{"id":2436,"date":"2025-03-24T08:47:17","date_gmt":"2025-03-23T23:47:17","guid":{"rendered":"https:\/\/dexall.co.jp\/articles\/?p=2436"},"modified":"2025-03-24T08:47:47","modified_gmt":"2025-03-23T23:47:47","slug":"aws-saml%e3%81%ae%e5%ae%9f%e8%a3%85%e6%96%b9%e6%b3%95%e3%81%a8%e9%81%8b%e7%94%a8%e3%83%99%e3%82%b9%e3%83%88%e3%83%97%e3%83%a9%e3%82%af%e3%83%86%e3%82%a3%e3%82%b92024%e5%b9%b4%e7%89%88","status":"publish","type":"post","link":"https:\/\/dexall.co.jp\/articles\/?p=2436","title":{"rendered":"AWS SAML\u306e\u5b9f\u88c5\u65b9\u6cd5\u3068\u904b\u7528\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b92024\u5e74\u7248"},"content":{"rendered":"\n<div class=\"toc\"><br \/>\n<b>Warning<\/b>:  Undefined array key \"is_admin\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>116<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_category_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>121<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>128<\/b><br \/>\n    <div id=\"toc_container\" class=\"sgb-toc--bullets js-smooth-scroll\" data-dialog-title=\"\u76ee\u6b21\">\n      <p class=\"toc_title\">\u76ee\u6b21 <\/p>\n      <ul class=\"toc_list\">  <li class=\"first\">    <a href=\"#i-0\">AWS SAML\u3068\u306f\uff1f\u57fa\u790e\u304b\u3089\u7406\u89e3\u3059\u308b\u8a8d\u8a3c\u306e\u4ed5\u7d44\u307f<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-1\">SAML\u30d7\u30ed\u30c8\u30b3\u30eb\u306e\u57fa\u672c\u6982\u5ff5\u3068\u52d5\u4f5c\u30d5\u30ed\u30fc<\/a>      <\/li>      <li>        <a href=\"#i-5\">AWS IAM\u3068SAML\u306e\u9023\u643a\u306b\u3088\u308b\u8a8d\u8a3c\u306e\u4ed5\u7d44\u307f<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-7\">\u5f93\u6765\u306e\u8a8d\u8a3c\u65b9\u5f0f\u3068\u6bd4\u8f03\u3057\u305f\u30e1\u30ea\u30c3\u30c8\u30fb\u30c7\u30e1\u30ea\u30c3\u30c8<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-11\">AWS SAML\u306e\u5c0e\u5165\u624b\u9806\u3068\u5b9f\u88c5\u30ac\u30a4\u30c9<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-12\">\u5fc5\u8981\u306a\u524d\u63d0\u6761\u4ef6\u3068IAM\u8a2d\u5b9a\u306e\u78ba\u8a8d\u4e8b\u9805<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-15\">ID\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u8a2d\u5b9a\u65b9\u6cd5\uff08Okta\/Azure AD\u5bfe\u5fdc\uff09<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-17\">AWS SAML\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f37\u5316\u3068\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-18\">\u30de\u30eb\u30c1\u30d5\u30a1\u30af\u30bf\u8a8d\u8a3c\uff08MFA\uff09\u3068\u306e\u4f75\u7528\u65b9\u6cd5<\/a>      <\/li>      <li>        <a href=\"#i-21\">\u30bb\u30c3\u30b7\u30e7\u30f3\u7ba1\u7406\u3068\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u6700\u9069\u5316<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-24\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u76e3\u67fb\u3068\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u306e\u8a2d\u5b9a<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-29\">AWS SAML\u306e\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u3068\u904b\u7528\u7ba1\u7406<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-30\">\u3088\u304f\u3042\u308b\u30a8\u30e9\u30fc\u3068\u89e3\u6c7a\u65b9\u6cd5<\/a>      <\/li>      <li>        <a href=\"#i-34\">\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6700\u9069\u5316\u3068\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0\u6226\u7565<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-37\">\u5b9a\u671f\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u3068\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u7ba1\u7406<\/a>      <\/li>    <\/ul>  <\/li>  <li class=\"last\">    <a href=\"#i-42\">AWS SAML\u306e\u6d3b\u7528\u4e8b\u4f8b\u3068\u5c06\u6765\u5c55\u671b<\/a>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-43\">\u4f01\u696d\u898f\u6a21\u5225\u306e\u5c0e\u5165\u4e8b\u4f8b\u3068\u6210\u529f\u306e\u30dd\u30a4\u30f3\u30c8<\/a>      <\/li>      <li>        <a href=\"#i-47\">\u30b3\u30b9\u30c8\u6700\u9069\u5316\u3068ROI\u306e\u8a08\u7b97\u65b9\u6cd5<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-51\">\u4eca\u5f8c\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3068\u6280\u8853\u52d5\u5411<\/a>      <\/li>    <\/ul>  <\/li><\/ul>\n      <a href=\"#\" class=\"sgb-toc-button js-toc-button\" rel=\"nofollow\" data-open-dialog=\"true\"><i class=\"fa fa-list\"><\/i><span class=\"sgb-toc-button__text\">\u76ee\u6b21\u3078<\/span><\/a>\n    <\/div><\/div><h2 class=\"wp-block-heading\" id=\"i-0\">AWS SAML\u3068\u306f\uff1f\u57fa\u790e\u304b\u3089\u7406\u89e3\u3059\u308b\u8a8d\u8a3c\u306e\u4ed5\u7d44\u307f<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-1\">SAML\u30d7\u30ed\u30c8\u30b3\u30eb\u306e\u57fa\u672c\u6982\u5ff5\u3068\u52d5\u4f5c\u30d5\u30ed\u30fc<\/h3>\n\n\n\n<p>SAML\uff08Security Assertion Markup Language\uff09\u306f\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c9\u30e1\u30a4\u30f3\u9593\u3067\u8a8d\u8a3c\u30fb\u8a8d\u53ef\u30c7\u30fc\u30bf\u3092\u4ea4\u63db\u3059\u308b\u305f\u3081\u306eXML\u30d9\u30fc\u30b9\u306e\u6a19\u6e96\u898f\u683c\u3067\u3059\u3002AWS\u74b0\u5883\u306b\u304a\u3051\u308bSAML\u306e\u5b9f\u88c5\u306b\u3064\u3044\u3066\u3001\u57fa\u672c\u304b\u3089\u8a73\u3057\u304f\u89e3\u8aac\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-2\">SAML\u306e\u57fa\u672c\u6982\u5ff5<\/h4>\n\n\n\n<p>SAML\u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u306f\u4ee5\u4e0b\u306e3\u3064\u306e\u91cd\u8981\u306a\u5f79\u5272\u304c\u5b58\u5728\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\uff08\u30e6\u30fc\u30b6\u30fc\uff09<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u8a8d\u8a3c\u3092\u8981\u6c42\u3059\u308b\u30a8\u30f3\u30c9\u30e6\u30fc\u30b6\u30fc<\/li>\n\n\n\n<li>\u901a\u5e38\u306f\u7d44\u7e54\u306e\u5f93\u696d\u54e1\u3084\u30b7\u30b9\u30c6\u30e0\u7ba1\u7406\u8005<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>ID\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\uff08IdP\uff09<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30e6\u30fc\u30b6\u30fc\u306e\u8a8d\u8a3c\u3092\u884c\u3046\u4fe1\u983c\u3067\u304d\u308b\u30b7\u30b9\u30c6\u30e0<\/li>\n\n\n\n<li>\u4f8b\uff1aAzure AD\u3001Okta\u3001Google