{"id":15461,"date":"2021-08-06T18:03:33","date_gmt":"2021-08-06T09:03:33","guid":{"rendered":"https:\/\/itport.cloud\/?p=15461"},"modified":"2022-06-13T09:34:41","modified_gmt":"2022-06-13T00:34:41","slug":"post-15461","status":"publish","type":"post","link":"https:\/\/itport.cloud\/?p=15461","title":{"rendered":"(\u7b2c3\u56de)CloudFormation\u3067\u74b0\u5883\u69cb\u7bc9\u3092\u52b9\u7387\u5316 \uff5e Amazon S3 \u30af\u30ed\u30b9\u30ea\u30fc\u30b8\u30e7\u30f3\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u69cb\u6210\u7de8 \uff5e"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\" id=\"e79baee6aca1-1\">\u76ee\u6b21<\/h2>\n\n\n\n<p><a href=\"#1\">\u524d\u56de\u306e\u632f\u308a\u8fd4\u308a<\/a><br><a href=\"#2\">\u69cb\u6210\u30a4\u30e1\u30fc\u30b8<\/a><br><a href=\"#3\">\u5927\u962a\u30ea\u30fc\u30b8\u30e7\u30f3\u7528\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8<\/a><br>&#8211; <a href=\"#3-1\">itport-s3-osaka.yaml<\/a><br><a href=\"#4\">\u6771\u4eac\u30ea\u30fc\u30b8\u30e7\u30f3\u7528\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8<\/a><br>&#8211; <a href=\"#4-1\">itport-s3-tokyo.yaml<\/a><br><a href=\"#5\">\u78ba\u8a8d<\/a><br><a href=\"#6\">\u304a\u308f\u308a\u306b<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"1\">\u524d\u56de\u306e\u632f\u308a\u8fd4\u308a<\/h2>\n\n\n\n<figure class=\"wp-block-embed-wordpress wp-block-embed is-type-rich is-provider-it-port\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"JIlcItSQsC\"><a href=\"https:\/\/itport.cloud\/?p=14447\">(\u7b2c2\u56de)CloudFormation\u3067\u74b0\u5883\u69cb\u7bc9\u3092\u52b9\u7387\u5316<\/a><\/blockquote><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"&#8220;(\u7b2c2\u56de)CloudFormation\u3067\u74b0\u5883\u69cb\u7bc9\u3092\u52b9\u7387\u5316&#8221; &#8212; IT PORT\" src=\"https:\/\/itport.cloud\/?p=14447&#038;embed=true#?secret=JIlcItSQsC\" data-secret=\"JIlcItSQsC\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>\u524d\u56de\u307e\u3067\u306fVPC\u3084EC2\u306e\u8d77\u52d5\u3092Cloud Formation\u3092\u4f7f\u3063\u3066\u69cb\u7bc9\u3057\u3066\u307f\u307e\u3057\u305f\u3002\u4eca\u56de\u306fS3\u30d0\u30b1\u30c3\u30c8\u3092Cloud Formation\u3092\u4f7f\u7528\u3057\u3066\u69cb\u7bc9\u3057\u307e\u3059\u3002<br><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"2\">\u69cb\u6210\u30a4\u30e1\u30fc\u30b8<\/h2>\n\n\n\n<p>Amzon S3\u306e\u6a19\u6e96\u30b9\u30c8\u30ec\u30fc\u30b8\u306f 99.999999999 %\uff089 \u00d7 11\uff09\u306e\u5805\u7262\u6027\u304c\u3042\u308b\u3068\u8a00\u308f\u308c\u3066\u304a\u308a\u307e\u3059\u3002<br>\uff11\u3064\u306e\u30ea\u30fc\u30b8\u30e7\u30f3\u3067\u4f7f\u7528\u3059\u308b\u3060\u3051\u3067\u3082\u30cf\u30fc\u30c9\u969c\u5bb3\u306b\u3088\u308b\u30c7\u30fc\u30bf\u306e\u30ed\u30b9\u30c8\u306f\u5fc3\u914d\u3044\u3089\u306a\u3044\u3088\u3046\u306b\u601d\u3044\u307e\u3059\u304c\u3001\u30d3\u30b8\u30cd\u30b9\u8981\u4ef6\u306b\u3088\u3063\u3066\u306f\u9060\u9694\u5730\u3078\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3084\u30aa\u30da\u30ec\u30fc\u30b7\u30e7\u30f3\u30df\u30b9\u7b49\u306b\u3088\u308b\u30c7\u30fc\u30bf\u30ed\u30b9\u30c8\u306b\u5099\u3048\u308b\u3068\u3044\u3063\u305f\u4e8b\u3082\u51fa\u3066\u304f\u308b\u304b\u3082\u3057\u308c\u307e\u305b\u3093\u3002<br>\u4eca\u56de\u306f\uff12\u3064\u306e\u30d0\u30b1\u30c3\u30c8\u3092\u4f5c\u6210\u3057\u30af\u30ed\u30b9\u30ea\u30fc\u30b8\u30e7\u30f3\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\uff08CRR\uff09\u3092\u3059\u308b\u69cb\u6210\u3092Cloud Formation\u3067\u5b9f\u73fe\u3057\u3066\u307f\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-s3-1.