•

•

•

•

•

•

•

https://medium.com/netflix-techblog

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Supported By Continued Pace Of Innovation

•

•

•

•

•

Version Control Repository

Continuous Integration

Continuous Delivery

DevOps Pipeline

Client DataStore

DiscoveryGatewayBusinessDomain

MicroservicesAPI

API Gateway

Elastic Load

Balancing Amazon ECS

DynamoDB

RDS

Elastic Beanstalk

Lambda

CodeCommit

CodePipeline

CodeDeploy

S3

•

•

•

Value Analysis

Architecture Jumpstart

Security Playbook

Applications Assessment

Operational Healthcheck

Skills Assessment

Resident Architect

AWS Cloud Adoption Framework

AWS Cloud Adoption Methodology

Enterprise Accelerators

Body of Knowledge

Domains, ConceptsPatterns, Best Practices

Structures, Dependencies

Delivery Process

Methods, inputs, outputs, swim-lanesDelivery process and milestones

Tasks, sequences and results

Managed IP & Tooling

Scenarios, stakeholders, pain points, value proposition, time/cost/effort, templates,

checklists, tools

Download the CAF Whitepaper: http://d0.awsstatic.com/whitepapers/aws_cloud_adoption_framework.pdfKindle versions also available: https://aws.amazon.com/whitepapers/#cloud-adoption-framework

Version Control Repository

Continuous Integration

Continuous Delivery

DevOps Pipeline

Client DataStore

DiscoveryGatewayBusinessDomain

MicroservicesAPI

API Gateway

Elastic Load

Balancing Amazon ECS

DynamoDB

RDS

Elastic Beanstalk

Lambda

CodeCommit

CodePipeline

CodeDeploy

S3

Version Control Repository

Continuous Integration

Continuous Delivery

DevOps Pipeline

Client DataStore

DiscoveryGatewayBusinessDomain

MicroservicesAPI

API Gateway

Elastic Load

Balancing Amazon ECS

DynamoDB

RDS

Elastic Beanstalk

Lambda

CodeCommit

CodePipeline

CodeDeploy

S3

•–

–

–

–

–

•

•

•

•

•

•

•

DRAFT

•

•

•

https://github.com/stelligent/cfn_nag

→

→

→

Security

OperationsDevelopment

•

••

•

•

••

•

••

•

•

•

※

※Custom rules: ttps://github.com/awslabs/aws-config-rules

https://www.slideshare.net/AmazonWebServices/building-the-largest-repo-for-serverless-complianceascode-sid205-reinvent-2017

•

–

–

–

•

–

–

–Amazon DynamoDBTable and Stream

•

•

•

•

•

Lambda Function

Macie GuardDutyCloudTrail CloudWatch

Events

On-Instance

LogsVPC Flow

Logs

CloudWatch

LogsCloudWatch

Alarms

Lambda Function

S3 Access Logs S3 Bucket

•–

–

–

–

–

•

–•

CloudWatchEvents

Snapshot

https://docs.aws.amazon.com/ja_jp/AmazonCloudWatch/latest/events/WhatIsCloudWatchEvents.html

コード実行

AWS

CloudTrail

Amazon

CloudWatch

Events

AWS

Lambda

Amazon

Simple

Notification

Service

AWS API

endpoints Users Amazon S3

bucket

Your

security

team

AWS

IAM

role

AWS API

Your SaaS

tools

Incident Response v4.0

サードパーティーツール活用も

AWSのAPI操作

関係者間への通知

Security

OperationsDevelopment