Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
reinforce-2019-recap-lt
Search
ryo nakamaru
July 30, 2019
Programming
4.2k
2
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
reinforce-2019-recap-lt
ryo nakamaru
July 30, 2019
More Decks by ryo nakamaru
See All by ryo nakamaru
AWSで楽をするサービスメッシュ入門/appmesh-trial
pottava
1
1.7k
ScaleShift-jp-2019-summer
pottava
1
230
Firecracker とは何か/what is Firecracker
pottava
12
5.7k
ハイブリッド並列 on Kubernetes/hybrid-parallel-program-on-kubernetes
pottava
1
470
AWS Fargate + Code 兄弟で始める継続的デリバリー / Continuous Delivery with AWS Fargate and Code brothers
pottava
12
3.3k
Singularity と NVIDIA GPU Cloud で作る ハイブリッド機械学習環境の構築 / Building a hybrid environment for Machine Learning with Singularity and NGC
pottava
3
1.5k
明日から始めるちょい足し λ / get-started-with-aws-lambda
pottava
4
2.5k
NGC と Singularity によるハイブリッド機械学習環境 / A hybrid environment for Machine Learning with NGC and Singularity
pottava
0
540
NGC × Singularity での機械学習環境/MachineLearning environment with NGC and Singularity
pottava
2
890
Other Decks in Programming
See All in Programming
フィードバックで育てるAI開発
kotaminato
1
110
Vite+ Unified Toolchain for the Web
naokihaba
0
720
Webフレームワークの ベンチマークについて
yusukebe
0
200
共通化で考えるべきは、実装より公開する型だった
codeegg
0
150
鹿野さんに聞く!『TypeScriptコードレシピ集』で磨く実践力
tonkotsuboy_com
4
1k
Contextとはなにか
chiroruxx
1
390
LaravelLive Japan の裏方のすべて — 第188回 PHP勉強会@東京 (2026-06-24)
suguruooki
2
150
ローカルLLMでどこまでコードが書けるか -縮小版 / How much code can be written on a local LLM Shortened
kishida
2
180
OS アップデート対応の取り組み方がもっと共有されてほしい
andpad
0
110
例外の正しい扱い方 そのエラー try-catchして大丈夫?
jinwatanabe
0
350
エンジニアにデザインハーネスを 〜デザインプロセスを規定するためのハーネス〜 / Design harness from an engineer's perspective
rkaga
2
1.2k
act1-costs.pdf
sumedhbala
0
190
Featured
See All Featured
30 Presentation Tips
portentint
PRO
1
340
The World Runs on Bad Software
bkeepers
PRO
72
12k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
220
How to Think Like a Performance Engineer
csswizardry
28
2.7k
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
250
