Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS Organizationsでマルチアカウント戦略を始めよう

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for MasahiroKawahara MasahiroKawahara
February 08, 2023
Technology
4.9k
1

AWS Organizationsでマルチアカウント戦略を始めよう

Avatar for MasahiroKawahara

MasahiroKawahara

February 08, 2023

More Decks by MasahiroKawahara

See All by MasahiroKawahara
Claude Code を安全に使おう勉強会 / Claude Code Security Basics
Avatar for MasahiroKawahara masahirokawahara
12
36k
Claude Code Skills 勉強会 (DevelersIO向けに調整済み) / claude code skills for devio
Avatar for MasahiroKawahara masahirokawahara
1
30k
新 Security HubがついにGA!仕組みや料金を深堀り #AWSreInvent #regrowth / AWS Security Hub Advanced GA
Avatar for MasahiroKawahara masahirokawahara
1
3.7k
AWS環境のリソース調査を Claude Code で効率化 / aws investigate with cc devio2025
Avatar for MasahiroKawahara masahirokawahara
2
2k
ここ一年のCCoEとしてのAWSコスト最適化を振り返る / CCoE AWS Cost Optimization devio2025
Avatar for MasahiroKawahara masahirokawahara
1
2.3k
生まれ変わった AWS Security Hub (Preview) を紹介 #reInforce_osaka / reInforce New Security Hub
Avatar for MasahiroKawahara masahirokawahara
0
1.5k
Amazon DevOps Guru のベースラインを整備して1ヶ月ほど運用してみた #jawsug_asa / Amazon DevOps Guru trial
Avatar for MasahiroKawahara masahirokawahara
3
750
DuckDB MCPサーバーを使ってAWSコストを分析させてみた / AWS cost analysis with DuckDB MCP server
Avatar for MasahiroKawahara masahirokawahara
0
2.7k
セキュリティ系アップデート全体像と AWS Organizations 新ポリシー「宣言型ポリシー」を紹介 / reGrowth 2024 Security
Avatar for MasahiroKawahara masahirokawahara
0
1.2k

Other Decks in Technology

See All in Technology
AI時代における技術的負債への取り組み
Avatar for Tadashi Shigeoka codenote
1
1.7k
AI時代 に増える データ活用先
Avatar for ono.takayuki takahal
0
310
社内エンジニア勉強会の醍醐味と苦しみ/tamadev
Avatar for Ichiro Nishiuma nishiuma
0
230
MLOps導入のための組織作りの第一歩
Avatar for Daisuke Akagawa (Akasan) akasan
0
360
Do Vibe Coding ao LLM em Produção para Busca Agêntica - TDC 2026 - Summit IA - São Paulo
Avatar for Jessica Pauli de C Bonson jpbonson
3
150
Percolatorを廃止し、マルチ検索サービスへ刷新した話 / Search Engineering Tech Talk 2026 Spring
Avatar for Visional Engineering & Design visional_engineering_and_design
0
130
自分のハンドルは自分で握れ! ― 自分のケイパビリティを増やし、メンバーのケイパビリティ獲得を支援する ― / Take the wheel yourself
Avatar for TAKAKING22 takaking22
1
950
Revisiting [CLS] and Patch Token Interaction in Vision Transformers
Avatar for yu4u yu4u
0
390
AWS DevOps Agentはチームメイトになれるのか?/ Can AWS DevOps Agent become a teammate
Avatar for Masanori Yamaguchi kinunori
6
760
バイブコーディングで3倍早く⚪⚪を作ってみた
Avatar for Sam Akada samakada
0
110
Amazon S3 Filesについて
Avatar for Yuuki Yamashita yama3133
2
220
No Types Needed, Just Callable Method Check
Avatar for dak2 dak2
1
1.7k

Featured

See All Featured
Tell your own story through comics
Avatar for letsgokoyo letsgokoyo
1
900
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
51
52k
Jess Joyce - The Pitfalls of Following Frameworks
Avatar for Tech SEO Connect techseoconnect
PRO
1
140
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
273
27k
Building Adaptive Systems
Avatar for Chris Keathley keathley
44
3k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
Avatar for Aleyda Solis aleyda
1
2k
エンジニアに許された特別な時間の終わり
Avatar for watany watany
106
240k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k
Avoiding the “Bad Training, Faster” Trap in the Age of AI
Avatar for Mike Taylor tmiket
0
130
SEO in 2025: How to Prepare for the Future of Search
Avatar for Michael King ipullrank
3
3.4k
Mobile First: as difficult as doing things right
Avatar for Swwweet swwweet
225
10k
Collaborative Software Design: How to facilitate domain modelling decisions
Avatar for Kenny Baas-Schwegler baasie
1
200

