1. AWS 2014426

2. Who am I ? ( ) 1978 AWS 140 60 250 Amazon Web Services http://aws.typepad.com/aws_japan/ 10+ years web engineer in startups Director of V-cube (perl), 2001 - 2006 CTO of FlipClip (perl), 2006 - 2009 CTO of gumi (python), 2009 - 2012 @horiuchi horiyasu ! 3. Amazon 4. Amazon High Volume / Low Margin 5. Amazon.com70 AWS 6. Security Infrastructure 7. SUNCORP - SUNCORP BANK: - SUNCORP Insurance: - 14 90015 2000 8. 1 - - - 2 - - - 3 - BI 18 - 2000AWS 9. 40 36 3000AWS AWS - API/ 100 10. NASDAQ OMX FinQloud 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of 11. NASDAQ OMX FinQloudAWS SEC AWS FinQloudAWS Eric Noll, Executive Vice President of Transaction Services U.S. and U.K. at NASDAQ OMX 12. - - - - - - - - 13. - AWS 14. AWS OS + Customer 15. AWS and/or IAM OS Amazon 16. AWS OS + Customer 17. - - - - 24/365 ! - 8 18. AWS AWS - http://aws.amazon.com/jp/security/ 19. AWS Tier-1 - - 20. 3 AWS - SSAE 16/ISAE 3402SOC1SAS70) - SOC2SOC3 - ISO 27001 Certification - PCI DSS Level 1 - FISMA moderate - Sarbanes-Oxley (SOX) - FedRAMP - DoD () AWS - HIPAA () - P - ASPSaaS - http://aws.amazon.com/jp/security/ - http://aws.amazon.com/jp/compliance/ 21. DDoS: - DDos MITM: - SSL - EC2 IP : - OS : AWS ! : 22. 23. AWS OS + Customer 24. AWS OS + Customer 25. AWS Amazon VPC = AWS Direct Connect = AWS IAM = AWS AWS CloudTrail = AWS AWS Trusted Advisor = AWS Multi-Factor Authentication (MFA) 26. AWS GovCloud EU US ITAR Region 10 Regions () | 26 Availability Zones() | 51 Edge Locations 27. Amazon Virtual Private Cloud () AWS Direct Connect () 192.168.11.8 IP NW () NW Direct Connect Internet VPNVirtual GW VPN(BGP/Static) 28. AWS Identity and Access Management = AWS AWS ! AWS - AWS - - 29. IAM API S3 S3 30. NASA http://www.atmarkit.co.jp/ait/articles/1301/24/news087.html 31. AWS CloudTrail AWSS3 - MFA Delete - AWSID - - - - ()() AWS http://bit.ly/1gK8khf 32. AWS Trusted Advisor AWS AWS AWS 33. Multi-Factor Authentication (MFA) MFA AWSIAM MFA (Google Authenticator) 34. OS + = Customer 35. AWS 36. PCI-DSS AWS : CaseStudy PCI DSS AWS ! 37. Amazon Web Services FISC8AWS AWS AWSFISC http://aws.amazon.com/jp/aws-jp-fisclist/ 38. AWS Summit 2013 IT IT ! AWSAWS AWSAWS 39. AWS ! TMNFCertifiedAWS AWS SaaS on AWS AWS 40. AWS ! Amazon VPC ! ! 12 41. AWS 42. AWS 43. (R3) () - GiB$0.0138 (large$0.0140) - m2(GiB$0.0168)8 2014/04/10 http://bit.ly/1kvdG2V 44. GPU IO CR1M2CC2C1 HI1 HS1 CG1M1 45. GPU IO CR1M2CC2C1 HI1 CG1M1 G2M3 R3C3 I2 HS1 46. M3 - Intel Xeon E5-2670 (Sandy Bridge) SSD CPU vCPU (GiB) SSD (GB) ) m3.medium 1 3.75 1 x 4 $0.101 m3.large 2 7.5 1 x 32 $0.203 m3.xlarge 4 15 2 x 40 $0.405 m3.2xlarge 8 30 2 x 80 $0.810 47. C3 - CPU Intel Xeon E5-2670 v2 (Ivy Bridge) SSD (SR-IOV, VPC) CPUCPU vCPU (GiB) SSD (GB) ) c3.large 2 7 2 x 16 $0.128 c3.xlarge 4 14 2 x 40 $0.255 c3.2xlarge 8 28 2 x 80 $0.511 c3.4xlarge 16 55 2 x 160 $1.021 c3.8xlarge 32 108 2 x 320 $2.043 48. R3 - Intel Xeon E5-2670 v2 (Ivy Bridge) SSD (SR-IOV, VPC) GiB vCPU (GiB) SSD (GB) ) r3.large 2 15 1 x 32 $0.210 r3.xlarge 4 30.05 1 x 80 $0.420 r3.2xlarge 8 61 1 x 160 $0.840 r3.4xlarge 16 122 1 x 320 $1.680 r3.8xlarge 32 244 2 x 320 $3.360 49. I2 - Intel Xeon E5-2670 v2 (Ivy Bridge) SSD TRIM (SR-IOV, VPC) I/OIOPS i2.8xlarge365,000315,000 vCPU (GiB) SSD (GB) ) i2.xlarge 4 30.05 1 x 800 $1.051 i2.2xlarge 8 61 2 x 800 $2.101 i2.4xlarge 16 122 4 x 800 $4.202 i2.8xlarge 32 244 8 x 800 $8.404 50. AWS Elastic Beanstalk for Docker 2014/04/24 http://bit.ly/1f8Bd7z Meets Amazon Linux AMI 2014.03 Docker 51. AWS 59 25AWS 52. http://aws.amazon.com/jp/training/intro_series/ AWS Amazon Simple Storage ServiceS3 Amazon Elastic Compute CloudEC2 AWS Identity and Access ManagementIAM Amazon Elastic Block StoreEBS Amazon Elastic Load Balancing ! AWS http://aws.amazon.com/jp/training/ 53. AWS Summit Tokyo 2014 2014717() 18() () () http://www.awssummittokyo.com/ -