Workspace<\/li>\n\n\n\n<li>\u30e6\u30fc\u30b6\u30fc\u306e\u8a8d\u8a3c\u60c5\u5831\u3092\u7ba1\u7406\u30fb\u691c\u8a3c<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b5\u30fc\u30d3\u30b9\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\uff08SP\uff09<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4fdd\u8b77\u3055\u308c\u305f\u30ea\u30bd\u30fc\u30b9\u3092\u63d0\u4f9b\u3059\u308b\u30b7\u30b9\u30c6\u30e0<\/li>\n\n\n\n<li>\u3053\u306e\u5834\u5408\u306fAWS\u30de\u30cd\u30b8\u30e1\u30f3\u30c8\u30b3\u30f3\u30bd\u30fc\u30eb<\/li>\n\n\n\n<li>IdP\u304b\u3089\u306e\u8a8d\u8a3c\u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u3092\u4fe1\u983c<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-3\">SAML\u8a8d\u8a3c\u306e\u52d5\u4f5c\u30d5\u30ed\u30fc<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u8a8d\u8a3c\u958b\u59cb\u30d5\u30a7\u30fc\u30ba<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   sequenceDiagram\n       \u30e6\u30fc\u30b6\u30fc-&gt;&gt;IdP: \u2460 \u30a2\u30af\u30bb\u30b9\u8981\u6c42\n       IdP-&gt;&gt;\u30e6\u30fc\u30b6\u30fc: \u2461 \u8a8d\u8a3c\u8981\u6c42\n       \u30e6\u30fc\u30b6\u30fc-&gt;&gt;IdP: \u2462 \u8a8d\u8a3c\u60c5\u5831\u63d0\u4f9b\n       IdP-&gt;&gt;IdP: \u2463 \u8a8d\u8a3c\u51e6\u7406<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>SAML\u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u751f\u6210\u30fb\u8ee2\u9001\u30d5\u30a7\u30fc\u30ba<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   sequenceDiagram\n       IdP-&gt;&gt;IdP: \u2464 SAML\u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u751f\u6210\n       IdP-&gt;&gt;AWS: \u2465 \u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u8ee2\u9001\n       AWS-&gt;&gt;AWS: \u2466 \u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u691c\u8a3c\n       AWS-&gt;&gt;\u30e6\u30fc\u30b6\u30fc: \u2467 \u30a2\u30af\u30bb\u30b9\u6a29\u9650\u4ed8\u4e0e<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-4\">SAML\u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u306e\u69cb\u9020<\/h4>\n\n\n\n<p>SAML\u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u306b\u306f\u4ee5\u4e0b\u306e\u91cd\u8981\u306a\u60c5\u5831\u304c\u542b\u307e\u308c\u307e\u3059\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u8a8d\u8a3c\u30b9\u30c6\u30fc\u30c8\u30e1\u30f3\u30c8<\/strong>\uff1a\u30e6\u30fc\u30b6\u30fc\u304c\u8ab0\u3067\u3042\u308b\u304b<\/li>\n\n\n\n<li><strong>\u5c5e\u6027\u30b9\u30c6\u30fc\u30c8\u30e1\u30f3\u30c8<\/strong>\uff1a\u30e6\u30fc\u30b6\u30fc\u306e\u5c5e\u6027\u60c5\u5831<\/li>\n\n\n\n<li><strong>\u8a8d\u53ef\u30b9\u30c6\u30fc\u30c8\u30e1\u30f3\u30c8<\/strong>\uff1a\u8a31\u53ef\u3055\u308c\u308b\u64cd\u4f5c\u306e\u7bc4\u56f2<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-5\">AWS IAM\u3068SAML\u306e\u9023\u643a\u306b\u3088\u308b\u8a8d\u8a3c\u306e\u4ed5\u7d44\u307f<\/h3>\n\n\n\n<p>AWS IAM\u3068SAML\u306e\u9023\u643a\u306f\u3001\u4ee5\u4e0b\u306e\u8981\u7d20\u3067\u69cb\u6210\u3055\u308c\u3066\u3044\u307e\u3059\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>IAM\u30a2\u30a4\u30c7\u30f3\u30c6\u30a3\u30c6\u30a3\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SAML\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u3068AWS\u306e\u4fe1\u983c\u95a2\u4fc2\u3092\u5b9a\u7fa9<\/li>\n\n\n\n<li>\u30e1\u30bf\u30c7\u30fc\u30bf\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3067\u8a2d\u5b9a\u3092\u7ba1\u7406<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>IAM\u30ed\u30fc\u30eb<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SAML\u8a8d\u8a3c\u3055\u308c\u305f\u30e6\u30fc\u30b6\u30fc\u306b\u4ed8\u4e0e\u3055\u308c\u308b\u6a29\u9650\u3092\u5b9a\u7fa9<\/li>\n\n\n\n<li>\u7d30\u304b\u306a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u304c\u53ef\u80fd<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u4fe1\u983c\u30dd\u30ea\u30b7\u30fc<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u3069\u306eIdP\u304b\u3089\u306e\u8a8d\u8a3c\u3092\u53d7\u3051\u5165\u308c\u308b\u304b\u3092\u6307\u5b9a<\/li>\n\n\n\n<li>\u6761\u4ef6\u4ed8\u304d\u30a2\u30af\u30bb\u30b9\u306e\u8a2d\u5b9a\u3082\u53ef\u80fd<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-6\">\u9023\u643a\u306e\u5177\u4f53\u7684\u306a\u6d41\u308c<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">graph LR\n    A[\u30e6\u30fc\u30b6\u30fc] --&gt;|1. SSO\u958b\u59cb| B[IdP]\n    B --&gt;|2. \u8a8d\u8a3c| B\n    B --&gt;|3. SAML\u30ec\u30b9\u30dd\u30f3\u30b9| C[AWS STS]\n    C --&gt;|4. \u4e00\u6642\u7684\u306a\u8a8d\u8a3c\u60c5\u5831| D[AWS\u30ea\u30bd\u30fc\u30b9]<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-7\">\u5f93\u6765\u306e\u8a8d\u8a3c\u65b9\u5f0f\u3068\u6bd4\u8f03\u3057\u305f\u30e1\u30ea\u30c3\u30c8\u30fb\u30c7\u30e1\u30ea\u30c3\u30c8<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-8\">\u30e1\u30ea\u30c3\u30c8<\/h4>\n\n\n<div id=\"id-e148b1fc-3292-47c7-96b8-2b1af9c565d0\">\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u9805\u76ee<\/th><th>SAML\u8a8d\u8a3c<\/th><th>\u5f93\u6765\u306e\u8a8d\u8a3c\u65b9\u5f0f<\/th><\/tr><\/thead><tbody><tr><td>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3<\/td><td>\u9ad8\uff08\u96c6\u4e2d\u7ba1\u7406\uff09<\/td><td>\u4e2d\uff08\u500b\u5225\u7ba1\u7406\uff09<\/td><\/tr><tr><td>\u904b\u7528\u52b9\u7387<\/td><td>\u9ad8\uff08\u81ea\u52d5\u5316\u53ef\u80fd\uff09<\/td><td>\u4f4e\uff08\u624b\u52d5\u7ba1\u7406\uff09<\/td><\/tr><tr><td>\u30e6\u30fc\u30b6\u30fc\u4f53\u9a13<\/td><td>\u826f\uff08\u30b7\u30f3\u30b0\u30eb\u30b5\u30a4\u30f3\u30aa\u30f3\uff09<\/td><td>\u666e\u901a\uff08\u500b\u5225\u30ed\u30b0\u30a4\u30f3\uff09<\/td><\/tr><tr><td>\u30b3\u30b9\u30c8\u52b9\u7387<\/td><td>\u9ad8\uff08\u7ba1\u7406\u5de5\u6570\u524a\u6e1b\uff09<\/td><td>\u4f4e\uff08\u7ba1\u7406\u30b3\u30b9\u30c8\u5927\uff09<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n<h4 class=\"wp-block-heading\" id=\"i-9\">\u30c7\u30e1\u30ea\u30c3\u30c8<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u5b9f\u88c5\u306e\u8907\u96d1\u6027<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u521d\u671f\u8a2d\u5b9a\u306b\u5c02\u9580\u77e5\u8b58\u304c\u5fc5\u8981<\/li>\n\n\n\n<li>\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u304c\u8907\u96d1<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u4f9d\u5b58\u6027<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IdP\u306e\u53ef\u7528\u6027\u306b\u4f9d\u5b58<\/li>\n\n\n\n<li>IdP\u30c0\u30a6\u30f3\u6642\u306e\u4ee3\u66ff\u624b\u6bb5\u304c\u5fc5\u8981<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b3\u30b9\u30c8<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IdP\u30e9\u30a4\u30bb\u30f3\u30b9\u8cbb\u7528<\/li>\n\n\n\n<li>\u5c0e\u5165\u6642\u306e\u521d\u671f\u6295\u8cc7<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-10\">\u5c0e\u5165\u691c\u8a0e\u306e\u30dd\u30a4\u30f3\u30c8<\/h4>\n\n\n\n<p>\u7d44\u7e54\u306e\u898f\u6a21\u3084\u8981\u4ef6\u306b\u5fdc\u3058\u3066\u3001\u4ee5\u4e0b\u306e\u89b3\u70b9\u304b\u3089\u691c\u8a0e\u304c\u5fc5\u8981\u3067\u3059\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30e6\u30fc\u30b6\u30fc\u6570\u3068\u7ba1\u7406\u306e\u8907\u96d1\u3055<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8981\u4ef6\u306e\u30ec\u30d9\u30eb<\/li>\n\n\n\n<li>\u904b\u7528\u7ba1\u7406\u306e\u4f53\u5236<\/li>\n\n\n\n<li>\u5c0e\u5165\u30fb\u904b\u7528\u30b3\u30b9\u30c8<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-11\">AWS