Transcript

  1. "840SHBOJ[BUJPOTͰ ϚϧνΞΧ΢ϯτઓུΛ࢝ΊΑ͏  ઒ݪ੐େ

  2. εϥΠυ͸ޙʹೖखՄೳͰ͢ ൃදதͷ಺༰ΛϝϞ͢Δඞཁ͸͋Γ·ͤΜ Attention

  3.  Έͳ͞Μ͕೔ৗͰ࢖͍ͬͯΔ AWSΞΧ΢ϯτΛࢥ͍ු͔΂͍ͯͩ͘͞

  4.  EC2Πϯελϯεͷ ϦιʔεҰཡը໘

  5.  Α͘࢖͍ͬͯΔ IAMϢʔβʔ΍IAMϩʔϧ

  6.  AWSར༻ͷ੥ٻ৘ใ

  7.  ͜Μͳײ͡ʹͳ͍ͬͯ·ͤΜ͔ʁ

  8.  ͍ΖΜͳϓϩδΣΫτ/؀ڥͷ EC2Πϯελϯε͕ͪ͝Ό·ͥ

  9.  IAMϙϦγʔਫ਼ࠪʹർฐ͍ͯ͠Δ

  10.  ٯʹա৒ͳIAMϙϦγʔΛ෇༩͍ͯ͠Δ

  11.  ৭ΜͳϓϩδΣΫτͷ ίετ͕ͪ͝Ό·ͥ

  12. ౰ͯ͸·Δํ͸ɾɾɾ  ͥͻϚϧνΞΧ΢ϯτઓུ with AWS OrganizationsΛʂ

  13. ͜Ε͔Β࿩͢͜ͱ  ɾϚϧνΞΧ΢ϯτઓུ͸ͳͥඞཁʁ ɾ"840SHBOJ[BUJPOT͸ͳͥඞཁʁ ɾϚϧνΞΧ΢ϯτઓུɺԿ͔Β࢝ΊΔʁ ઒ݪ ੐େ ɾΫϥεϝιου ɾAWSࣄۀຊ෦ ίϯαϧςΟϯά෦ॴଐ

    ɾ޷͖ͳAWSαʔϏε: AWS IAM ɾ2022 APN AWS Top Engineers (Service) https://dev.classmethod.jp/author/kawahara-masahiro/

  14.  ϚϧνΞΧ΢ϯτઓུ͸ͳͥඞཁʁ

  15.  ͦ΋ͦ΋ ϚϧνΞΧ΢ϯτઓུͱ͸ʁ

  16. "84ͷϚϧνΞΧ΢ϯτઓུ  ʰಛఆͷ୯Ґج४Ͱ"84ΞΧ΢ϯτΛ෼͚Δʱઓུ

  17.  ͳͥඞཁʁ

  18.  AWSΞΧ΢ϯτͷಛੑΛ͏·͘׆༻ͯ͠ ΞδϦςΟͱΨόφϯεΛཱ྆ͤ͞ΔͨΊ Q. AWSϚϧνΞΧ΢ϯτઓུ͸ͳͥඞཁʁ

  19.  ϚϧνΞΧ΢ϯτઓུͷϝϦοτ

  20. ϝϦοτηΩϡϦςΟ޲্  "84ΞΧ΢ϯτ͸ηΩϡϦςΟͷڥքઢ l׬શͳݖݶ෼཭zΛ࣮ݱ

  21. ϝϦοτ։ൃεϐʔυͷଅਐ  "84ΞΧ΢ϯτ͸Ϧιʔεͷڥքઢ ଞϦιʔεͱͷlґଘؔ܎zΛഉআ

  22. ϝϦοτίετ࠷దԽ  "84ΞΧ΢ϯτ͸ίετͷڥքઢ l؆୯ʹz͔ͭlݫີʹzίετ෼ྨ

  23. ͜͜·Ͱͷ·ͱΊ  ϚϧνΞΧ΢ϯτઓུͰ͸ʰಛఆͷ୯Ґج४ʱͰ "84ΞΧ΢ϯτΛ෼ׂͯ͠ӡ༻͍ͯ͘͠ɻ ΞδϦςΟͱΨόφϯεΛཱ྆ͤ͞ΔͨΊʹඞཁɻ "84ΞΧ΢ϯτͷಛੑ ༷ʑͳڥքઢ Λ͏·͘׆༻ɻ

