{"id":2314,"date":"2025-03-24T08:47:43","date_gmt":"2025-03-23T23:47:43","guid":{"rendered":"https:\/\/dexall.co.jp\/articles\/?p=2314"},"modified":"2025-03-24T08:48:06","modified_gmt":"2025-03-23T23:48:06","slug":"%e3%80%90%e4%bf%9d%e5%ad%98%e7%89%88%e3%80%91terraform%e3%81%a7s3%e3%82%92%e6%a7%8b%e7%af%89%e3%81%99%e3%82%8b%e5%ae%8c%e5%85%a8%e3%82%ac%e3%82%a4%e3%83%892024-%e3%80%9c%e3%82%bb%e3%82%ad%e3%83%a5","status":"publish","type":"post","link":"https:\/\/dexall.co.jp\/articles\/?p=2314","title":{"rendered":"\u3010\u4fdd\u5b58\u7248\u3011Terraform\u3067S3\u3092\u69cb\u7bc9\u3059\u308b\u5b8c\u5168\u30ac\u30a4\u30c92024 \u301c\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u4ed8\u304d\u301c"},"content":{"rendered":"\n<div class=\"toc\"><br \/>\n<b>Warning<\/b>:  Undefined array key \"is_admin\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>116<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_category_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>121<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>128<\/b><br \/>\n    <div id=\"toc_container\" class=\"sgb-toc--bullets js-smooth-scroll\" data-dialog-title=\"\u76ee\u6b21\">\n      <p class=\"toc_title\">\u76ee\u6b21 <\/p>\n      <ul class=\"toc_list\">  <li class=\"first\">    <a href=\"#i-0\">Terraform\u3067S3\u3092\u69cb\u7bc9\u3059\u308b\u57fa\u790e\u77e5\u8b58<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-1\">Terraform\u3068S3\u306e\u95a2\u4fc2\u6027\u3092\u7406\u89e3\u3057\u3088\u3046<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-2\">Terraform\u69cb\u6210\u7ba1\u7406\u306e\u91cd\u8981\u6027<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-3\">Terraform\u3067\u306eS3\u30d0\u30b1\u30c3\u30c8\u4f5c\u6210\u624b\u9806<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-4\">\u57fa\u672c\u7684\u306aS3\u30d0\u30b1\u30c3\u30c8\u306e\u5b9a\u7fa9\u65b9\u6cd5<\/a>      <\/li>      <li>        <a href=\"#i-5\">\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3068\u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\u30eb\u30fc\u30eb\u306e\u8a2d\u5b9a<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-6\">\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u5b9f\u88c5\u65b9\u6cd5<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-7\">S3\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u3092Terraform\u3067\u5b9f\u88c5<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-8\">\u6697\u53f7\u5316\u8a2d\u5b9a\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>      <\/li>      <li>        <a href=\"#i-9\">\u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\u306e\u52b9\u679c\u7684\u306a\u8a2d\u5b9a\u65b9\u6cd5<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-10\">CORS\u306e\u8a2d\u5b9a\u3068\u6ce8\u610f\u70b9<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-11\">Terraform\u306b\u3088\u308b\u904b\u7528\u7ba1\u7406\u306e\u52b9\u7387\u5316<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-12\">\u30e2\u30b8\u30e5\u30fc\u30eb\u5316\u306b\u3088\u308b\u30b3\u30fc\u30c9\u518d\u5229\u7528<\/a>      <\/li>      <li>        <a href=\"#i-13\">\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-14\">CI\/CD\u30d1\u30a4\u30d7\u30e9\u30a4\u30f3\u3078\u306e\u7d71\u5408\u65b9\u6cd5<\/a>      <\/li>    <\/ul>  <\/li>  <li class=\"last\">    <a href=\"#i-15\">\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u3068\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-16\">\u3088\u304f\u3042\u308b\u30a8\u30e9\u30fc\u3068\u89e3\u6c7a\u65b9\u6cd5<\/a>      <\/li>      <li>        <a href=\"#i-17\">\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6700\u9069\u5316\u306e\u30b3\u30c4<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-18\">\u672c\u756a\u74b0\u5883\u3067\u306e\u904b\u7528\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>      <\/li>    <\/ul>  <\/li><\/ul>\n      <a href=\"#\" class=\"sgb-toc-button js-toc-button\" rel=\"nofollow\" data-open-dialog=\"true\"><i class=\"fa fa-list\"><\/i><span class=\"sgb-toc-button__text\">\u76ee\u6b21\u3078<\/span><\/a>\n    <\/div><\/div><h2 class=\"wp-block-heading\" id=\"i-0\">Terraform\u3067S3\u3092\u69cb\u7bc9\u3059\u308b\u57fa\u790e\u77e5\u8b58<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-1\">Terraform\u3068S3\u306e\u95a2\u4fc2\u6027\u3092\u7406\u89e3\u3057\u3088\u3046<\/h3>\n\n\n\n<p>Terraform\u3068AWS S3\u306e\u7d44\u307f\u5408\u308f\u305b\u306f\u3001\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u306e\u30b3\u30fc\u30c9\u5316\uff08IaC\uff09\u306b\u304a\u3044\u3066\u975e\u5e38\u306b\u5f37\u529b\u306a\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u3092\u63d0\u4f9b\u3057\u307e\u3059\u3002Terraform\u306fHashiCorp\u304c\u63d0\u4f9b\u3059\u308bIaC\u30c4\u30fc\u30eb\u3067\u3001S3\u306fAWS\u304c\u63d0\u4f9b\u3059\u308b\u30b9\u30b1\u30fc\u30e9\u30d6\u30eb\u306a\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u30b9\u30c8\u30ec\u30fc\u30b8\u30b5\u30fc\u30d3\u30b9\u3067\u3059\u3002<\/p>\n\n\n\n<p>Terraform\u3092\u4f7f\u7528\u3057\u3066S3\u3092\u7ba1\u7406\u3059\u308b\u4e3b\u306a\u30e1\u30ea\u30c3\u30c8\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u30d0\u30fc\u30b8\u30e7\u30f3\u7ba1\u7406<\/strong>: \u30a4\u30f3\u30d5\u30e9\u306e\u5909\u66f4\u5c65\u6b74\u3092 Git \u3067\u7ba1\u7406\u53ef\u80fd<\/li>\n\n\n\n<li><strong>\u51aa\u7b49\u6027\u306e\u78ba\u4fdd<\/strong>: \u540c\u3058\u30b3\u30fc\u30c9\u3092\u8907\u6570\u56de\u5b9f\u884c\u3057\u3066\u3082\u540c\u3058\u7d50\u679c\u304c\u5f97\u3089\u308c\u308b<\/li>\n\n\n\n<li><strong>\u81ea\u52d5\u5316<\/strong>: \u74b0\u5883\u69cb\u7bc9\u306e\u81ea\u52d5\u5316\u306b\u3088\u308b\u4eba\u7684\u30df\u30b9\u306e\u524a\u6e1b<\/li>\n\n\n\n<li><strong>\u518d\u73fe\u6027<\/strong>: \u958b\u767a\u74b0\u5883\u304b\u3089\u672c\u756a\u74b0\u5883\u307e\u3067\u540c\u3058\u69cb\u6210\u3092\u7c21\u5358\u306b\u8907\u88fd<\/li>\n<\/ul>\n\n\n\n<p>\u57fa\u672c\u7684\u306a\u69cb\u6587\u4f8b\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">resource \"aws_s3_bucket\" \"example\" {\n  bucket = \"my-terraform-bucket\"\n\n  tags = {\n    Environment = \"Dev\"\n    Management  = \"Terraform\"\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-2\">Terraform\u69cb\u6210\u7ba1\u7406\u306e\u91cd\u8981\u6027<\/h3>\n\n\n\n<p>\u52b9\u679c\u7684\u306aTerraform\u69cb\u6210\u7ba1\u7406\u306b\u306f\u3001\u4ee5\u4e0b\u306e\u8981\u7d20\u304c\u91cd\u8981\u3067\u3059\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u958b\u767a\u74b0\u5883\u3068\u672c\u756a\u74b0\u5883\u306e\u5206\u96e2\nterraform workspace new development\nterraform workspace new production<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u5909\u6570\u306e\u9069\u5207\u306a\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># variables.tf\nvariable \"environment\" {\n  type        = string\n  description = \"\u30c7\u30d7\u30ed\u30a4\u74b0\u5883\uff08dev\/prod\uff09\"\n}\n\n# terraform.tfvars\nenvironment = \"dev\"<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u30e2\u30b8\u30e5\u30fc\u30eb\u5316\u306b\u3088\u308b\u518d\u5229\u7528\u6027\u306e\u5411\u4e0a<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">module \"s3_bucket\" {\n  source = \".