SAML\u306e\u5c0e\u5165\u624b\u9806\u3068\u5b9f\u88c5\u30ac\u30a4\u30c9<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-12\">\u5fc5\u8981\u306a\u524d\u63d0\u6761\u4ef6\u3068IAM\u8a2d\u5b9a\u306e\u78ba\u8a8d\u4e8b\u9805<\/h3>\n\n\n\n<p>AWS SAML\u3092\u5c0e\u5165\u3059\u308b\u524d\u306b\u3001\u4ee5\u4e0b\u306e\u524d\u63d0\u6761\u4ef6\u3092\u78ba\u8a8d\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-13\">\u30b7\u30b9\u30c6\u30e0\u8981\u4ef6<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>AWS\u74b0\u5883\u306e\u6e96\u5099<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AWS \u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u6709\u52b9\u5316<\/li>\n\n\n\n<li>\u7ba1\u7406\u8005\u6a29\u9650\u3092\u6301\u3064IAM\u30e6\u30fc\u30b6\u30fc\u306e\u6e96\u5099<\/li>\n\n\n\n<li>AWS CLI\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\uff08\u30d0\u30fc\u30b8\u30e7\u30f32.x\u4ee5\u4e0a\u63a8\u5968\uff09<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>ID\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u8981\u4ef6<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SAML 2.0\u5bfe\u5fdc\u306eID\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc<\/li>\n\n\n\n<li>\u30e1\u30bf\u30c7\u30fc\u30bf\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306e\u53d6\u5f97\u6a29\u9650<\/li>\n\n\n\n<li>\u7ba1\u7406\u8005\u30a2\u30af\u30bb\u30b9\u6a29\u9650<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-14\">\u5fc5\u8981\u306a\u6a29\u9650\u3068\u30dd\u30ea\u30b7\u30fc<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"iam:CreateSAMLProvider\",\n                \"iam:GetSAMLProvider\",\n                \"iam:UpdateSAMLProvider\",\n                \"iam:DeleteSAMLProvider\",\n                \"iam:CreateRole\",\n                \"iam:PutRolePolicy\"\n            ],\n            \"Resource\": \"*\"\n        }\n    ]\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-15\">ID\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u8a2d\u5b9a\u65b9\u6cd5\uff08Okta\/Azure AD\u5bfe\u5fdc\uff09<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-16\">Okta\u306e\u8a2d\u5b9a\u624b\u9806<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u4f5c\u6210<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Okta\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\u304b\u3089\u300cApplications\u300d\u3092\u9078\u629e<\/li>\n\n\n\n<li>\u300cAdd Application\u300d\u2192\u300cCreate New App\u300d\u3092\u9078\u629e<\/li>\n\n\n\n<li>Platform: Web<\/li>\n\n\n\n<li>Sign on method: SAML 2.0<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>SAML\u8a2d\u5b9a<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   Single sign on URL: https:\/\/signin.aws.amazon.com\/saml\n   Audience URI: urn:amazon:webservices\n   Default RelayState: https:\/\/console.aws.amazon.com\/<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u5c5e\u6027\u30de\u30c3\u30d4\u30f3\u30b0<\/strong><br>Okta\u5c5e\u6027 SAML\u5c5e\u6027<br>user.email user.email<br>user.role https:\/\/aws.amazon.com\/SAML\/Attributes\/Role<br>user.sessionDuration https:\/\/aws.amazon.com\/SAML\/Attributes\/SessionDuration Azure AD\u306e\u8a2d\u5b9a\u624b\u9806<ol><li><strong>\u30a8\u30f3\u30bf\u30fc\u30d7\u30e9\u30a4\u30ba\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u4f5c\u6210<\/strong><\/li><\/ol><ul><li>Azure Portal\u3067\u300c\u30a8\u30f3\u30bf\u30fc\u30d7\u30e9\u30a4\u30ba\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u300d\u3092\u9078\u629e<\/li><li>\u300c\u65b0\u3057\u3044\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u300d\u2192\u300cAWS\u300d\u3092\u691c\u7d22<\/li><\/ul><ol><li><strong>SAML\u8a2d\u5b9a<\/strong><\/li><\/ol><code>\u8b58\u5225\u5b50: urn:amazon:webservices \u5fdc\u7b54URL: https:\/\/signin.aws.amazon.com\/saml RelayState: https:\/\/console.aws.amazon.com\/<\/code><ol start=\"3\"><li><strong>\u5c5e\u6027\u30de\u30c3\u30d4\u30f3\u30b0<\/strong><\/li><\/ol><code>&lt;Attribute Name=\"https:\/\/aws.amazon.com\/SAML\/Attributes\/Role\"&gt; &lt;AttributeValue&gt;arn:aws:iam::ACCOUNT-ID:role\/ROLE-NAME,arn:aws:iam::ACCOUNT-ID:saml-provider\/PROVIDER-NAME&lt;\/AttributeValue&gt; &lt;\/Attribute&gt;<\/code> IAM\u30ed\u30fc\u30eb\u3068\u30dd\u30ea\u30b7\u30fc\u306e\u8a2d\u5b9a\u624b\u9806 IAM\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u4f5c\u6210<ol><li><strong>\u30e1\u30bf\u30c7\u30fc\u30bf\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306e\u6e96\u5099<\/strong><\/li><\/ol><code># \u30e1\u30bf\u30c7\u30fc\u30bf\u30d5\u30a1\u30a4\u30eb\u306e\u4fdd\u5b58 aws iam create-saml-provider \\ --saml-metadata-document file:\/\/metadata.xml \\ --name \"MyIdPProvider\"<\/code><ol start=\"2\"><li><strong>\u4fe1\u983c\u95a2\u4fc2\u306e\u8a2d\u5b9a<\/strong><\/li><\/ol><code>{ \"Version\": \"2012-10-17\", \"Statement\": [ { \"Effect\": \"Allow\", \"Principal\": { \"Federated\": \"arn:aws:iam::ACCOUNT-ID:saml-provider\/PROVIDER-NAME\" }, \"Action\": \"sts:AssumeRoleWithSAML\", \"Condition\": { \"StringEquals\": { \"SAML:aud\": \"https:\/\/signin.aws.amazon.com\/saml\" } } } ] }<\/code> \u30ed\u30fc\u30eb\u306e\u4f5c\u6210\u3068\u6a29\u9650\u8a2d\u5b9a<ol><li><strong>\u30ed\u30fc\u30eb\u306e\u4f5c\u6210<\/strong><\/li><\/ol><code>aws iam create-role \\ --role-name \"SAML-User-Role\" \\ --assume-role-policy-document file:\/\/trust-policy.json<\/code><ol start=\"2\"><li><strong>\u6a29\u9650\u306e\u5272\u308a\u5f53\u3066<\/strong><\/li><\/ol><code>aws iam attach-role-policy \\ --role-name \"SAML-User-Role\" \\ --policy-arn \"arn:aws:iam::aws:policy\/ReadOnlyAccess\"<\/code> \u30bb\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a<ol><li><strong>\u30bb\u30c3\u30b7\u30e7\u30f3\u671f\u9593\u306e\u8a2d\u5b9a<\/strong><\/li><\/ol><code>{ \"Version\": \"2012-10-17\", \"Statement\": [ { \"Effect\": \"Allow\", \"Action\": [ \"sts:AssumeRoleWithSAML\" ], \"Resource\": \"*\", \"Condition\": { \"NumericLessThan\": { \"saml:SessionDuration\": \"43200\" } } } ] }<\/code><ol start=\"2\"><li><strong>\u30bb\u30c3\u30b7\u30e7\u30f3\u30bf\u30b0\u306e\u8a2d\u5b9a<\/strong><\/li><\/ol><code>{ \"Condition\": { \"StringLike\": { \"aws:RequestTag\/*\": \"${aws:PrincipalTag\/*}\" } } }<\/code> \u8a2d\u5b9a\u306e\u691c\u8a3c<ol><li><strong>\u8a2d\u5b9a\u30c6\u30b9\u30c8<\/strong><\/li><\/ol><code>aws sts assume-role-with-saml \\ --role-arn arn:aws:iam::ACCOUNT-ID:role\/ROLE-NAME \\ --principal-arn arn:aws:iam::ACCOUNT-ID:saml-provider\/PROVIDER-NAME \\ --saml-assertion file:\/\/assertion.xml<\/code><ol start=\"2\"><li><strong>\u30ed\u30b0\u306e\u78ba\u8a8d<\/strong><\/li><\/ol><ul><li>CloudTrail\u3067SAML\u8a8d\u8a3c\u306e\u30ed\u30b0\u3092\u78ba\u8a8d<\/li><li>\u30a8\u30e9\u30fc\u304c\u3042\u308b\u5834\u5408\u306f\u8a73\u7d30\u3092\u78ba\u8a8d<\/li><\/ul>\u8a2d\u5b9a\u5b8c\u4e86\u5f8c\u3001\u4ee5\u4e0b\u306e\u70b9\u3092\u5fc5\u305a\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\uff1a\n<ul class=\"wp-block-list\">\n<li>\u30b7\u30f3\u30b0\u30eb\u30b5\u30a4\u30f3\u30aa\u30f3\u304c\u6b63\u5e38\u306b\u6a5f\u80fd\u3059\u308b\u3053\u3068<\/li>\n\n\n\n<li>\u9069\u5207\u306a\u30ed\u30fc\u30eb\u304c\u5272\u308a\u5f53\u3066\u3089\u308c\u3066\u3044\u308b\u3053\u3068<\/li>\n\n\n\n<li>\u30bb\u30c3\u30b7\u30e7\u30f3\u671f\u9593\u304c\u8981\u4ef6\u3092\u6e80\u305f\u3057\u3066\u3044\u308b\u3053\u3068<\/li>\n\n\n\n<li>\u76e3\u67fb\u30ed\u30b0\u304c\u6b63\u3057\u304f\u8a18\u9332\u3055\u308c\u3066\u3044\u308b\u3053\u3068<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-17\">AWS SAML\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f37\u5316\u3068\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-18\">\u30de\u30eb\u30c1\u30d5\u30a1\u30af\u30bf\u8a8d\u8a3c\uff08MFA\uff09\u3068\u306e\u4f75\u7528\u65b9\u6cd5<\/h3>\n\n\n\n<p>SAML\u8a8d\u8a3c\u306bMFA\u3092\u7d44\u307f\u5408\u308f\u305b\u308b\u3053\u3068\u3067\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u3055\u3089\u306b\u5f37\u5316\u3067\u304d\u307e\u3059\u3002\u4ee5\u4e0b\u306b\u5177\u4f53\u7684\u306a\u5b9f\u88c5\u65b9\u6cd5\u3092\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-19\">MFA\u5b9f\u88c5\u306e\u57fa\u672c\u8a2d\u5b9a<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>ID\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u5074\u306eMFA\u8a2d\u5b9a<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   {\n     \"Version\": \"2012-10-17\",\n     \"Statement\": [{\n       \"Effect\": \"Allow\",\n       \"Principal\": {\"Federated\": \"arn:aws:iam::ACCOUNT-ID:saml-provider\/PROVIDER-NAME\"},\n       \"Action\": \"sts:AssumeRoleWithSAML\",\n       \"Condition\": {\n         \"BoolIfExists\": {\"aws:MultiFactorAuthPresent\": \"true\"}\n       }\n     }]\n   }<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>MFA\u30c7\u30d0\u30a4\u30b9\u306e\u767b\u9332\u30d7\u30ed\u30bb\u30b9<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30c8\u30fc\u30af\u30f3<\/li>\n\n\n\n<li>\u4eee\u60f3MFA\u30c7\u30d0\u30a4\u30b9\uff08Google Authenticator\u306a\u3069\uff09<\/li>\n\n\n\n<li>SMS\u8a8d\u8a3c<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-20\">\u6761\u4ef6\u4ed8\u304dMFA\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p>\u7279\u5b9a\u306e\u6761\u4ef6\u4e0b\u3067\u306e\u307fMFA\u3092\u8981\u6c42\u3059\u308b\u8a2d\u5b9a\u4f8b\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [{\n    \"Effect\": \"Allow\",\n    \"Action\": [\"s3:*\"],\n    \"Resource\": [\"arn:aws:s3:::production-*\"],\n    \"Condition\": {\n      \"BoolIfExists\": {\"aws:MultiFactorAuthPresent\": \"true\"}\n    }\n  }]\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-21\">\u30bb\u30c3\u30b7\u30e7\u30f3\u7ba1\u7406\u3068\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u6700\u9069\u5316<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-22\">\u30bb\u30c3\u30b7\u30e7\u30f3\u7ba1\u7406\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30bb\u30c3\u30b7\u30e7\u30f3\u671f\u9593\u306e\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   {\n     \"Version\": \"2012-10-17\",\n     \"Statement\": [{\n       \"Effect\": \"Allow\",\n       \"Action\": [\"sts:AssumeRoleWithSAML\"],\n       \"Resource\": \"*\",\n       \"Condition\": {\n         \"NumericLessThan\": {\"saml:SessionDuration\": \"28800\"}\n       }\n     }]\n   }<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>IP\u5236\u9650\u306e\u5b9f\u88c5<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   {\n     \"Version\": \"2012-10-17\",\n     \"Statement\": [{\n       \"Effect\": \"Deny\",\n       \"Action\": \"*\",\n       \"Resource\": \"*\",\n       \"Condition\": {\n         \"NotIpAddress\": {\n           \"aws:SourceIp\": [\n             \"192.0.2.0\/24\",\n             \"203.0.113.0\/24\"\n           ]\n         }\n       }\n     }]\n   }<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-23\">\u304d\u3081\u7d30\u304b\u306a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1<\/h4>\n\n\n<div id=\"id-5497c0db-e414-4346-932e-3535b04a140b\">\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u30a2\u30af\u30bb\u30b9\u30ec\u30d9\u30eb<\/th><th>\u7528\u9014<\/th><th>\u8a2d\u5b9a\u4f8b<\/th><\/tr><\/thead><tbody><tr><td>\u8aad\u307f\u53d6\u308a\u5c02\u7528<\/td><td>\u76e3\u8996\u30fb\u5206\u6790<\/td><td>AWSReadOnlyAccess<\/td><\/tr><tr><td>\u30d1\u30ef\u30fc\u30e6\u30fc\u30b6\u30fc<\/td><td>\u958b\u767a\u30fb\u30c6\u30b9\u30c8<\/td><td>PowerUserAccess<\/td><\/tr><tr><td>\u7ba1\u7406\u8005<\/td><td>\u30a4\u30f3\u30d5\u30e9\u7ba1\u7406<\/td><td>AdministratorAccess<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n<h3 class=\"wp-block-heading\" id=\"i-24\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u76e3\u67fb\u3068\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u306e\u8a2d\u5b9a<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-25\">CloudTrail\u306b\u3088\u308b\u76e3\u67fb\u30ed\u30b0\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30ed\u30b0\u53ce\u96c6\u306e\u8a2d\u5b9a<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   aws cloudtrail create-trail \\\n       --name saml-audit-trail \\\n       --s3-bucket-name my-audit-logs \\\n       --is-multi-region-trail \\\n       --enable-logging<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u76e3\u8996\u3059\u3079\u304d\u91cd\u8981\u306a\u30a4\u30d9\u30f3\u30c8<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SAML\u8a8d\u8a3c\u306e\u6210\u529f\/\u5931\u6557<\/li>\n\n\n\n<li>\u30ed\u30fc\u30eb\u306e\u5f15\u304d\u53d7\u3051<\/li>\n\n\n\n<li>\u6a29\u9650\u306e\u5909\u66f4<\/li>\n\n\n\n<li>\u30bb\u30c3\u30b7\u30e7\u30f3\u306e\u958b\u59cb\/\u7d42\u4e86<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-26\">CloudWatch\u306b\u3088\u308b\u30a2\u30e9\u30fc\u30c8\u8a2d\u5b9a<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30e1\u30c8\u30ea\u30af\u30b9\u30d5\u30a3\u30eb\u30bf\u30fc\u306e\u4f5c\u6210<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   aws logs put-metric-filter \\\n       --log-group-name \"SAMLAuthLogs\" \\\n       --filter-name \"FailedSAMLAuth\" \\\n       --filter-pattern \"{$.eventName = AssumeRoleWithSAML &amp;&amp; $.errorCode = *}\" \\\n       --metric-transformations \\\n           metricName=FailedSAMLAuthCount,metricNamespace=SAMLSecurity,metricValue=1<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u30a2\u30e9\u30fc\u30c8\u306e\u8a2d\u5b9a<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   aws cloudwatch put-metric-alarm \\\n       --alarm-name \"HighFailedSAMLAuth\" \\\n       --metric-name FailedSAMLAuthCount \\\n       --namespace SAMLSecurity \\\n       --period 300 \\\n       --evaluation-periods 1 \\\n       --threshold 5 \\\n       --comparison-operator GreaterThanThreshold \\\n       --alarm-actions arn:aws:sns:region:account-id:alert-topic<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-27\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u30c1\u30a7\u30c3\u30af\u30ea\u30b9\u30c8<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u5b9a\u671f\u7684\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ec\u30d3\u30e5\u30fc<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>[ ] IAM\u30ed\u30fc\u30eb\u3068\u30dd\u30ea\u30b7\u30fc\u306e\u68da\u5378\u3057<\/li>\n\n\n\n<li>[ ] \u672a\u4f7f\u7528\u306e\u8a8d\u8a3c\u60c5\u5831\u306e\u524a\u9664<\/li>\n\n\n\n<li>[ ] \u30a2\u30af\u30bb\u30b9\u6a29\u9650\u306e\u898b\u76f4\u3057<\/li>\n\n\n\n<li>[ ] \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u306e\u78ba\u8a8d<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u5bfe\u5fdc\u8a08\u753b<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>[ ] \u7dca\u6025\u6642\u306e\u9023\u7d61\u4f53\u5236\u306e\u6574\u5099<\/li>\n\n\n\n<li>[ ] \u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u5bfe\u5fdc\u624b\u9806\u306e\u6587\u66f8\u5316<\/li>\n\n\n\n<li>[ ] \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u30a2\u30af\u30bb\u30b9\u65b9\u6cd5\u306e\u78ba\u4fdd<\/li>\n\n\n\n<li>[ ] \u5b9a\u671f\u7684\u306a\u8a13\u7df4\u306e\u5b9f\u65bd<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u5bfe\u5fdc<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>[ ] \u76e3\u67fb\u30ed\u30b0\u306e\u4fdd\u7ba1\u671f\u9593\u78ba\u8a8d<\/li>\n\n\n\n<li>[ ] \u30a2\u30af\u30bb\u30b9\u8a18\u9332\u306e\u5b9a\u671f\u30ec\u30d3\u30e5\u30fc<\/li>\n\n\n\n<li>[ ] \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u306e\u6587\u66f8\u5316<\/li>\n\n\n\n<li>[ ] \u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u8981\u4ef6\u3068\u306e\u6574\u5408\u6027\u78ba\u8a8d<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-28\">\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\u306e\u4f8b<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">graph TD\n    A[CloudTrail Logs] --&gt;|Filter| B[CloudWatch Metrics]\n    B --&gt;|Alert| C[SNS Topic]\n    C --&gt;|Notify| D[Security Team]\n    C --&gt;|Notify| E[Automated Response]\n    E --&gt;|Block| F[Suspicious IP]\n    E --&gt;|Revoke| G[Compromised Credentials]<\/pre>\n\n\n\n<p>\u3053\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u306b\u3088\u308a\u3001\u4ee5\u4e0b\u306e\u52b9\u679c\u304c\u671f\u5f85\u3067\u304d\u307e\u3059\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9\u306e\u65e9\u671f\u691c\u77e5\u3068\u9632\u6b62<\/li>\n\n\n\n<li>\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u8981\u4ef6\u3078\u306e\u9069\u5408<\/li>\n\n\n\n<li>\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u767a\u751f\u6642\u306e\u8fc5\u901f\u306a\u5bfe\u5fdc<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u904b\u7528\u306e\u52b9\u7387\u5316<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-29\">AWS SAML\u306e\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u3068\u904b\u7528\u7ba1\u7406<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-30\">\u3088\u304f\u3042\u308b\u30a8\u30e9\u30fc\u3068\u89e3\u6c7a\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-31\">\u8a8d\u8a3c\u30a8\u30e9\u30fc\u306e\u8a3a\u65ad\u3068\u5bfe\u51e6<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u201cError retrieving SAML token\u201d<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   \u539f\u56e0\uff1a\n   - ID\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u3068\u306e\u901a\u4fe1\u30a8\u30e9\u30fc\n   - \u30e1\u30bf\u30c7\u30fc\u30bf\u306e\u8a2d\u5b9a\u30df\u30b9\n   - \u8a3c\u660e\u66f8\u306e\u671f\u9650\u5207\u308c\n\n   \u89e3\u6c7a\u624b\u9806\uff1a\n   1. \u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u63a5\u7d9a\u306e\u78ba\u8a8d\n   2. \u30e1\u30bf\u30c7\u30fc\u30bf\u306e\u518d\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\n   3. \u8a3c\u660e\u66f8\u306e\u6709\u52b9\u671f\u9650\u78ba\u8a8d<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u201cInvalid SAML response\u201d<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   \u539f\u56e0\uff1a\n   - SAML\u30a2\u30b5\u30fc\u30b7\u30e7\u30f3\u306e\u5f62\u5f0f\u4e0d\u6b63\n   - \u6642\u523b\u540c\u671f\u306e\u554f\u984c\n   - \u7f72\u540d\u691c\u8a3c\u306e\u5931\u6557\n\n   \u89e3\u6c7a\u624b\u9806\uff1a\n   1. SAML\u30ec\u30b9\u30dd\u30f3\u30b9\u306e\u691c\u8a3c\n   2. NTP\u8a2d\u5b9a\u306e\u78ba\u8a8d\n   3. \u8a3c\u660e\u66f8\u306e\u66f4\u65b0<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-32\">\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u306e\u30d5\u30ed\u30fc\u30c1\u30e3\u30fc\u30c8<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">graph TD\n    A[\u8a8d\u8a3c\u30a8\u30e9\u30fc\u767a\u751f] --&gt;|\u78ba\u8a8d| B{\u30a8\u30e9\u30fc\u30e1\u30c3\u30bb\u30fc\u30b8}\n    B --&gt;|SAML Token Error| C[IdP\u901a\u4fe1\u78ba\u8a8d]\n    B --&gt;|Invalid Response| D[SAML\u8a2d\u5b9a\u78ba\u8a8d]\n    B --&gt;|Role Error| E[IAM\u8a2d\u5b9a\u78ba\u8a8d]\n    C --&gt;|OK| F[\u30e1\u30bf\u30c7\u30fc\u30bf\u78ba\u8a8d]\n    D --&gt;|OK| G[\u6642\u523b\u540c\u671f\u78ba\u8a8d]\n    E --&gt;|OK| H[\u6a29\u9650\u78ba\u8a8d]\n    