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"666\" src=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-s3-1-1024x666.png\" alt=\"\" class=\"wp-image-15826\" srcset=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-s3-1-1024x666.png 1024w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-s3-1-300x195.png 300w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-s3-1-768x500.png 768w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-s3-1-450x293.png 450w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-s3-1-900x586.png 900w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption>\u69cb\u6210\u30a4\u30e1\u30fc\u30b8<\/figcaption><\/figure><\/div>\n\n\n\n<ul class=\"wp-block-list\"><li>\u30af\u30ed\u30b9\u30ea\u30fc\u30b8\u30e7\u30f3\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\uff08\u6771\u4eac\u2192\u5927\u962a\uff09<\/li><li>\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u306e\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3092\u6709\u52b9<\/li><li>\u904e\u53bb\u30d0\u30fc\u30b8\u30e7\u30f3\u306e\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u306f180\u65e5\u7d4c\u904e\u3067\u30b9\u30bf\u30f3\u30c0\u30fc\u30c9IA\u30af\u30e9\u30b9\u3078\u5909\u66f4<\/li><li>S3\u306e\u30c7\u30d5\u30a9\u30eb\u30c8\u6697\u53f7\u5316\u3092\u6709\u52b9\u5316<\/li><\/ul>\n\n\n\n<p>\u3068\u3044\u3046\uff14\u70b9\u3092\u76db\u308a\u8fbc\u3093\u3067\u3044\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"3\">\u5927\u962a\u30ea\u30fc\u30b8\u30e7\u30f3\u7528\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8<\/h2>\n\n\n\n<p>Cloud Formation\u306e\u30b9\u30bf\u30c3\u30af\u306f\u4f5c\u6210\u3059\u308b\u30ea\u30bd\u30fc\u30b9\u306e\u30ea\u30fc\u30b8\u30e7\u30f3\u3068\u540c\u3058\u30ea\u30fc\u30b8\u30e7\u30f3\u3067\u30b9\u30bf\u30c3\u30af\u3092\u5b9f\u884c\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u307e\u305a\u306f\u5927\u962a\u30ea\u30fc\u30b8\u30e7\u30f3\u3067\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u30b9\u30c8\u30ec\u30fc\u30b8\u7528S3\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"3-1\">itport-s3-osaka.yaml<\/h4>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; auto-links: false; title: ; notranslate\" title=\"\">\nAWSTemplateFormatVersion: \"2010-09-09\"\nDescription:\n  Create S3 bucket in Osaka Region\n\nMetadata:\n  \"AWS::CloudFormation::Interface\":\n    ParameterGroups:\n      - Label:\n          Default: \"Project Name Prefix\"\n        Parameters:\n          - PJPrefix\n      - Label:\n          Default: \"Group Name\"\n        Parameters:\n          - Group\n      - Label:\n          Default: \"Environment\"\n        Parameters:\n          - Environment\n\n    ParameterLabels:\n      PJPrefix:\n        default: \"Project Name Prefix\"\n      Group:\n        default: \"Group Tag Value\"\n      Environment:\n        default: \"Environment Tag Value\"\n\n# ------------------------------------------------------------#\n# Input Parameters\n# ------------------------------------------------------------#\nParameters:\n  PJPrefix:\n    Type: String\n    Default: \"itport\"\n  Group:\n    Type: String\n    Default: \"itport\"\n  Environment:\n    Type: String\n    AllowedValues:\n      - development\n      - production\n\n  # \u30d0\u30b1\u30c3\u30c8\u540d\n  BucketName:\n    Type: String\n    