\/modules\/s3\"\n\n  bucket_name = \"my-app-${var.environment}\"\n  environment = var.environment\n}<\/pre>\n\n\n\n<ol start=\"4\" class=\"wp-block-list\">\n<li><strong>\u72b6\u614b\u7ba1\u7406\u306e\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u8a2d\u5b9a\nterraform {\n  backend \"s3\" {\n    bucket = \"terraform-state-bucket\"\n    key    = \"state\/terraform.tfstate\"\n    region = \"ap-northeast-1\"\n  }\n}<\/pre>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u57fa\u790e\u3092\u62bc\u3055\u3048\u308b\u3053\u3068\u3067\u3001\u4ee5\u964d\u306eS3\u30d0\u30b1\u30c3\u30c8\u69cb\u7bc9\u3084\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u3092\u30b9\u30e0\u30fc\u30ba\u306b\u9032\u3081\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u307e\u305f\u3001\u30c1\u30fc\u30e0\u958b\u767a\u306b\u304a\u3044\u3066\u3082\u4e00\u8cab\u6027\u306e\u3042\u308b\u7ba1\u7406\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-3\">Terraform\u3067\u306eS3\u30d0\u30b1\u30c3\u30c8\u4f5c\u6210\u624b\u9806<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-4\">\u57fa\u672c\u7684\u306aS3\u30d0\u30b1\u30c3\u30c8\u306e\u5b9a\u7fa9\u65b9\u6cd5<\/h3>\n\n\n\n<p>S3\u30d0\u30b1\u30c3\u30c8\u306e\u57fa\u672c\u8a2d\u5b9a\u306b\u306f\u4ee5\u4e0b\u306e\u8981\u7d20\u304c\u542b\u307e\u308c\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">resource \"aws_s3_bucket\" \"main\" {\n  bucket = \"my-application-bucket-${var.environment}\"\n\n  # \u30d5\u30a9\u30fc\u30b9\u30c7\u30b9\u30c8\u30ed\u30a4\u306e\u8a2d\u5b9a\n  force_destroy = false\n\n  tags = {\n    Name        = \"MyApplicationBucket\"\n    Environment = var.environment\n    ManagedBy   = \"Terraform\"\n  }\n}\n\n# \u30d0\u30b1\u30c3\u30c8\u306e\u6240\u6709\u6a29\u8a2d\u5b9a\nresource \"aws_s3_bucket_ownership_controls\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n\n  rule {\n    object_ownership = \"BucketOwnerPreferred\"\n  }\n}\n\n# \u30d1\u30d6\u30ea\u30c3\u30af\u30a2\u30af\u30bb\u30b9\u306e\u30d6\u30ed\u30c3\u30af\nresource \"aws_s3_bucket_public_access_block\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n\n  block_public_acls       = true\n  block_public_policy     = true\n  ignore_public_acls      = true\n  restrict_public_buckets = true\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-5\">\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3068\u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\u30eb\u30fc\u30eb\u306e\u8a2d\u5b9a<\/h3>\n\n\n\n<p>\u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u3068\u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\u30eb\u30fc\u30eb\u306f\u3001\u30c7\u30fc\u30bf\u306e\u4fdd\u8b77\u3068\u904b\u7528\u30b3\u30b9\u30c8\u306e\u6700\u9069\u5316\u306b\u91cd\u8981\u3067\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u306e\u6709\u52b9\u5316\nresource \"aws_s3_bucket_versioning\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n\n  versioning_configuration {\n    status = \"Enabled\"\n  }\n}\n\n# \u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\u30eb\u30fc\u30eb\u306e\u8a2d\u5b9a\nresource \"aws_s3_bucket_lifecycle_rule\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n  id     = \"file-transition\"\n  status = \"Enabled\"\n\n  transition {\n    days          = 30\n    storage_class = \"STANDARD_IA\"\n  }\n\n  transition {\n    days          = 60\n    storage_class = \"GLACIER\"\n  }\n\n  noncurrent_version_transition {\n    noncurrent_days = 30\n    storage_class   = \"GLACIER\"\n  }\n\n  expiration {\n    days = 90\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-6\">\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u5b9f\u88c5\u65b9\u6cd5<\/h3>\n\n\n\n<p>S3\u30d0\u30b1\u30c3\u30c8\u306e\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306f\u3001\u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\u3068IAM\u30ed\u30fc\u30eb\u306e\u7d44\u307f\u5408\u308f\u305b\u3067\u5b9f\u73fe\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># IAM\u30ed\u30fc\u30eb\u306e\u4f5c\u6210\nresource \"aws_iam_role\" \"s3_access\" {\n  name = \"s3-access-role\"\n\n  assume_role_policy = jsonencode({\n    