What’s in a name? Adding method to the madness
productmarketing
PRO
24
4.1k
Everyday Curiosity
cassininazir
0
250
How Software Deployment tools have changed in the past 20 years
geshan
0
34k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
340
Art, The Web, and Tiny UX
lynnandtonic
304
22k
Ruling the World: When Life Gets Gamed
codingconduct
0
280
Fireside Chat
paigeccino
42
4k
Transcript
How do you reinforce yourself ? AWS re:Inforce 2019 re:Cap
@ July 30th Ryo Nakamaru, SUPINF Inc.
தؙ ྑ @pottava - SUPINF ͱ͍͏डୗ։ൃӡ༻ձࣾͰΤϯδχΞͯ͠·͢ - ւ֎ΧϯϑΝϨϯε 2 ճఔ
- ӳޠͣͬͱΈͷछ Profile
SUPINF Inc !3 ※ Mac ͷࣙॻΑΓҾ༻
SUPINF Inc !4 ※ Mac ͷࣙॻΑΓҾ༻ ηΩϡϦςΟ ؔͳ͍ͷ͔ɾɾ
SUPINF Inc 5 re:Inforce Ͳ͏ͩͬͨͷ
SUPINF Inc 6 ࠷ͬߴͰͨ͠ɻ ΄Μͱָ͔ͬͨ͠
SUPINF Inc 7 ɾԿ͕࠷ߴͩͬͨͷ͔ recap ɾདྷώϡʔετϯʹ͚ͯ
SUPINF Inc ࠷ߴͩͬͨ͜ͱ
SUPINF Inc ࠷ߴͦͷɹ (AWS ͷ) ॏཁ֓೦ͷཧղ͕ਂ·Δ 9 1: ࢦ͖͢ɺϏδωεͷΞδϦςΟ ͱ
Ψόφϯε Λ ཱ྆͢Δ ͜ͱ https://www.youtube.com/watch?v=2t-VkWt0rKk
SUPINF Inc 10 ͦͷͨΊʹɺΨʔυϨʔϧ ͱ ϥϯσΟϯάκʔϯ ͑͋͞Ε͍͍ɻ ͋ͱϓϩδΣΫτνʔϜʹɺࣗ༝ʹΒͤΑ͏ʂ https://www.youtube.com/watch?v=2t-VkWt0rKk
SUPINF Inc 11 ग़య: ϏϧμʔʹඞཁͳηΩϡϦςΟʮ൪ʯͰͳ͘ʮΨʔυϨʔϧʯ https://weekly.ascii.jp/elem/000/000/425/425592/
SUPINF Inc 12 ֓೦Λ࠲ֶͰֶΜͩΒ
SUPINF Inc 13 . AWS ͰͷΨʔυϨʔϧ࣮ͱͯ͠ɺاۀͷηΩϡϦςΟϙϦγʔΛ ʮAWS Organizations ͷ SCPʯʮIAM
ͷ Permissions Boundaryʯͷ ซ༻Ͱ࣮ݱͰ͖ͦ͏Ͱ͢ɻ͋ͳͨͳΒɺͲͷΑ͏ʹ࣮͠·͔͢ʁ
SUPINF Inc 14 https://identity-round-robin.awssecworkshops.com/permission-boundaries/presentation.pdf ͍͏ͪʹɺϫʔΫγϣοϓͰమ͕ଧͯΔɻʢΘ͔Βͳ͍͜ͱ͕Θ͔Δʣ
SUPINF Inc AWS ΧϯϑΝϨϯεͷ͓͢͢Ί 15 • ηογϣϯΑΓϫʔΫγϣοϓ ε ‣ ࡢࠓɺ΄ͱΜͲͷηογϣϯ
YouTube Ͱެ։͞Ε·͢ ‣ Ϣʔβࣄྫ ͍ؾ࣋ͪΛݺͼى͍ͨ͜͠ ߹ผ ‣ ਓؾ ϫʔΫγϣοϓ͙͢ຒ·Δ ͷͰҙʂʂ • ηογϣϯΑΓϒʔεΛ·ΘΖ͏
SUPINF Inc ࠷ߴͦͷɹ ະདྷͷ͕Ͱ͖Δ / ະདྷ͕Έ͑Δ 16 2: AWS ύʔτφʔاۀ͋ΔҙຯɺAWS
ΑΓଟগઌߦ͍ͯ͠Δ͔ʁʁ
SUPINF Inc 17 ʮ͔ͨ͠ʹ͜Εۀָ͕ʹͳΔ ʯ ʮ͜ͷػೳɺAWS དྷ͖ͩͯͦ͠͏ʯ
SUPINF Inc 18 ͑ʁຊʹཧళͳ͍ͷʁ ͬͯΈ͍ͨΜ͚ͩͲʁ·͓ͣࢼ͠Ͱɻ ͍͍Αɺ͡Ό͋དྷि NDA ݁ͼͭͭ ΧϯϑΝϨϯείʔϧͰઆ໌ͤͯ͞ʂ ϒʔεͰͷΑ͋͘ΔྲྀΕ
SUPINF Inc 19 ͓͠Ζ͍ 2 ࣾΛ͝հ
SUPINF Inc 20
SUPINF Inc Aporeto 21 • Identity-based access control ε ‣
ΦϯϓϨ͔ΒΫϥυͰͷαʔόʔϨε·ͰɻϋΠϒϦουɻ ‣ ಛఆͷϥϕϧ͕͍ͭͨϦιʔεʹͷΈΞΫηεΛڐՄ ‣ γϛϡϨʔγϣϯ / ݕূ / ຊ൪ར༻ͷ҆৺εςοϓ • ωοτϫʔΫͷࢹͱڧ੍ ε ‣ ϗετʹΠϯετʔϧ͢Δ Enforcer ͕શ௨৴ΛѲɾ੍ޚ ‣ ՄࢹԽτϨʔε͕ Web UI ͔Β͔ΜͨΜʹ