Default: \"itport-osaka\"\n\nResources:\n# ------------------------------------------------------------#\n# S3 Bucket\n# ------------------------------------------------------------#\n  # \u5927\u962a\u30ea\u30fc\u30b8\u30e7\u30f3\uff08DR\u7528\uff09\n  S3Bucket:\n    Type: \"AWS::S3::Bucket\"\n    # CFn\u30b9\u30bf\u30c3\u30af\u524a\u9664\u6642\u306e\u30dd\u30ea\u30b7\u30fc (Retain = \u4fdd\u6301)\n    DeletionPolicy: Retain\n    # CFn\u30b9\u30bf\u30c3\u30af\u66f4\u65b0\u6642\u306e\u30dd\u30ea\u30b7\u30fc (Retain = \u4fdd\u6301)\n    UpdateReplacePolicy: Retain\n    Properties:\n      # \u30d0\u30b1\u30c3\u30c8\u540d\n      BucketName: !Sub ${BucketName}\n      # \u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\n      VersioningConfiguration:\n        Status: Enabled\n      # \u30d0\u30b1\u30c3\u30c8ACL\n      AccessControl: BucketOwnerFullControl\n      # \u6697\u53f7\u5316\n      BucketEncryption:\n        ServerSideEncryptionConfiguration:\n          - ServerSideEncryptionByDefault:\n              SSEAlgorithm: AES256\n      # \u30d1\u30d6\u30ea\u30c3\u30af\u30a2\u30af\u30bb\u30b9\u30d6\u30ed\u30c3\u30af\n      PublicAccessBlockConfiguration:\n        BlockPublicAcls: true\n        BlockPublicPolicy: true\n        IgnorePublicAcls: true\n        RestrictPublicBuckets: true\n      # \u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\n      LifecycleConfiguration:\n        Rules:\n          - Id: !Join &#x5B;'-', &#x5B;!Sub '${BucketName}', 'Contents-LifeCycle']]\n            Status: Enabled\n            # \u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3055\u308c\u3066\u3044\u308b\u30c7\u30fc\u30bf\u306f180\u65e5\u7d4c\u904e\u3057\u305f\u3089\u30b9\u30bf\u30f3\u30c0\u30fc\u30c9IA\u306b\u79fb\u884c\u3059\u308b\n            NoncurrentVersionTransition:\n              StorageClass: STANDARD_IA\n              TransitionInDays: 180\n      # \u30bf\u30b0\n      Tags:\n        - Key: \"Name\"\n          Value: !Sub ${BucketName}\n        - Key: \"Group\"\n          Value: !Ref Group\n        - Key: \"Environment\"\n          Value: !Ref Environment\n\n  # \u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\uff08\u5927\u962a\u7528\uff09\n  BucketPolicy:\n    Type: \"AWS::S3::BucketPolicy\"\n    Properties:\n      Bucket: !Ref S3Bucket\n      PolicyDocument:\n        Statement:\n          - Sid: \"DenyIncorrectEncryptionHeader\"\n            Action:\n              - \"s3:PutObject\"\n            Effect: \"Deny\"\n            Principal: \"*\"\n            Resource: !Sub \"arn:aws:s3:::${BucketName}\/*\"\n            Condition:\n              \"StringNotEquals\":\n                \"s3:x-amz-server-side-encryption\": \"AES256\"\n          - Sid: \"DenyUnencryptedObjectUploads\"\n            Action:\n              - \"s3:PutObject\"\n            Effect: \"Deny\"\n            Principal: \"*\"\n            Resource: !Sub \"arn:aws:s3:::${BucketName}\/*\"\n            Condition:\n              \"Null\":\n                \"s3:x-amz-server-side-encryption\": \"true\"\n<\/pre><\/div>\n\n\n<p>\u4f5c\u6210\u3057\u305fyaml\u30d5\u30a1\u30a4\u30eb\u304b\u3089\u30b9\u30bf\u30c3\u30af\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"563\" src=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02-1024x563.png\" alt=\"\" class=\"wp-image-16504\" srcset=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02-1024x563.png 1024w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02-300x165.png 