Version = \"2012-10-17\"\n    Statement = [\n      {\n        Action = \"sts:AssumeRole\"\n        Effect = \"Allow\"\n        Principal = {\n          Service = \"ec2.amazonaws.com\"\n        }\n      }\n    ]\n  })\n}\n\n# IAM\u30dd\u30ea\u30b7\u30fc\u306e\u4f5c\u6210\nresource \"aws_iam_role_policy\" \"s3_access\" {\n  name = \"s3-access-policy\"\n  role = aws_iam_role.s3_access.id\n\n  policy = jsonencode({\n    Version = \"2012-10-17\"\n    Statement = [\n      {\n        Effect = \"Allow\"\n        Action = [\n          \"s3:GetObject\",\n          \"s3:PutObject\",\n          \"s3:ListBucket\"\n        ]\n        Resource = [\n          aws_s3_bucket.main.arn,\n          \"${aws_s3_bucket.main.arn}\/*\"\n        ]\n      }\n    ]\n  })\n}\n\n# \u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\u306e\u8a2d\u5b9a\nresource \"aws_s3_bucket_policy\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n\n  policy = jsonencode({\n    Version = \"2012-10-17\"\n    Statement = [\n      {\n        Sid       = \"AllowSSLRequestsOnly\"\n        Effect    = \"Deny\"\n        Principal = \"*\"\n        Action    = \"s3:*\"\n        Resource = [\n          aws_s3_bucket.main.arn,\n          \"${aws_s3_bucket.main.arn}\/*\"\n        ]\n        Condition = {\n          Bool = {\n            \"aws:SecureTransport\": \"false\"\n          }\n        }\n      }\n    ]\n  })\n}<\/pre>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u8a2d\u5b9a\u306b\u3088\u308a\u3001\u30bb\u30ad\u30e5\u30a2\u3067\u7ba1\u7406\u3057\u3084\u3059\u3044S3\u30d0\u30b1\u30c3\u30c8\u3092\u69cb\u7bc9\u3067\u304d\u307e\u3059\u3002\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306f\u6700\u5c0f\u6a29\u9650\u306e\u539f\u5247\u306b\u5f93\u3044\u3001\u5fc5\u8981\u6700\u5c0f\u9650\u306e\u6a29\u9650\u306e\u307f\u3092\u4ed8\u4e0e\u3059\u308b\u3088\u3046\u306b\u3057\u307e\u3057\u3087\u3046\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-7\">S3\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u3092Terraform\u3067\u5b9f\u88c5<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-8\">\u6697\u53f7\u5316\u8a2d\u5b9a\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h3>\n\n\n\n<p>S3\u30d0\u30b1\u30c3\u30c8\u306e\u6697\u53f7\u5316\u8a2d\u5b9a\u306f\u3001\u30c7\u30fc\u30bf\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u57fa\u672c\u3067\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30c7\u30d5\u30a9\u30eb\u30c8\u306e\u6697\u53f7\u5316\u8a2d\u5b9a\nresource \"aws_s3_bucket_server_side_encryption_configuration\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n\n  rule {\n    apply_server_side_encryption_by_default {\n      sse_algorithm     = \"aws:kms\"\n      kms_master_key_id = aws_kms_key.s3_encryption.arn\n    }\n    bucket_key_enabled = true\n  }\n}\n\n# KMS\u30ad\u30fc\u306e\u4f5c\u6210\nresource \"aws_kms_key\" \"s3_encryption\" {\n  description             = \"KMS key for S3 bucket encryption\"\n  deletion_window_in_days = 10\n  enable_key_rotation     = true\n\n  policy = jsonencode({\n    Version = \"2012-10-17\"\n    Statement = [\n      {\n        Sid    = \"Enable IAM User Permissions\"\n        Effect = \"Allow\"\n        Principal = {\n          AWS = \"arn:aws:iam::${data.aws_caller_identity.current.account_id}:root\"\n        }\n        Action   = \"kms:*\"\n        Resource = \"*\"\n      }\n    ]\n  })\n}\n\n# KMS\u30ad\u30fc\u306e\u30a8\u30a4\u30ea\u30a2\u30b9\u8a2d\u5b9a\nresource \"aws_kms_alias\" \"s3_encryption\" {\n  name          = \"alias\/s3-encryption\"\n  target_key_id = aws_kms_key.s3_encryption.key_id\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-9\">\u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\u306e\u52b9\u679c\u7684\u306a\u8a2d\u5b9a\u65b9\u6cd5<\/h3>\n\n\n\n<p>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u5f37\u5316\u3059\u308b\u30d0\u30b1\u30c3\u30c8\u30dd\u30ea\u30b7\u30fc\u306e\u4f8b\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">resource \"aws_s3_bucket_policy\" \"secure\" {\n  bucket = aws_s3_bucket.main.id\n\n  policy = jsonencode({\n    Version = \"2012-10-17\"\n    Statement = [\n      {\n        Sid    = \"EnforceHTTPS\"\n        Effect = \"Deny\"\n        Principal = \"*\"\n        Action = \"s3:*\"\n        Resource = [\n          aws_s3_bucket.main.arn,\n          \"${aws_s3_bucket.main.arn}\/*\"\n        ]\n        Condition = {\n          Bool = {\n            \"aws:SecureTransport\": \"false\"\n          }\n        }\n      },\n      {\n        Sid    = \"DenyIncorrectEncryptionHeader\"\n        Effect = \"Deny\"\n        Principal = \"*\"\n        Action = \"s3:PutObject\"\n        Resource = \"${aws_s3_bucket.main.arn}\/*\"\n        Condition = {\n          StringNotEquals = {\n            \"s3:x-amz-server-side-encryption\": \"aws:kms\"\n          }\n        }\n      },\n      {\n        Sid    = \"DenyUnencryptedObjectUploads\"\n        Effect = \"Deny\"\n        Principal = \"*\"\n        Action = \"s3:PutObject\"\n        Resource = \"${aws_s3_bucket.main.arn}\/*\"\n        Condition = {\n          Null = {\n            \"s3:x-amz-server-side-encryption\": \"true\"\n          }\n        }\n      }\n    ]\n  })\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-10\">CORS\u306e\u8a2d\u5b9a\u3068\u6ce8\u610f\u70b9<\/h3>\n\n\n\n<p>Cross-Origin Resource Sharing (CORS)\u306e\u8a2d\u5b9a\u4f8b\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">resource \"aws_s3_bucket_cors_configuration\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n\n  cors_rule {\n    allowed_headers = [\"*\"]\n    allowed_methods = [\"GET\", \"PUT\", \"POST\"]\n    allowed_origins = [\n      \"https:\/\/${var.website_domain}\",\n      \"https:\/\/*.${var.website_domain}\"\n    ]\n    expose_headers  = [\"ETag\"]\n    max_age_seconds = 3000\n  }\n\n  # \u5fc5\u8981\u306b\u5fdc\u3058\u3066\u8907\u6570\u306e\u30eb\u30fc\u30eb\u3092\u8a2d\u5b9a\u53ef\u80fd\n  cors_rule {\n    allowed_methods = [\"GET\"]\n    allowed_origins = [\"*\"]\n  }\n}<\/pre>\n\n\n\n<p>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u306b\u304a\u3051\u308b\u91cd\u8981\u306a\u30dd\u30a4\u30f3\u30c8\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u6697\u53f7\u5316\u306e\u5f37\u5236<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>KMS\u306b\u3088\u308b\u30b5\u30fc\u30d0\u30fc\u30b5\u30a4\u30c9\u6697\u53f7\u5316\u3092\u5fc5\u9808\u5316<\/li>\n\n\n\n<li>\u30ad\u30fc\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u306e\u6709\u52b9\u5316<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30a2\u30af\u30bb\u30b9\u5236\u5fa1<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30d1\u30d6\u30ea\u30c3\u30af\u30a2\u30af\u30bb\u30b9\u306e\u5b8c\u5168\u30d6\u30ed\u30c3\u30af<\/li>\n\n\n\n<li>HTTPS\u901a\u4fe1\u306e\u5f37\u5236<\/li>\n\n\n\n<li>\u6700\u5c0f\u6a29\u9650\u306e\u539f\u5247\u306b\u57fa\u3065\u304fIAM\u30dd\u30ea\u30b7\u30fc<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u76e3\u67fb\u3068\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>CloudTrail\u306b\u3088\u308b\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u306e\u6709\u52b9\u5316<\/li>\n\n\n\n<li>CloudWatch\u30a2\u30e9\u30fc\u30e0\u306e\u8a2d\u5b9a<\/li>\n<\/ul>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u8a2d\u5b9a\u3092\u7d44\u307f\u5408\u308f\u305b\u308b\u3053\u3068\u3067\u3001\u30bb\u30ad\u30e5\u30a2\u306aS3\u74b0\u5883\u3092\u69cb\u7bc9\u3067\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-11\">Terraform\u306b\u3088\u308b\u904b\u7528\u7ba1\u7406\u306e\u52b9\u7387\u5316<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-12\">\u30e2\u30b8\u30e5\u30fc\u30eb\u5316\u306b\u3088\u308b\u30b3\u30fc\u30c9\u518d\u5229\u7528<\/h3>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># modules\/s3\/variables.tf\nvariable \"bucket_name\" {\n  type        = string\n  description = \"S3\u30d0\u30b1\u30c3\u30c8\u540d\"\n}\n\nvariable \"environment\" {\n  type        = string\n  description = \"\u74b0\u5883\u540d (dev\/stg\/prod)\"\n}\n\nvariable \"tags\" {\n  type        = map(string)\n  description = \"\u30ea\u30bd\u30fc\u30b9\u306b\u4ed8\u4e0e\u3059\u308b\u30bf\u30b0\"\n  default     = {}\n}\n\n# modules\/s3\/main.tf\nresource \"aws_s3_bucket\" \"this\" {\n  bucket = var.bucket_name\n\n  tags = merge(\n    var.tags,\n    {\n      Environment = var.environment\n      ManagedBy   = \"Terraform\"\n    }\n  )\n}\n\nmodule \"security\" {\n  source      = \".\/security\"\n  bucket_name = aws_s3_bucket.this.id\n  environment = var.environment\n}\n\n# \u4f7f\u7528\u4f8b\nmodule \"app_storage\" {\n  source      = \".\/modules\/s3\"\n  bucket_name = \"my-app-storage-${var.environment}\"\n  environment = var.environment\n\n  tags = {\n    Service = \"MyApp\"\n    Owner   = \"Platform Team\"\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-13\">\u30b9\u30c6\u30fc\u30c8\u7ba1\u7406\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h3>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># backend.tf\nterraform {\n  backend \"s3\" {\n    bucket         = \"terraform-state-management\"\n    key            = \"s3\/terraform.tfstate\"\n    region         = \"ap-northeast-1\"\n    encrypt        = true\n    dynamodb_table = \"terraform-state-lock\"\n  }\n}\n\n# DynamoDB\u306b\u3088\u308b\u30b9\u30c6\u30fc\u30c8\u30ed\u30c3\u30af\nresource \"aws_dynamodb_table\" \"terraform_state_lock\" {\n  name           = \"terraform-state-lock\"\n  hash_key       = \"LockID\"\n  billing_mode   = \"PAY_PER_REQUEST\"\n  stream_enabled = true\n\n  attribute {\n    name = \"LockID\"\n    type = \"S\"\n  }\n\n  point_in_time_recovery {\n    enabled = true\n  }\n}\n\n# \u30b9\u30c6\u30fc\u30c8\u4fdd\u5b58\u7528S3\u30d0\u30b1\u30c3\u30c8\u306e\u8a2d\u5b9a\nresource \"aws_s3_bucket\" \"terraform_state\" {\n  bucket = \"terraform-state-management\"\n\n  versioning {\n    enabled = true\n  }\n\n  server_side_encryption_configuration {\n    rule {\n      apply_server_side_encryption_by_default {\n        sse_algorithm = \"AES256\"\n      }\n    }\n  }\n\n  lifecycle {\n    prevent_destroy = true\n  }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-14\">CI\/CD\u30d1\u30a4\u30d7\u30e9\u30a4\u30f3\u3078\u306e\u7d71\u5408\u65b9\u6cd5<\/h3>\n\n\n\n<p>GitHub Actions\u3092\u4f7f\u7528\u3057\u305f\u4f8b\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">name: Terraform CI\/CD\n\non:\n  push:\n    branches: [ main ]\n  pull_request:\n    branches: [ main ]\n\njobs:\n  terraform:\n    runs-on: ubuntu-latest\n    steps:\n    - uses: actions\/checkout@v2\n\n    - name: Configure AWS credentials\n      uses: aws-actions\/configure-aws-credentials@v1\n      with:\n        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n        aws-region: ap-northeast-1\n\n    - name: Setup Terraform\n      uses: hashicorp\/setup-terraform@v1\n      with:\n        terraform_version: 1.0.0\n\n    - name: Terraform Format\n      run: terraform fmt -check\n\n    - name: Terraform Init\n      run: terraform init\n\n    - name: Terraform Plan\n      run: terraform plan -out=tfplan\n      if: github.event_name == 'pull_request'\n\n    - name: Terraform Apply\n      run: terraform apply -auto-approve tfplan\n      if: github.ref == 'refs\/heads\/main' &amp;&amp; github.event_name == 