SUPINF Inc 22 Ϋϥυ࣌ͷΨόφϯεɾɾʁ → ΄΅΄΅ AWS ͷ֓೦ͷԆ ɹʢ͍͍ҙຯͰͶɻ૬ੑΑͦ͞͏ʣ
SUPINF Inc 23 AWS re:Inforce 2019: Governance for the Cloud
Age (DEM12-R1) https://youtu.be/y3WmHnavuN8
SUPINF Inc དྷͷώϡʔετϯ Ͱָ͠ΉͨΊʹ
SUPINF Inc 25 ϫʔΫγϣοϓࢀՃ AWS ͷதͷਓ ࣭͍ͨ͠ɺΛཧղ͍ͨ͠
SUPINF Inc Tips ͦͷɹ ࣄલʹ४උ͢Δ 26 1: • AWS ͷւ֎ΧϯϑΝϨϯε҆͘ͳ͍
‣ ຊͰΘ͔Δ͜ͱ ௐ͍ͯ͘ ‣ Security Specialty ͱ SA Pro ͬͯͯΑ͏͘ Hello Worldʁ • ϒʔεΛճΔ ‣ ࣗͷࣄۀͱࠔ͍ͬͯΔϙΠϯτΛ ӳޠͰ આ໌ͯ͠ΈΔ ‣ Λฉ͍ͯΈ͍ͨ SaaS ʹࣄલʹΞϙΛͱͬͯΈΔ
SUPINF Inc Tips ͦͷɹ ຊʹ͍Δ͍͋ͩʹਓ຺Λ͛Δ 27 2: • ࠓνϟϯεͰ͢ ‣
AWS Japan ͞Μ͔Βͷใൃ৴ΛੵۃతʹऔΓʹ ‣ ͢Ͱʹ࣮ફ͍ͯ͠Δਓ͔ΒΓํΛฉ͍ͯ͠·͏ • ݱ ‣ Ϙον൧ͷϦεΫ ‣ հͰΞϙ͕ೖΔͱΓɺձ͍͍͢ʢ͋ͨΓ·͑ʣ
SUPINF Inc 28 ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ :) ࢀߟɿ • AWS re:Inforce 2019:
Using AWS Control Tower to Govern Multi- Account AWS Environments (GRC313-R) https://www.youtube.com/ watch?v=2t-VkWt0rKk • ϏϧμʔʹඞཁͳηΩϡϦςΟʮ൪ʯͰͳ͘ʮΨʔυϨʔϧʯ - िץΞεΩʔ https://weekly.ascii.jp/elem/000/000/425/425592/ • Identity Round Robin Workshop Permissions Boundaries https:// identity-round-robin.awssecworkshops.com/permission-boundaries/ presentation.pdf • Aporeto https://www.aporeto.com • Turbot https://turbot.com
SUPINF
Our Works ϏδωεΤϦΞͷ͝հ ্ྲྀϑΣʔζ͔ΒɺԼྲྀϑΣʔζ ·Ͱ ͯ͢ड͚Δࣄ͕ՄೳͰ͢ɻ SES ฐࣾͰߏஙޙͪΖΜɺطʹՔ ಇ͍ͯ͠ΔαʔϏεʹ͍ͭͯ αϙʔτ͠·͢ɻ
MSP ओʹӦۀಉߦͱͯ͠ͷɹ ٕज़తͳαϙʔτΛ͍ͯ͠·͢ɻ Sales Support ॳظߏஙͷࢼࢉ෦͚ͩͰͳ͘ αʔόʔҠߦɾϓϩάϥϜҠߦ ରԠ͠·͢ɻ POC PMOʹΔ෦ͪΖΜͷ͜ ͱɺࣾεΩϧΛߴΊ͍ͨͱݴͬ ͨߨशߦ͍ͬͯ·͢ɻ Consulting
(C) SUPINF Inc., All Rights Reserved. < CONFIDENTIAL > "84ϚωʔδυαʔϏεΛ౷߹͢Δ͜ͱͰ֦ுੑ
ٴͼӡ༻ੑೳͷߴ͍γεςϜΛ࣮ݱ $PHOJUPɺ"1*(BUFXBZʹΑΔೝূج൫ 424ɺ-BNCEBɺ"84#BUDIΛ Έ߹Θͤͨ൚༻δϣϒཧγεςϜ ΦϯϓϨϛεͱͷϋΠϒϦουڥ ฐࣾ୲ΤϦΞ ⾣طଘۀγεςϜͷ3&45"1*Խ ⾣ϓϥοτϑΥʔϜͷઃܭ ߏங Ϛϧνςφϯτ / SaaS ܕ - API ϓϥοτϑΥʔϜ
Kubernetes ʹΑΔϋΠϒϦουػցֶशڥ (C) SUPINF Inc., All Rights Reserved. < CONFIDENTIAL
> ΦϯϓϨϛε༏ઌɺࣾγεςϜͱͷ౷߹ %PDLFSϨδετϦϑΝΠϧετϨʔδΦϯϓϨ ηΩϡϦςΟϨϕϧʹԠͨ͡ϑΝΠϧసૹ੍ޚ %(9 LT ࣾೝূγεςϜ౷߹ֶशج൫ "1*ͳͲΛ௨ͨ݁͡ՌϦιʔεঢ়ଶͷՄࢹԽ εέʔϧઌͱͯ͠"84ͷ(16αʔόʔΛར༻ ,VCFSOFUFTͷϊʔυͱͯ͠%9ઌͷΫϥυΛ ฐࣾ୲ΤϦΞ ⾣Πϯϑϥͷઃܭ ߏங corporate data center AWS cloud ֶशΫϥελ ֶशΫϥελ & ΦϯϓϨϛεڥ ߴੑೳετϨʔδ
౦ژौ୩۠ौ୩2-11-5 03-6427-6517 https://www.facebook.com/supinf/ @supinf_pr CONTACT US And thank you for
your time