300w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02-768x422.png 768w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02-450x247.png 450w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02-900x494.png 900w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-02.png 1305w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption>Cloud Formation\u300c\u30b9\u30bf\u30c3\u30af\u306e\u4f5c\u6210\u300d\u753b\u9762<\/figcaption><\/figure><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"4\">\u6771\u4eac\u30ea\u30fc\u30b8\u30e7\u30f3\u7528\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8<\/h2>\n\n\n\n<p>\u7d9a\u3044\u3066\u6771\u4eac\u30ea\u30fc\u30b8\u30e7\u30f3\u306b\u79fb\u52d5\u3057\u3066\u30b9\u30bf\u30c3\u30af\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002\u4eca\u56de\u306e\u30b9\u30bf\u30c3\u30af\u3067\u306f\u30d0\u30b1\u30c3\u30c8\u3092\u4f5c\u6210\u3059\u308b\u4ee5\u5916\u306bIAM Role\u306a\u3069\u3082\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"4-1\">itport-s3-tokyo.yaml<\/h4>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; auto-links: false; title: ; notranslate\" title=\"\">\nAWSTemplateFormatVersion: \"2010-09-09\"\nDescription:\n  Create S3 Bucket in Tokyo Region\n\nMetadata:\n  \"AWS::CloudFormation::Interface\":\n    ParameterGroups:\n      - Label:\n          Default: \"Project Name Prefix\"\n        Parameters:\n          - PJPrefix\n      - Label:\n          Default: \"Group Name\"\n        Parameters:\n          - Group\n      - Label:\n          Default: \"Environment\"\n        Parameters:\n          - Environment\n\n    ParameterLabels:\n      PJPrefix:\n        default: \"Project Name Prefix\"\n      Group:\n        default: \"Group Tag Value\"\n      Environment:\n        default: \"Environment Tag Value\"\n\n# ------------------------------------------------------------#\n# Input Parameters\n# ------------------------------------------------------------#\nParameters:\n  PJPrefix:\n    Type: String\n    Default: \"itport\"\n  Group:\n    Type: String\n    Default: \"itport\"\n  Environment:\n    Type: String\n    AllowedValues:\n      - development\n      - production\n\n  # \u30d0\u30b1\u30c3\u30c8\u540d\n  BucketName:\n    Type: String\n    Default: \"itport-tokyo\"\n\n  # \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u30d0\u30b1\u30c3\u30c8\u540d\uff08\u5b8c\u5168\u306a\u30d0\u30b1\u30c3\u30c8\u540d\uff09\n  BackupBucketName:\n    Type: String\n    Default: \"itport-osaka\"\n\nResources:\n# ------------------------------------------------------------#\n# IAM Role\n# ------------------------------------------------------------#\n  WorkItemBucketBackupRole:\n    Type: 'AWS::IAM::Role'\n    Properties:\n      AssumeRolePolicyDocument:\n        Statement:\n          - Action:\n              - 'sts:AssumeRole'\n            Effect: Allow\n            Principal:\n              Service:\n                - s3.amazonaws.com\n      # \u30dd\u30ea\u30b7\u30fc\n      Policies:\n        - PolicyName: S3Replication\n          PolicyDocument:\n            Version: '2012-10-17'\n            Statement:\n              - Effect: Allow\n                Action:\n                  - s3:GetReplicationConfiguration\n                  - s3:ListBucket\n                Resource:\n                  - !Sub \"arn:aws:s3:::${BucketName}\"\n                  - !Sub \"arn:aws:s3:::${BackupBucketName}\"\n              - Effect: Allow\n                Action:\n                  - s3:GetObjectVersion\n                  - s3:GetObjectVersionAcl\n                  - s3:GetObjectVersionTagging\n                Resource:\n                  - !Sub \"arn:aws:s3:::${BucketName}\/*\"\n                  - !Sub \"arn:aws:s3:::${BackupBucketName}\/*\"\n              - Effect: Allow\n                Action:\n                  - s3:ReplicateObject\n                  - s3:ReplicateDelete\n                  - s3:ReplicateTags\n                Resource:\n                  - !Sub \"arn:aws:s3:::${BucketName}\/*\"\n                  - !Sub \"arn:aws:s3:::${BackupBucketName}\/*\"\n      # \u30bf\u30b0\n      Tags:\n        - Key: \"Name\"\n          Value: !Sub ${PJPrefix}-s3-backup-role\n        - Key: \"Group\"\n          Value: !Ref Group\n        - Key: \"Environment\"\n          Value: !Ref Environment\n\n# ------------------------------------------------------------#\n# S3 Bucket\n# ------------------------------------------------------------#\n  # \u6771\u4eac\u30ea\u30fc\u30b8\u30e7\u30f3\uff08\u30e1\u30a4\u30f3\uff09\n  S3Bucket:\n    Type: \"AWS::S3::Bucket\"\n    # CFn\u30b9\u30bf\u30c3\u30af\u524a\u9664\u6642\u306e\u30dd\u30ea\u30b7\u30fc (Retain = \u4fdd\u6301)\n    DeletionPolicy: Retain\n    # CFn\u30b9\u30bf\u30c3\u30af\u66f4\u65b0\u6642\u306e\u30dd\u30ea\u30b7\u30fc (Retain = \u4fdd\u6301)\n    UpdateReplacePolicy: Retain\n    Properties:\n      # \u30d0\u30b1\u30c3\u30c8\u540d\n      BucketName: !Sub ${BucketName}\n      # \u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3 (\u6771\u4eac\u30ea\u30fc\u30b8\u30e7\u30f3\u306e\u307f)\n      ReplicationConfiguration:\n        Role: !GetAtt\n          - WorkItemBucketBackupRole\n          - Arn\n        Rules:\n          - Destination:\n              Bucket: !Sub arn:aws:s3:::${BackupBucketName}\n              StorageClass: STANDARD\n            Id: Backup\n            Prefix: ''\n            Status: Enabled\n      # \u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\n      VersioningConfiguration:\n        Status: Enabled\n      # \u30d0\u30b1\u30c3\u30c8ACL\n      AccessControl: BucketOwnerFullControl\n      # \u6697\u53f7\u5316\n      BucketEncryption:\n        ServerSideEncryptionConfiguration:\n          - ServerSideEncryptionByDefault:\n              SSEAlgorithm: AES256\n      # \u30d1\u30d6\u30ea\u30c3\u30af\u30a2\u30af\u30bb\u30b9\u30d6\u30ed\u30c3\u30af\n      PublicAccessBlockConfiguration:\n        BlockPublicAcls: true\n        BlockPublicPolicy: true\n        IgnorePublicAcls: true\n        RestrictPublicBuckets: true\n      # \u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\n      LifecycleConfiguration:\n        Rules:\n          - Id: !Join &#x5B;'-', &#x5B;!Sub '${BucketName}', 'Contents-LifeCycle']]\n            Status: Enabled\n            # \u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3055\u308c\u3066\u3044\u308b\u30c7\u30fc\u30bf\u306f180\u65e5\u7d4c\u904e\u3057\u305f\u3089\u30b9\u30bf\u30f3\u30c0\u30fc\u30c9IA\u306b\u79fb\u884c\u3059\u308b\n            NoncurrentVersionTransition:\n              StorageClass: STANDARD_IA\n              TransitionInDays: 180\n      # \u30bf\u30b0\n      Tags:\n        - Key: \"Name\"\n          Value: !Sub ${BucketName}\n        - Key: \"Group\"\n          Value: !Ref Group\n        - Key: \"Environment\"\n          Value: !Ref Environment\n\n  # \u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\uff08\u6771\u4eac\u7528\uff09\n  