͢Δ͜ͱ #ϐοΫΞοϓ
ྫٻͷ؆ૉԽ ϚϧνΞΧϯτઓུlΞΧϯτຖͷٻཧz͕ࡶʹͳΓ͕ͪ ➔lཧΞΧϯτzٻΛू 5JQT "840SHBOJ[BUJPOTͰ छྨͷ"84ΞΧϯτΛఆΊ·͢ ཧΞΧϯτ ͭ
0SHBOJ[BUJPOTΛ༗ޮԽͨ͠ΞΧϯτ ϝϯόʔΞΧϯτ ෳ ཧΞΧϯτʹཧ͞ΕΔΞΧϯτ 📝
ϚϧνΞΧϯτઓུlϩά౷੍z͕ࡶʹͳΓ͕ͪ ➔l"840SHBOJ[BUJPOT࿈ܞzͰ؆୯ʹूɺूதཧ ྫϩά ূ ͷूͱूதཧ 5JQT "840SHBOJ[BUJPOTଟ͘ͷ"84αʔϏεͱ ࿈ܞ͍ͯ͠·͢ɻ 📝
ྫΞΫηε੍ޚͷҰׅઃఆ ϚϧνΞΧϯτઓུlηΩϡϦςΟ౷੍z͕ࡶʹͳΓ͕ͪ ➔αʔϏείϯτϩʔϧϙϦγʔ 4$1 ͰҰׅΞΫηε੍ޚ 5JQT 0SHBOJ[BUJPOBM6OJU ৫୯Ґ06
ϝϯόʔΞΧϯτΛάϧʔϓԽ֊Խ ͢ΔͨΊͷ αʔϏείϯτϩʔϧϙϦγʔ 4$1 06ΞΧϯτ୯ҐͰద༻͢ΔϙϦγʔ 📝
ྫϢʔβʔͱΞΫηεͷूதཧ ϚϧνΞΧϯτઓུlϢʔβʔɾΞΫηεཧz͕ࡶʹͳΓ͕ͪ ➔l"84*".*EFOUJUZ$FOUFSzͰूதཧ
͜͜·Ͱͷ·ͱΊ "840SHBOJ[BUJPOTෳͷ"84ΞΧϯτΛ৫ Խͯ͠ɺ৭ʑͰ͖ΔΑ͏ʹ͢ΔαʔϏεɻ ϚϧνΞΧϯτઓུͰ౷੍͕ࡶʹͳΓ͕ͪͳ෦Λ αϙʔτ͢Δɻ
ϚϧνΞΧϯτઓུɺԿ͔Β࢝ΊΔʁ
͓͢͢Ίεςοϓ ᶃ"84ΞΧϯτׂํΛܾΊΑ͏ ᶄαʔϏείϯτϩʔϧϙϦγʔ 4$1 Λ׆༻͠Α͏ ᶅ"84*".*EFOUJUZ$FOUFSΛ׆༻͠Α͏ ᶆ৭Μͳ0SHBOJ[BUJPOT࿈ܞαʔϏεΛ׆༻͠Α͏
ᶃ"84ΞΧϯτׂํΛܾΊΑ͏ "84ΞΧϯτΛׂ͢Δج४ΛఆΊ·͠ΐ͏ ͦΕʹ͋Θͤͨ৫୯Ґ 06 ઃܭΛߦ͍·͢
ᶃ"84ΞΧϯτׂํΛܾΊΑ͏ ΞΧϯτׂ06ઃܭͷϞσϧέʔε
ᶃ"84ΞΧϯτׂํΛܾΊΑ͏ ΞΧϯτׂ06ઃܭͷϞσϧέʔε ΞΧϯτԣஅͰ ηΩϡϦςΟӡ༻͢ΔͨΊͷ "84ΞΧϯτ ΞΧϯτԣஅͰ ϩάΛूதཧ͢ΔͨΊͷ "84ΞΧϯτ →
↑ ݕূ ඇຊ൪ ϫʔΫϩʔυͷ "84ΞΧϯτΛஔ͢Δ06 ↓ ຊ൪ϫʔΫϩʔυͷ "84ΞΧϯτΛஔ͢Δ06 ↓
ᶄαʔϏείϯτϩʔϧϙϦγʔ 4$1 Λ׆༻͠Α͏ ༧తΨʔυϨʔϧͱͯ͠ϑϧ׆༻ ˝Α͋͘Δ੍ޚྫ ɾΘͳ͍ϦʔδϣϯͰͷૢ࡞ېࢭ ɾηΩϡϦςΟαʔϏεͷແޮԽېࢭFUD ࢀߟ: αʔϏείϯτϩʔϧϙϦγʔͷྫ
- AWS Organizations
ᶅ"84*".*EFOUJUZ$FOUFSΛ׆༻͠Α͏ l୭͕ͲͷΞΧϯτʹͲͷݖݶͰΞΫηε͢Δ͔zΛूதཧ ֤"84ΞΧϯτʹ*".ϢʔβʔΛ࡞Δඞཁ͕ແ͘ͳΓ·͢
ᶆ৭Μͳ0SHBOJ[BUJPOT࿈ܞαʔϏεΛ׆༻͠Α͏ શͯΛ׆༻͍ͯ͘͠ඞཁແ͠ ˝͓͢͢Ί0SHBOJ[BUJPOT࿈ܞαʔϏε ɾ"84$MPVE5SBJM৫ϨϕϧͰূΛཧ ɾ"84$MPVE'PSNBUJPO06୯ҐͰϦιʔεΛల։ ɾ"NB[PO(VBSE%VUZ "844FDVSJUZ)VC ࣍εϥΠυ
"NB[PO(VBSE%VUZ "844FDVSJUZ)VC ηΩϡϦςΟαʔϏεΛΞΧϯτԣஅͰཧɾӡ༻ ࢀߟ: ɾOrganizations ڥͰ Amazon GuardDuty ΛશϦʔδϣϯ؆୯ηοτΞοϓͯ͠ΈΔ
| DevelopersIO ɾOrganizations ڥͰ AWS Security Hub ΛશϦʔδϣϯ؆୯ηοτΞοϓ͢Δ | DevelopersIO
͓ΘΓʹ
͓ΘΓʹ "84ΞΧϯτͷಛੑΛ্ख͘׆༻ͯ͠ɺϚϧνΞΧ ϯτઓུΛਪਐ͠·͠ΐ͏ɻ ਪਐαϙʔτʹ"840SHBOJ[BUJPOT͕ศརͰ͢ɻ lεϞʔϧελʔτzɺl·ͣ৮ͬͯΈΔzΛҙࣝ͠· ͠ΐ͏ʂ
࠷ޙʹએ$MBTTNFUIPE$MPVE(VJEFCPPL ʮ৫తͳ"84׆༻ͷͨΊͷϊϋʯΛ·ͱΊͨφϨοδू Ϋϥεϝιουϝϯόʔζ͚ʹແঈެ։தͰ͢📚 ˛"84αʔϏεͷϕετϓϥΫςΟε ˛"84ར༻ΨΠυϥΠϯͷαϯϓϧ ˞্ه༰ߋ৽͞ΕΔՄೳੑ͕͋Γɺ࣮ࡍͷϖʔδͱҟͳΔ߹͕͋Γ·͢ Ϋϥεϝιουϝϯόʔζϙʔλϧɿ ʮཱ͓ͪใʯˠʮ৫తͳ"84׆༻ͷͨΊͷϊϋʯ
None