F --&gt; I[\u89e3\u6c7a]\n    G --&gt; I\n    H --&gt; I<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-33\">\u30c7\u30d0\u30c3\u30b0\u30ed\u30b0\u306e\u6d3b\u7528\u65b9\u6cd5<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># CloudWatch Logs\u3067\u306e\u30ed\u30b0\u691c\u7d22\naws logs filter-log-events \\\n    --log-group-name \/aws\/saml\/authentication \\\n    --filter-pattern \"Error\" \\\n    --start-time $(date -v-1H +%s000) \\\n    --query 'events[*].message'<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-34\">\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6700\u9069\u5316\u3068\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0\u6226\u7565<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-35\">\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u6307\u6a19<\/h4>\n\n\n<div id=\"id-a951b3be-2bba-417b-90ff-3a0e36dbfe23\">\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u30e1\u30c8\u30ea\u30af\u30b9<\/th><th>\u8aac\u660e<\/th><th>\u63a8\u5968\u95be\u5024<\/th><\/tr><\/thead><tbody><tr><td>\u8a8d\u8a3c\u30ec\u30a4\u30c6\u30f3\u30b7\u30fc<\/td><td>\u30ea\u30af\u30a8\u30b9\u30c8\u304b\u3089\u8a8d\u8a3c\u5b8c\u4e86\u307e\u3067\u306e\u6642\u9593<\/td><td>&lt; 2\u79d2<\/td><\/tr><tr><td>\u30a8\u30e9\u30fc\u7387<\/td><td>\u8a8d\u8a3c\u30a8\u30e9\u30fc\u306e\u767a\u751f\u7387<\/td><td>&lt; 0.1%<\/td><\/tr><tr><td>\u540c\u6642\u30bb\u30c3\u30b7\u30e7\u30f3\u6570<\/td><td>\u30a2\u30af\u30c6\u30a3\u30d6\u306aSAML\u30bb\u30c3\u30b7\u30e7\u30f3\u6570<\/td><td>\u7d44\u7e54\u30b5\u30a4\u30ba\u306b\u3088\u308b<\/td><\/tr><tr><td>\u30c8\u30fc\u30af\u30f3\u66f4\u65b0\u7387<\/td><td>\u30bb\u30c3\u30b7\u30e7\u30f3\u30c8\u30fc\u30af\u30f3\u306e\u66f4\u65b0\u983b\u5ea6<\/td><td>&lt; 1\u56de\/\u6642\u9593<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n<h4 class=\"wp-block-heading\" id=\"i-36\">\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"sts:AssumeRoleWithSAML\"\n      ],\n      \"Resource\": \"*\",\n      \"Condition\": {\n        \"NumericLessThan\": {\n          \"saml:concurrent-sessions\": \"1000\"\n        }\n      }\n    }\n  ]\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-37\">\u5b9a\u671f\u7684\u306a\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u3068\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u7ba1\u7406<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-38\">\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u30b9\u30b1\u30b8\u30e5\u30fc\u30eb<\/h4>\n\n\n<div id=\"id-1a07f511-4dfb-49dc-9cee-9d9517297994\">\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u30bf\u30b9\u30af<\/th><th>\u983b\u5ea6<\/th><th>\u91cd\u8981\u5ea6<\/th><\/tr><\/thead><tbody><tr><td>\u8a3c\u660e\u66f8\u66f4\u65b0<\/td><td>12\u30f6\u6708<\/td><td>\u91cd\u8981<\/td><\/tr><tr><td>\u30ed\u30fc\u30eb\u6a29\u9650\u30ec\u30d3\u30e5\u30fc<\/td><td>3\u30f6\u6708<\/td><td>\u9ad8<\/td><\/tr><tr><td>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d1\u30c3\u30c1<\/td><td>1\u30f6\u6708<\/td><td>\u6700\u91cd\u8981<\/td><\/tr><tr><td>\u8a2d\u5b9a\u30d0\u30c3\u30af\u30a2\u30c3\u30d7<\/td><td>1\u9031\u9593<\/td><td>\u4e2d<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n<h4 class=\"wp-block-heading\" id=\"i-39\">\u81ea\u52d5\u5316\u30b9\u30af\u30ea\u30d7\u30c8\u306e\u4f8b<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u8a3c\u660e\u66f8\u6709\u52b9\u671f\u9650\u30c1\u30a7\u30c3\u30af<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">import boto3\nimport datetime\n\ndef check_saml_provider_cert():\n    iam = boto3.client('iam')\n    providers = iam.list_saml_providers()['SAMLProviderList']\n\n    for provider in providers:\n        metadata = iam.get_saml_provider(\n            SAMLProviderArn=provider['Arn']\n        )\n        exp_date = metadata['ValidUntil']\n        days_until_expire = (exp_date - datetime.datetime.now()).days\n\n        if days_until_expire &lt; 30:\n            # \u30a2\u30e9\u30fc\u30c8\u901a\u77e5\n            send_alert(f\"\u8a3c\u660e\u66f8\u671f\u9650\u5207\u308c\u307e\u3067{days_until_expire}\u65e5\")<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u8a2d\u5b9a\u30d0\u30c3\u30af\u30a2\u30c3\u30d7<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#!\/bin\/bash\n\n# SAML\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u8a2d\u5b9a\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\naws iam list-saml-providers --query 'SAMLProviderList[*].Arn' --output text | while read arn; do\n    aws iam get-saml-provider --saml-provider-arn $arn &gt; \"backup\/saml-provider-$(date +%Y%m%d).json\"\ndone\n\n# IAM\u30ed\u30fc\u30eb\u8a2d\u5b9a\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\naws iam list-roles --query 'Roles[?contains(RoleName, `SAML`)].[RoleName]' --output text | while read role; do\n    aws iam get-role --role-name $role &gt; \"backup\/role-$role-$(date +%Y%m%d).json\"\ndone<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-40\">\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u30c1\u30a7\u30c3\u30af\u30ea\u30b9\u30c8<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u6708\u6b21\u30c1\u30a7\u30c3\u30af\u9805\u76ee<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>[ ] \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ed\u30b0\u306e\u78ba\u8a8d<\/li>\n\n\n\n<li>[ ] \u30a8\u30e9\u30fc\u7387\u306e\u5206\u6790<\/li>\n\n\n\n<li>[ ] \u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u30e1\u30c8\u30ea\u30af\u30b9\u306e\u8a55\u4fa1<\/li>\n\n\n\n<li>[ ] \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u306e\u5b9f\u884c\u3068\u691c\u8a3c<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u56db\u534a\u671f\u30c1\u30a7\u30c3\u30af\u9805\u76ee<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>[ ] IAM\u30ed\u30fc\u30eb\u3068\u30dd\u30ea\u30b7\u30fc\u306e\u76e3\u67fb<\/li>\n\n\n\n<li>[ ] \u30a2\u30af\u30bb\u30b9\u30d1\u30bf\u30fc\u30f3\u306e\u5206\u6790<\/li>\n\n\n\n<li>[ ] \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u306e\u898b\u76f4\u3057<\/li>\n\n\n\n<li>[ ] \u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306e\u66f4\u65b0<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u5e74\u6b21\u30c1\u30a7\u30c3\u30af\u9805\u76ee<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>[ ] \u8a3c\u660e\u66f8\u306e\u66f4\u65b0<\/li>\n\n\n\n<li>[ ] \u30c7\u30a3\u30b6\u30b9\u30bf\u30ea\u30ab\u30d0\u30ea\u8a08\u753b\u306e\u691c\u8a3c<\/li>\n\n\n\n<li>[ ] \u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u8981\u4ef6\u306e\u78ba\u8a8d<\/li>\n\n\n\n<li>[ ] \u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306e\u898b\u76f4\u3057<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-41\">\u904b\u7528\u52b9\u7387\u5316\u306e\u305f\u3081\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u81ea\u52d5\u5316\u306e\u5c0e\u5165<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u5b9a\u671f\u7684\u306a\u30d0\u30c3\u30af\u30a2\u30c3\u30d7<\/li>\n\n\n\n<li>\u8a3c\u660e\u66f8\u66f4\u65b0\u30a2\u30e9\u30fc\u30c8<\/li>\n\n\n\n<li>\u30a8\u30e9\u30fc\u76e3\u8996\u3068\u901a\u77e5<\/li>\n\n\n\n<li>\u30ec\u30dd\u30fc\u30c8\u751f\u6210<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u8a2d\u5b9a\u5909\u66f4\u5c65\u6b74\u306e\u8a18\u9332<\/li>\n\n\n\n<li>\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u30ac\u30a4\u30c9\u306e\u66f4\u65b0<\/li>\n\n\n\n<li>\u904b\u7528\u624b\u9806\u66f8\u306e\u7dad\u6301<\/li>\n\n\n\n<li>\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u5bfe\u5fdc\u8a18\u9332<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u52b9\u7387\u7684\u306a\u554f\u984c\u89e3\u6c7a\u30d7\u30ed\u30bb\u30b9<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30a8\u30e9\u30fc\u30d1\u30bf\u30fc\u30f3\u306e\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u5316<\/li>\n\n\n\n<li>\u89e3\u6c7a\u624b\u9806\u306e\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u5316<\/li>\n\n\n\n<li>\u30ca\u30ec\u30c3\u30b8\u30d9\u30fc\u30b9\u306e\u69cb\u7bc9<\/li>\n\n\n\n<li>\u30c1\u30fc\u30e0\u9593\u306e\u60c5\u5831\u5171\u6709<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-42\">AWS SAML\u306e\u6d3b\u7528\u4e8b\u4f8b\u3068\u5c06\u6765\u5c55\u671b<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-43\">\u4f01\u696d\u898f\u6a21\u5225\u306e\u5c0e\u5165\u4e8b\u4f8b\u3068\u6210\u529f\u306e\u30dd\u30a4\u30f3\u30c8<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-44\">\u5927\u898f\u6a21\u4f01\u696d\uff08\u5f93\u696d\u54e11000\u4eba\u4ee5\u4e0a\uff09\u3067\u306e\u5c0e\u5165\u4e8b\u4f8b<\/h4>\n\n\n\n<p><strong>\u91d1\u878d\u30b5\u30fc\u30d3\u30b9\u4f01\u696dA\u793e\u306e\u4e8b\u4f8b<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">graph LR\n    A[\u65e2\u5b58AD] --&gt;|\u7d71\u5408| B[Azure AD]\n    B --&gt;|SAML| C[AWS]\n    C --&gt;|\u30de\u30eb\u30c1\u30a2\u30ab\u30a6\u30f3\u30c8| D[\u672c\u756a\u74b0\u5883]\n    C --&gt;|\u30de\u30eb\u30c1\u30a2\u30ab\u30a6\u30f3\u30c8| E[\u958b\u767a\u74b0\u5883]\n    C --&gt;|\u30de\u30eb\u30c1\u30a2\u30ab\u30a6\u30f3\u30c8| F[\u691c\u8a3c\u74b0\u5883]<\/pre>\n\n\n\n<p>\u5c0e\u5165\u52b9\u679c\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30a2\u30ab\u30a6\u30f3\u30c8\u7ba1\u7406\u5de5\u6570\uff1a90%\u524a\u6e1b<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\uff1a75%\u6e1b\u5c11<\/li>\n\n\n\n<li>\u30e6\u30fc\u30b6\u30fc\u30b5\u30dd\u30fc\u30c8\u8cbb\u7528\uff1a60%\u524a\u6e1b<\/li>\n<\/ul>\n\n\n\n<p>\u6210\u529f\u306e\u30dd\u30a4\u30f3\u30c8\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u6bb5\u968e\u7684\u306a\u79fb\u884c\u8a08\u753b<\/li>\n\n\n\n<li>\u5305\u62ec\u7684\u306a\u30e6\u30fc\u30b6\u30fc\u30c8\u30ec\u30fc\u30cb\u30f3\u30b0<\/li>\n\n\n\n<li>24\/7\u30b5\u30dd\u30fc\u30c8\u4f53\u5236\u306e\u78ba\u7acb<\/li>\n<\/ol>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-45\">\u4e2d\u898f\u6a21\u4f01\u696d\uff08\u5f93\u696d\u54e1100-999\u4eba\uff09\u3067\u306e\u5c0e\u5165\u4e8b\u4f8b<\/h4>\n\n\n\n<p><strong>SaaS\u4f01\u696dB\u793e\u306e\u4e8b\u4f8b<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">graph LR\n    A[Okta] --&gt;|SAML| B[AWS]\n    B --&gt;|\u958b\u767a\u30c1\u30fc\u30e0| C[ECS\/ECR]\n    B --&gt;|\u30a4\u30f3\u30d5\u30e9\u30c1\u30fc\u30e0| D[EC2\/VPC]\n    B --&gt;|\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30fc\u30e0| E[IAM\/Security]<\/pre>\n\n\n\n<p>\u5c0e\u5165\u52b9\u679c\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30aa\u30f3\u30dc\u30fc\u30c7\u30a3\u30f3\u30b0\u6642\u9593\uff1a85%\u77ed\u7e2e<\/li>\n\n\n\n<li>\u904b\u7528\u30b3\u30b9\u30c8\uff1a45%\u524a\u6e1b<\/li>\n\n\n\n<li>\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u5bfe\u5fdc\u5de5\u6570\uff1a70%\u524a\u6e1b<\/li>\n<\/ul>\n\n\n\n<p>\u6210\u529f\u306e\u30dd\u30a4\u30f3\u30c8\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u306a\u8a2d\u8a08<\/li>\n\n\n\n<li>\u81ea\u52d5\u5316\u306e\u7a4d\u6975\u7684\u306a\u6d3b\u7528<\/li>\n\n\n\n<li>\u660e\u78ba\u306a\u30ed\u30fc\u30eb\u5b9a\u7fa9<\/li>\n<\/ol>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-46\">\u5c0f\u898f\u6a21\u4f01\u696d\uff08\u5f93\u696d\u54e1100\u4eba\u672a\u6e80\uff09\u3067\u306e\u5c0e\u5165\u4e8b\u4f8b<\/h4>\n\n\n\n<p><strong>\u30b9\u30bf\u30fc\u30c8\u30a2\u30c3\u30d7C\u793e\u306e\u4e8b\u4f8b<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u5c0e\u5165\u30c4\u30fc\u30eb\uff1aGoogle Workspace + AWS SAML\u30b3\u30cd\u30af\u30bf<\/li>\n\n\n\n<li>\u6295\u8cc7\u5bfe\u52b9\u679c\uff1a\u521d\u5e74\u5ea6ROI 250%<\/li>\n\n\n\n<li>\u5c0e\u5165\u671f\u9593\uff1a2\u9031\u9593<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-47\">\u30b3\u30b9\u30c8\u6700\u9069\u5316\u3068ROI\u306e\u8a08\u7b97\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-48\">\u30b3\u30b9\u30c8\u5206\u6790\u30d5\u30ec\u30fc\u30e0\u30ef\u30fc\u30af<\/h4>\n\n\n<div id=\"id-25254589-ef80-40db-9723-98e33019e69d\">\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u30b3\u30b9\u30c8\u9805\u76ee<\/th><th>\u7b97\u51fa\u65b9\u6cd5<\/th><th>\u6a19\u6e96\u7684\u306a\u6bd4\u7387<\/th><\/tr><\/thead><tbody><tr><td>\u521d\u671f\u6295\u8cc7<\/td><td>\u30e9\u30a4\u30bb\u30f3\u30b9\uff0b\u5c0e\u5165\u652f\u63f4\uff0b\u30c8\u30ec\u30fc\u30cb\u30f3\u30b0<\/td><td>\u7dcf\u30b3\u30b9\u30c8\u306e40%<\/td><\/tr><tr><td>\u904b\u7528\u30b3\u30b9\u30c8<\/td><td>\u4fdd\u5b88\uff0b\u76e3\u8996\uff0b\u30b5\u30dd\u30fc\u30c8<\/td><td>\u7dcf\u30b3\u30b9\u30c8\u306e35%<\/td><\/tr><tr><td>\u9593\u63a5\u30b3\u30b9\u30c8<\/td><td>\u751f\u7523\u6027\u4f4e\u4e0b\uff0b\u30c8\u30ec\u30fc\u30cb\u30f3\u30b0<\/td><td>\u7dcf\u30b3\u30b9\u30c8\u306e25%<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n<h4 class=\"wp-block-heading\" id=\"i-49\">ROI\u7b97\u51fa\u30e2\u30c7\u30eb<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">def calculate_saml_roi(implementation_cost, annual_savings, years):\n    \"\"\"\n    SAML\u5b9f\u88c5\u306eROI\u3092\u8a08\u7b97\n\n    Parameters:\n    implementation_cost: \u5c0e\u5165\u30b3\u30b9\u30c8\n    annual_savings: \u5e74\u9593\u524a\u6e1b\u984d\n    years: \u8a08\u7b97\u671f\u9593\uff08\u5e74\uff09\n\n    Returns:\n    ROI\uff08%\uff09\n    \"\"\"\n    total_savings = annual_savings * years\n    roi = ((total_savings - implementation_cost) \/ implementation_cost) * 100\n    return roi<\/pre>\n\n\n\n<p>\u5178\u578b\u7684\u306aROI\u4e8b\u4f8b\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u5927\u898f\u6a21\u4f01\u696d\uff1a200-300%\uff083\u5e74\uff09<\/li>\n\n\n\n<li>\u4e2d\u898f\u6a21\u4f01\u696d\uff1a150-250%\uff082\u5e74\uff09<\/li>\n\n\n\n<li>\u5c0f\u898f\u6a21\u4f01\u696d\uff1a100-200%\uff081\u5e74\uff09<\/li>\n<\/ol>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-50\">\u30b3\u30b9\u30c8\u6700\u9069\u5316\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30e9\u30a4\u30bb\u30f3\u30b9\u7ba1\u7406\u306e\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u672a\u4f7f\u7528\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u5b9a\u671f\u7684\u306a\u68da\u5378<\/li>\n\n\n\n<li>\u30e9\u30a4\u30bb\u30f3\u30b9\u30ec\u30d9\u30eb\u306e\u9069\u6b63\u5316<\/li>\n\n\n\n<li>\u30dc\u30ea\u30e5\u30fc\u30e0\u30c7\u30a3\u30b9\u30ab\u30a6\u30f3\u30c8\u306e\u6d3b\u7528<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u904b\u7528\u30b3\u30b9\u30c8\u306e\u524a\u6e1b<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u81ea\u52d5\u5316\u306e\u7a4d\u6975\u7684\u306a\u5c0e\u5165<\/li>\n\n\n\n<li>\u30bb\u30eb\u30d5\u30b5\u30fc\u30d3\u30b9\u6a5f\u80fd\u306e\u6d3b\u7528<\/li>\n\n\n\n<li>\u76e3\u8996\u30fb\u30a2\u30e9\u30fc\u30c8\u306e\u6700\u9069\u5316<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b9\u30b1\u30fc\u30ea\u30f3\u30b0\u30b3\u30b9\u30c8\u306e\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6bb5\u968e\u7684\u306a\u62e1\u5f35\u8a08\u753b<\/li>\n\n\n\n<li>\u30ea\u30bd\u30fc\u30b9\u306e\u9069\u5207\u306a\u30b5\u30a4\u30b8\u30f3\u30b0<\/li>\n\n\n\n<li>\u4f59\u5270\u30ea\u30bd\u30fc\u30b9\u306e\u524a\u6e1b<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-51\">\u4eca\u5f8c\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3068\u6280\u8853\u52d5\u5411<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-52\">2024-2025\u5e74\u306e\u4e3b\u8981\u30c8\u30ec\u30f3\u30c9<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Zero Trust\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u3068\u306e\u7d71\u5408<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   graph TD\n       A[SAML\u8a8d\u8a3c] --&gt;|\u7d71\u5408| B[Zero Trust]\n       B --&gt;|\u9069\u7528| C[\u30c7\u30d0\u30a4\u30b9\u8a8d\u8a3c]\n       B --&gt;|\u9069\u7528| D[\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u8a8d\u8a3c]\n       B --&gt;|\u9069\u7528| E[\u7d99\u7d9a\u7684\u691c\u8a3c]<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>AI\u306b\u3088\u308b\u8a8d\u8a3c\u5f37\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u884c\u52d5\u5206\u6790\u306b\u3088\u308b\u7570\u5e38\u691c\u77e5<\/li>\n\n\n\n<li>\u52d5\u7684\u306a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1<\/li>\n\n\n\n<li>\u30ea\u30b9\u30af\u30d9\u30fc\u30b9\u306e\u8a8d\u8a3c<\/li>\n<\/ul>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u5316\u306e\u9032\u5c55<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30b3\u30f3\u30c6\u30ca\u74b0\u5883\u3067\u306e\u8a8d\u8a3c<\/li>\n\n\n\n<li>\u30b5\u30fc\u30d0\u30fc\u30ec\u30b9\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3<\/li>\n\n\n\n<li>\u30de\u30a4\u30af\u30ed\u30b5\u30fc\u30d3\u30b9\u5bfe\u5fdc<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-53\">\u5c06\u6765\u306e\u5c55\u671b<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u6280\u8853\u7684\u306a\u767a\u5c55<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u751f\u4f53\u8a8d\u8a3c\u3068\u306e\u7d71\u5408<\/li>\n\n\n\n<li>\u30d6\u30ed\u30c3\u30af\u30c1\u30a7\u30fc\u30f3\u30d9\u30fc\u30b9\u306e\u8a8d\u8a3c<\/li>\n\n\n\n<li>\u91cf\u5b50\u8010\u6027\u306e\u3042\u308b\u8a8d\u8a3c<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u898f\u5236\u3068\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30c7\u30fc\u30bf\u30d7\u30e9\u30a4\u30d0\u30b7\u30fc\u898f\u5236\u306e\u5f37\u5316<\/li>\n\n\n\n<li>\u696d\u754c\u6a19\u6e96\u306e\u9032\u5316<\/li>\n\n\n\n<li>\u30b0\u30ed\u30fc\u30d0\u30eb\u5bfe\u5fdc\u306e\u8981\u4ef6<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30e6\u30fc\u30b6\u30fc\u30a8\u30af\u30b9\u30da\u30ea\u30a8\u30f3\u30b9<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30d1\u30b9\u30ef\u30fc\u30c9\u30ec\u30b9\u8a8d\u8a3c\u306e\u666e\u53ca<\/li>\n\n\n\n<li>\u30b7\u30fc\u30e0\u30ec\u30b9\u306a\u8a8d\u8a3c\u4f53\u9a13<\/li>\n\n\n\n<li>\u30e2\u30d0\u30a4\u30eb\u30d5\u30a1\u30fc\u30b9\u30c8\u8a2d\u8a08<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-54\">\u6e96\u5099\u3059\u3079\u304d\u5bfe\u5fdc\u4e8b\u9805<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u6280\u8853\u9762\u3067\u306e\u6e96\u5099<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6700\u65b0\u6280\u8853\u306ePoC\u306e\u5b9f\u65bd<\/li>\n\n\n\n<li>\u30b9\u30ad\u30eb\u30bb\u30c3\u30c8\u306e\u66f4\u65b0<\/li>\n\n\n\n<li>\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306e\u898b\u76f4\u3057<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u7d44\u7e54\u9762\u3067\u306e\u6e96\u5099<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30c1\u30fc\u30e0\u4f53\u5236\u306e\u6574\u5099<\/li>\n\n\n\n<li>\u30c8\u30ec\u30fc\u30cb\u30f3\u30b0\u8a08\u753b\u306e\u7b56\u5b9a<\/li>\n\n\n\n<li>\u4e88\u7b97\u306e\u78ba\u4fdd<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u6226\u7565\u9762\u3067\u306e\u6e96\u5099<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30ed\u30fc\u30c9\u30de\u30c3\u30d7\u306e\u4f5c\u6210<\/li>\n\n\n\n<li>\u30ea\u30b9\u30af\u8a55\u4fa1\u306e\u5b9f\u65bd<\/li>\n\n\n\n<li>\u512a\u5148\u9806\u4f4d\u306e\u8a2d\u5b9a<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Warning: Undefined array key &#8220;is_admin&#8221; in \/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/ &#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":{"0":"post-2436","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-aws","7":"nothumb"},"_links":{"self":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2436"}],"version-history":[{"count":1,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2436\/revisions"}],"predecessor-version":[{"id":2437,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2436\/revisions\/2437"}],"wp:attachment":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2436"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}