BucketPolicy:\n    Type: \"AWS::S3::BucketPolicy\"\n    Properties:\n      Bucket: !Ref S3Bucket\n      PolicyDocument:\n        Statement:\n          - Sid: \"DenyIncorrectEncryptionHeader\"\n            Action:\n              - \"s3:PutObject\"\n            Effect: \"Deny\"\n            Principal: \"*\"\n            Resource: !Sub \"arn:aws:s3:::${BucketName}\/*\"\n            Condition:\n              \"StringNotEquals\":\n                \"s3:x-amz-server-side-encryption\": \"AES256\"\n          - Sid: \"DenyUnencryptedObjectUploads\"\n            Action:\n              - \"s3:PutObject\"\n            Effect: \"Deny\"\n            Principal: \"*\"\n            Resource: !Sub \"arn:aws:s3:::${BucketName}\/*\"\n            Condition:\n              \"Null\":\n                \"s3:x-amz-server-side-encryption\": \"true\"\n<\/pre><\/div>\n\n\n<h2 class=\"wp-block-heading\" id=\"5\">\u78ba\u8a8d<\/h2>\n\n\n\n<p>\u6771\u4eac\u30ea\u30fc\u30b8\u30e7\u30f3\u306e\u30d0\u30b1\u30c3\u30c8\u306b\u30d5\u30a1\u30a4\u30eb\u3092\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3059\u308b\u3068\u5927\u962a\u30ea\u30fc\u30b8\u30e7\u30f3\u306e\u30d0\u30b1\u30c3\u30c8\u306b\u3082\u30d5\u30a1\u30a4\u30eb\u304c\u30b3\u30d4\u30fc\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"371\" src=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04-1024x371.png\" alt=\"\" class=\"wp-image-16513\" srcset=\"https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04-1024x371.png 1024w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04-300x109.png 300w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04-768x278.png 768w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04-450x163.png 450w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04-900x326.png 900w, https:\/\/itport.cloud\/wp-content\/uploads\/2021\/07\/itport-cfn-3-04.png 1363w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption>Amazon S3\u300citport-osaka\u300d\u30d0\u30b1\u30c3\u30c8\u306e\u72b6\u6cc1<\/figcaption><\/figure><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"6\">\u304a\u308f\u308a\u306b<\/h2>\n\n\n\n<p>\u5225\u30ea\u30fc\u30b8\u30e7\u30f3\u3078\u306e\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u8a2d\u5b9a\u304c\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067\u6bd4\u8f03\u7684\u7c21\u5358\u306b\u51fa\u6765\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002S3\u306e\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306f\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u76ee\u7684\u3067\u5229\u7528\u3059\u308b\u3053\u3068\u304c\u307b\u3068\u3093\u3069\u304b\u3068\u601d\u3044\u307e\u3059\u3002\u4eca\u56de\u306f\u524a\u9664\u306f\u540c\u671f\u3055\u308c\u307e\u305b\u3093\u304c\u3001\u524a\u9664\u30de\u30fc\u30ab\u30fc\u306e\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3082\u53ef\u80fd\u3067\u3059\u3002\u8981\u4ef6\u306b\u3088\u3063\u3066\u30ab\u30b9\u30bf\u30de\u30a4\u30ba\u3057\u3066\u4f7f\u3063\u3066\u3044\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<br><br>\u524a\u9664\u30de\u30fc\u30ab\u30fc\u306e\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u8a2d\u5b9a\u306f\u300c<strong><a rel=\"noreferrer noopener\" aria-label=\"AWS::S3::Bucket DeleteMarkerReplication (\u65b0\u3057\u3044\u30bf\u30d6\u3067\u958b\u304f)\" href=\"https:\/\/docs.aws.amazon.com\/ja_jp\/AWSCloudFormation\/latest\/UserGuide\/aws-properties-s3-bucket-deletemarkerreplication.html\" target=\"_blank\">AWS::S3::Bucket