'push'<\/pre>\n\n\n\n<p>\u52b9\u7387\u7684\u306a\u904b\u7528\u306e\u305f\u3081\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u74b0\u5883\u5206\u96e2<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u307e\u305f\u306f\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u69cb\u9020\u306b\u3088\u308b\u74b0\u5883\u5206\u96e2<\/li>\n\n\n\n<li>\u74b0\u5883\u56fa\u6709\u306e\u5909\u6570\u7ba1\u7406<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u5909\u66f4\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30d7\u30eb\u30ea\u30af\u30a8\u30b9\u30c8\u30d9\u30fc\u30b9\u306e\u5909\u66f4\u30d5\u30ed\u30fc<\/li>\n\n\n\n<li>\u81ea\u52d5\u5316\u3055\u308c\u305f\u30c6\u30b9\u30c8\u3068\u30ec\u30d3\u30e5\u30fc\u30d7\u30ed\u30bb\u30b9<\/li>\n\n\n\n<li>\u5909\u66f4\u5c65\u6b74\u306e\u8ffd\u8de1<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u7ba1\u7406\u306e\u81ea\u52d5\u5316<\/li>\n\n\n\n<li>IAM\u30ed\u30fc\u30eb\u306b\u3088\u308b\u6700\u5c0f\u6a29\u9650\u306e\u9069\u7528<\/li>\n\n\n\n<li>\u76e3\u67fb\u30ed\u30b0\u306e\u6709\u52b9\u5316<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-15\">\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u3068\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-16\">\u3088\u304f\u3042\u308b\u30a8\u30e9\u30fc\u3068\u89e3\u6c7a\u65b9\u6cd5<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b9\u30c6\u30fc\u30c8\u95a2\u9023\u306e\u30a8\u30e9\u30fc<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">Error: Error locking state: Error acquiring the state lock\n\n\u89e3\u6c7a\u7b56:\n# \u30ed\u30c3\u30af\u306e\u5f37\u5236\u89e3\u9664\nterraform force-unlock [LOCK_ID]\n\n# \u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u306e\u78ba\u8a8d\nterraform init -reconfigure<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u6a29\u9650\u95a2\u9023\u306e\u30a8\u30e9\u30fc<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">Error: error creating S3 Bucket: AccessDenied: Access Denied\n\n\u89e3\u6c7a\u624b\u9806:\n1. IAM\u30dd\u30ea\u30b7\u30fc\u306e\u78ba\u8a8d\n2. AWS\u8a8d\u8a3c\u60c5\u5831\u306e\u78ba\u8a8d\n3. \u30d0\u30b1\u30c3\u30c8\u540d\u306e\u91cd\u8907\u30c1\u30a7\u30c3\u30af<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u4f9d\u5b58\u95a2\u4fc2\u30a8\u30e9\u30fc<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u4f9d\u5b58\u95a2\u4fc2\u306e\u660e\u793a\u7684\u306a\u6307\u5b9a\ndepends_on = [\n  aws_kms_key.s3_encryption\n]\n\n# \u30c7\u30fc\u30bf\u30bd\u30fc\u30b9\u306e\u9069\u5207\u306a\u4f7f\u7528\ndata \"aws_kms_key\" \"existing\" {\n  key_id = \"alias\/existing-key\"\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-17\">\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6700\u9069\u5316\u306e\u30b3\u30c4<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30e2\u30b8\u30e5\u30fc\u30eb\u8a2d\u8a08\u306e\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u3092\u8003\u616e\u3057\u305f\u30e2\u30b8\u30e5\u30fc\u30eb\u69cb\u9020\n\u251c\u2500\u2500 modules\/\n\u2502   \u251c\u2500\u2500 s3\/\n\u2502   \u2502   \u251c\u2500\u2500 main.tf      # \u30b3\u30a2\u30ea\u30bd\u30fc\u30b9\n\u2502   \u2502   \u251c\u2500\u2500 security.tf  # \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\n\u2502   \u2502   \u2514\u2500\u2500 logging.tf   # \u30ed\u30b0\u8a2d\u5b9a\n\u2502   \u2514\u2500\u2500 monitoring\/\n\u2502       \u2514\u2500\u2500 main.tf      # \u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u8a2d\u5b9a<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u30ea\u30bd\u30fc\u30b9\u306e\u4e26\u5217\u51e6\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">terraform {\n  required_providers {\n    aws = {\n      source  = \"hashicorp\/aws\"\n      version = \"~&gt; 4.0\"\n    }\n  }\n  # \u4e26\u5217\u5b9f\u884c\u6570\u306e\u8a2d\u5b9a\n  