  24.  AWS Organizations͸ͳͥඞཁʁ

  25. "840SHBOJ[BUJPOT  ෳ਺"84ΞΧ΢ϯτΛ૊৫Խͯ͠৭ʑͰ͖ΔΑ͏ʹ͢ΔαʔϏε ը૾Ҿ༻: AWS Organizations ͷ༻ޠͱ֓೦ - AWS Organizations

  26.  ͳͥඞཁʁ

  27.  ϚϧνΞΧ΢ϯτઓུͷಛੑ্ ౷੍͕൥ࡶʹͳΓ͕ͪͳ෦෼Λ αϙʔτ͢ΔͨΊ Q. AWS Organizations͸ͳͥඞཁʁ

  28.  AWS Organizations͕αϙʔτ͢Δ͜ͱ #ϐοΫΞοϓ

  29. ྫ੥ٻͷ؆ૉԽ  ϚϧνΞΧ΢ϯτઓུ͸lΞΧ΢ϯτຖͷ੥ٻ؅ཧz͕൥ࡶʹͳΓ͕ͪ ➔l؅ཧΞΧ΢ϯτz΁੥ٻΛू໿ 5JQT "840SHBOJ[BUJPOTͰ͸ छྨͷ"84ΞΧ΢ϯτΛఆΊ·͢ ؅ཧΞΧ΢ϯτ ͭ 

    0SHBOJ[BUJPOTΛ༗ޮԽͨ͠ΞΧ΢ϯτ ϝϯόʔΞΧ΢ϯτ ෳ਺  ؅ཧΞΧ΢ϯτʹ؅ཧ͞ΕΔΞΧ΢ϯτ 📝

  30. ϚϧνΞΧ΢ϯτઓུ͸lϩά౷੍z͕൥ࡶʹͳΓ͕ͪ ➔l"840SHBOJ[BUJPOT࿈ܞzͰ؆୯ʹू໿ɺूத؅ཧ ྫϩά ূ੻ ͷू໿ͱूத؅ཧ  5JQT "840SHBOJ[BUJPOT͸ଟ͘ͷ"84αʔϏεͱ ࿈ܞ͍ͯ͠·͢ɻ 📝

  31. ྫΞΫηε੍ޚͷҰׅઃఆ  ϚϧνΞΧ΢ϯτઓུ͸lηΩϡϦςΟ౷੍z͕൥ࡶʹͳΓ͕ͪ ➔αʔϏείϯτϩʔϧϙϦγʔ 4$1 ͰҰׅΞΫηε੍ޚ 5JQT 0SHBOJ[BUJPOBM6OJU ૊৫୯Ґ06 

    ϝϯόʔΞΧ΢ϯτΛάϧʔϓԽ֊૚Խ ͢ΔͨΊͷ࿮ αʔϏείϯτϩʔϧϙϦγʔ 4$1  06ΞΧ΢ϯτ୯ҐͰద༻͢ΔϙϦγʔ 📝

  32. ྫϢʔβʔͱΞΫηεͷूத؅ཧ  ϚϧνΞΧ΢ϯτઓུ͸lϢʔβʔɾΞΫηε؅ཧz͕൥ࡶʹͳΓ͕ͪ ➔l"84*".*EFOUJUZ$FOUFSzͰूத؅ཧ

  33. ͜͜·Ͱͷ·ͱΊ  "840SHBOJ[BUJPOT͸ෳ਺ͷ"84ΞΧ΢ϯτΛ૊৫ Խͯ͠ɺ৭ʑͰ͖ΔΑ͏ʹ͢ΔαʔϏεɻ ϚϧνΞΧ΢ϯτઓུͰ౷੍͕൥ࡶʹͳΓ͕ͪͳ෦෼Λ αϙʔτ͢Δɻ

  34.  ϚϧνΞΧ΢ϯτઓུɺԿ͔Β࢝ΊΔʁ

  35. ͓͢͢Ίεςοϓ  ᶃ"84ΞΧ΢ϯτ෼ׂํ਑ΛܾΊΑ͏ ᶄαʔϏείϯτϩʔϧϙϦγʔ 4$1 Λ׆༻͠Α͏ ᶅ"84*".*EFOUJUZ$FOUFSΛ׆༻͠Α͏ ᶆ৭Μͳ0SHBOJ[BUJPOT࿈ܞαʔϏεΛ׆༻͠Α͏