DeleteMarkerReplication<\/a><\/strong>\u300d\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002<\/p>\n\n\n<ul class=\"lcp_catlist\" id=\"lcp_instance_0\"><li><a href=\"https:\/\/itport.cloud\/?p=13493\">(\u7b2c1\u56de)CloudFormation\u3067\u74b0\u5883\u69cb\u7bc9\u3092\u52b9\u7387\u5316<\/a><\/li><li><a href=\"https:\/\/itport.cloud\/?p=14447\">(\u7b2c2\u56de)CloudFormation\u3067\u74b0\u5883\u69cb\u7bc9\u3092\u52b9\u7387\u5316<\/a><\/li><li class=\"current\"><a href=\"https:\/\/itport.cloud\/?p=15461\">(\u7b2c3\u56de)CloudFormation\u3067\u74b0\u5883\u69cb\u7bc9\u3092\u52b9\u7387\u5316 \uff5e Amazon S3 \u30af\u30ed\u30b9\u30ea\u30fc\u30b8\u30e7\u30f3\u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u69cb\u6210\u7de8 \uff5e<\/a><\/li><\/ul>\n\n\n","protected":false},"excerpt":{"rendered":"\u76ee\u6b21 \u524d\u56de\u306e\u632f\u308a\u8fd4\u308a\u69cb\u6210\u30a4\u30e1\u30fc\u30b8\u5927\u962a\u30ea\u30fc\u30b8\u30e7\u30f3\u7528\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8- itport-s3-osaka.yaml\u6771\u4eac\u30ea\u30fc\u30b8\u30e7\u30f3\u7528\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8- itport-s3-tokyo.yaml\u78ba\u8a8d\u304a\u308f\u308a\u306b \u524d\u56de\u306e\u632f\u308a\u8fd4\u308a https:\/\/itport.cloud\/?p=14447 \u524d\u56de\u307e\u3067\u306fVPC\u3084EC2\u306e\u8d77\u52d5\u3092Cloud Formation\u3092\u4f7f\u3063\u3066\u69cb\u7bc9\u3057\u3066\u307f\u307e\u3057\u305f\u3002\u4eca\u56de\u306fS3\u30d0\u30b1\u30c3\u30c8\u3092Cloud Formation\u3092\u4f7f\u7528\u3057\u3066\u69cb\u7bc9\u3057\u307e\u3059\u3002 \u69cb\u6210\u30a4\u30e1\u30fc\u30b8 Amzon S3\u306e\u6a19\u6e96\u30b9\u30c8\u30ec\u30fc\u30b8\u306f 99.999999999 %\uff089 \u00d7 11\uff09\u306e\u5805\u7262\u6027\u304c\u3042\u308b\u3068\u8a00\u308f\u308c\u3066\u304a\u308a\u307e\u3059\u3002\uff11\u3064\u306e\u30ea\u30fc\u30b8\u30e7\u30f3\u3067\u4f7f\u7528\u3059\u308b\u3060\u3051\u3067\u3082\u30cf\u30fc\u30c9\u969c\u5bb3\u306b\u3088\u308b\u30c7\u30fc\u30bf\u306e\u30ed\u30b9\u30c8\u306f\u5fc3\u914d\u3044\u3089\u306a\u3044\u3088\u3046\u306b&hellip;","protected":false},"author":3,"featured_media":15479,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[80],"tags":[110],"class_list":{"0":"post-15461","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-aws","8":"tag-season36"},"_links":{"self":[{"href":"https:\/\/itport.cloud\/index.php?rest_route=\/wp\/v2\/posts\/15461","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itport.cloud\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itport.cloud\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itport.cloud\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/itport.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15461"}],"version-history":[{"count":27,"href":"https:\/\/itport.cloud\/index.php?rest_route=\/wp\/v2\/posts\/15461\/revisions"}],"predecessor-version":[{"id":19202,"href":"https:\/\/itport.cloud\/index.php?rest_route=\/wp\/v2\/posts\/15461\/revisions\/19202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itport.cloud\/index.php?rest_route=\/wp\/v2\/media\/15479"}],"wp:attachment":[{"href":"https:\/\/itport.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15461"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itport.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15461"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itport.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15461"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}