experiments = [parallel_execution]\n}<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u52b9\u7387\u7684\u306a\u30ef\u30fc\u30af\u30b9\u30da\u30fc\u30b9\u904b\u7528\nterraform workspace new ${environment}\nterraform workspace select ${environment}\nterraform plan -var-file=${environment}.tfvars<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-18\">\u672c\u756a\u74b0\u5883\u3067\u306e\u904b\u7528\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3068\u5fa9\u65e7<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d0\u30fc\u30b8\u30e7\u30cb\u30f3\u30b0\u306e\u6709\u52b9\u5316\nresource \"aws_s3_bucket_versioning\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n  versioning_configuration {\n    status = \"Enabled\"\n  }\n}\n\n# \u30ec\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u8a2d\u5b9a\nresource \"aws_s3_bucket_replication_configuration\" \"main\" {\n  bucket = aws_s3_bucket.main.id\n  role   = aws_iam_role.replication.arn\n\n  rule {\n    id     = \"backup\"\n    status = \"Enabled\"\n\n    destination {\n      bucket        = aws_s3_bucket.backup.arn\n      storage_class = \"STANDARD_IA\"\n    }\n  }\n}<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u3068\u30a2\u30e9\u30fc\u30c8<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># CloudWatch\u30e1\u30c8\u30ea\u30af\u30b9\u306e\u8a2d\u5b9a\nresource \"aws_cloudwatch_metric_alarm\" \"s3_errors\" {\n  alarm_name          = \"s3-errors\"\n  comparison_operator = \"GreaterThanThreshold\"\n  evaluation_periods  = \"2\"\n  metric_name         = \"4xxErrors\"\n  namespace           = \"AWS\/S3\"\n  period             = \"300\"\n  statistic          = \"Sum\"\n  threshold          = \"5\"\n  alarm_description  = \"S3\u30d0\u30b1\u30c3\u30c8\u306e4xx\u30a8\u30e9\u30fc\u76e3\u8996\"\n  alarm_actions      = [aws_sns_topic.alerts.arn]\n\n  dimensions = {\n    BucketName = aws_s3_bucket.main.id\n  }\n}<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u30b3\u30b9\u30c8\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30e9\u30a4\u30d5\u30b5\u30a4\u30af\u30eb\u30dd\u30ea\u30b7\u30fc\u306e\u9069\u5207\u306a\u8a2d\u5b9a<\/li>\n\n\n\n<li>\u4e0d\u8981\u306a\u30d0\u30fc\u30b8\u30e7\u30f3\u306e\u81ea\u52d5\u524a\u9664<\/li>\n\n\n\n<li>\u9069\u5207\u306a\u30b9\u30c8\u30ec\u30fc\u30b8\u30af\u30e9\u30b9\u306e\u9078\u629e<\/li>\n<\/ul>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u904b\u7528<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u5b9a\u671f\u7684\u306aIAM\u30dd\u30ea\u30b7\u30fc\u306e\u898b\u76f4\u3057<\/li>\n\n\n\n<li>\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u306e\u76e3\u8996<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b9\u30ad\u30e3\u30f3\u306e\u5b9f\u65bd<\/li>\n<\/ul>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u5b89\u5b9a\u3057\u305f\u672c\u756a\u74b0\u5883\u306e\u904b\u7528\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Warning: Undefined array key &#8220;is_admin&#8221; in \/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/ &#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":{"0":"post-2314","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-aws","7":"nothumb"},"_links":{"self":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2314","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2314"}],"version-history":[{"count":1,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2314\/revisions"}],"predecessor-version":[{"id":2315,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2314\/revisions\/2315"}],"wp:attachment":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2314"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2314"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2314"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}