  36. ᶃ"84ΞΧ΢ϯτ෼ׂํ਑ΛܾΊΑ͏  "84ΞΧ΢ϯτΛ෼ׂ͢Δج४ΛఆΊ·͠ΐ͏ ͦΕʹ͋Θͤͨ૊৫୯Ґ 06 ઃܭΛߦ͍·͢

  37. ᶃ"84ΞΧ΢ϯτ෼ׂํ਑ΛܾΊΑ͏  ΞΧ΢ϯτ෼ׂ06ઃܭͷϞσϧέʔε

  38. ᶃ"84ΞΧ΢ϯτ෼ׂํ਑ΛܾΊΑ͏  ΞΧ΢ϯτ෼ׂ06ઃܭͷϞσϧέʔε ΞΧ΢ϯτԣஅͰ ηΩϡϦςΟӡ༻͢ΔͨΊͷ "84ΞΧ΢ϯτ ΞΧ΢ϯτԣஅͰ ϩάΛूத؅ཧ͢ΔͨΊͷ "84ΞΧ΢ϯτ →

    ↑ ݕূ ඇຊ൪ ϫʔΫϩʔυͷ "84ΞΧ΢ϯτΛ഑ஔ͢Δ06 ↓ ຊ൪ϫʔΫϩʔυͷ "84ΞΧ΢ϯτΛ഑ஔ͢Δ06 ↓

  39. ᶄαʔϏείϯτϩʔϧϙϦγʔ 4$1 Λ׆༻͠Α͏  ༧๷తΨʔυϨʔϧͱͯ͠ϑϧ׆༻ ˝Α͋͘Δ੍ޚྫ ɾ࢖Θͳ͍ϦʔδϣϯͰͷૢ࡞ېࢭ ɾηΩϡϦςΟαʔϏεͷແޮԽېࢭFUD ࢀߟ: αʔϏείϯτϩʔϧϙϦγʔͷྫ

    - AWS Organizations

  40. ᶅ"84*".*EFOUJUZ$FOUFSΛ׆༻͠Α͏  l୭͕ͲͷΞΧ΢ϯτʹͲͷݖݶͰΞΫηε͢Δ͔zΛूத؅ཧ ֤"84ΞΧ΢ϯτʹ*".ϢʔβʔΛ࡞Δඞཁ͕ແ͘ͳΓ·͢

  41. ᶆ৭Μͳ0SHBOJ[BUJPOT࿈ܞαʔϏεΛ׆༻͠Α͏  શͯΛ׆༻͍ͯ͘͠ඞཁ͸ແ͠ ˝͓͢͢Ί0SHBOJ[BUJPOT࿈ܞαʔϏε ɾ"84$MPVE5SBJM૊৫ϨϕϧͰূ੻Λ؅ཧ ɾ"84$MPVE'PSNBUJPO06୯ҐͰϦιʔεΛల։ ɾ"NB[PO(VBSE%VUZ "844FDVSJUZ)VC ࣍εϥΠυ

  42. "NB[PO(VBSE%VUZ "844FDVSJUZ)VC  ηΩϡϦςΟαʔϏεΛΞΧ΢ϯτԣஅͰ؅ཧɾӡ༻ ࢀߟ: ɾOrganizations ؀ڥͰ Amazon GuardDuty ΛશϦʔδϣϯ΁؆୯ηοτΞοϓͯ͠ΈΔ

    | DevelopersIO ɾOrganizations ؀ڥͰ AWS Security Hub ΛશϦʔδϣϯ΁؆୯ηοτΞοϓ͢Δ | DevelopersIO

  43.  ͓ΘΓʹ

  44. ͓ΘΓʹ  "84ΞΧ΢ϯτͷಛੑΛ্ख͘׆༻ͯ͠ɺϚϧνΞΧ ΢ϯτઓུΛਪਐ͠·͠ΐ͏ɻ ਪਐαϙʔτʹ͸"840SHBOJ[BUJPOT͕ศརͰ͢ɻ lεϞʔϧελʔτzɺl·ͣ͸৮ͬͯΈΔzΛҙࣝ͠· ͠ΐ͏ʂ

  45. ࠷ޙʹએ఻$MBTTNFUIPE$MPVE(VJEFCPPL  ʮ૊৫తͳ"84׆༻ͷͨΊͷϊ΢ϋ΢ʯΛ·ͱΊͨφϨοδू Ϋϥεϝιουϝϯόʔζ޲͚ʹແঈެ։தͰ͢📚 ˛"84αʔϏεͷϕετϓϥΫςΟε ˛"84ར༻ΨΠυϥΠϯͷαϯϓϧ ˞্ه಺༰͸౎౓ߋ৽͞ΕΔՄೳੑ͕͋Γɺ࣮ࡍͷϖʔδͱҟͳΔ৔߹͕͋Γ·͢ Ϋϥεϝιουϝϯόʔζϙʔλϧɿ ʮ͓໾ཱͪ৘ใʯˠʮ૊৫తͳ"84׆༻ͷͨΊͷϊ΢ϋ΢ʯ

  46. None