AWS Certificate Manager ã«ãããAWS ã®åçš®ãµãŒãã¹ãšã客æ§ã®å éšæ¥ç¶ãªãœãŒã¹ã§äœ¿çšãããããªãã¯ãšãã©ã€ããŒãã® Secure Sockets Layer/Transport Layer Security (SSL/TLS) èšŒææžã®ããããžã§ãã³ã°ã管çãããã³ãããã€ãç°¡åã«è¡ããŸããSSL/TLS èšŒææžã¯ããããã¯ãŒã¯éä¿¡ãä¿è·ãããã©ã€ããŒããããã¯ãŒã¯äžã®ãªãœãŒã¹ãšåæ§ã«ã€ã³ã¿ãŒãããäžã® Web ãµã€ãã®ã¢ã€ãã³ãã£ãã£ã確ç«ããããã«äœ¿çšãããŸããAWS Certificate Manager ã䜿çšããã°ãSSL/TLS èšŒææžã®è³Œå ¥ãã¢ããããŒããããã³æŽæ°ãšããæéã®ãããããã»ã¹ãæåã§è¡ãå¿ èŠããªããªããŸããAWS Certificate Manager ã䜿ãã°ãèšŒææžã®ãªã¯ãšã¹ããããã³ Elastic Load Balancingã Amazon CloudFront ãã£ã¹ããªãã¥ãŒã·ã§ã³ãAmazon API Gateway ã® API ãšãã£ã AWS ã®ãªãœãŒã¹ã§ã®èšŒææžã® ACM ã«çµ±åããã AWS ã§ã®ãããã€ããã°ããç°¡åã«è¡ãããšãã§ããŸãããŸããèšŒææžã¯èªåçã«æŽæ°ãããŸãããŸãå éšãªãœãŒã¹ã®ããã®ãã©ã€ããŒãèšŒææžãäœæããèšŒææžã©ã€ããµã€ã¯ã«ãäžå€®ã§ç®¡çããããšãå¯èœã«ãªããŸããACM çµ±åãµãŒãã¹ã®ããã« AWS Certificate Manager ãéããŠããããžã§ãã³ã°ããããããªãã¯ããã©ã€ããŒãèšŒææžã¯ç¡æã§ãããæ¯æãããã ãã®ã¯ãã¢ããªã±ãŒã·ã§ã³ãå®è¡ããããã«äœæãã AWS ãªãœãŒã¹ã®æéã®ã¿ã§ãããã©ã€ããŒãèšŒææžã«ã€ããŠã¯ããã©ã€ããŒã CA ã®ãªãã¬ãŒã·ã§ã³ãšã客æ§ã®çºè¡ãããã©ã€ããŒãèšŒææžã«å¯ŸããŠæã ãæ¯æããã ããŸãã
AWS Certificate Manager ã®éå§æ¹æ³
ãŸãã¯ç¡æã§å§ãã
SSL ãšãã®åŸç¶ã® TLS ã¯ããããã¯ãŒã¯éä¿¡ãæå·åããã€ã³ã¿ãŒãããã§ãŠã§ããµã€ãã®ã¢ã€ãã³ãã£ãã£ã確ç«ããããã®æ¥çæšæºãããã³ã«ã§ããSSL/TLS ã§ã¯è»¢éäžã®æ©å¯ããŒã¿ã®æå·åãš SSL/TLS èšŒææžã䜿çšããèªèšŒãè¡ãããšãã§ãããµã€ãã®ã¢ã€ãã³ãã£ãã£ããã©ãŠã¶/ã¢ããªã±ãŒã·ã§ã³ãšãµã€ããšã®éã®å®å šãªæ¥ç¶ã確ç«ã§ããŸããAWS Certificate Manager ã§ã¯ SSL/TLS èšŒææžãç°¡åã«ããããžã§ãã³ã°ããã³ç®¡çã§ãããããSSL/TLS ãããã³ã«ã䜿çšãããããŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ãèšå®ã§ããŸãã
ãã©ã€ããŒãèšŒææžã¯ããµãŒããŒãã¢ãã€ã«ããã³ IoT ããã€ã¹ãã¢ããªã±ãŒã·ã§ã³ãªã©ã®ãã©ã€ããŒããããã¯ãŒã¯äžã§æ¥ç¶ããããªãœãŒã¹ã®éã®éä¿¡ãç¹å®ããã»ãã¥ãªãã£ã確ä¿ããããã«äœ¿ãããŸããAWS Certificate Manager (ACM) ãã©ã€ããŒãèªèšŒæ©é¢ (CA) ã¯ãããŒãžãåã®ãã©ã€ããŒã CA ãµãŒãã¹ã§ããã©ã€ããŒãèšŒææžã®ã©ã€ããµã€ã¯ã«ã容æã§å®å
šã«ç®¡çããã®ã«åœ¹ç«ã¡ãŸããACM ãã©ã€ããŒã CA ã§ã¯ãé«å¯çšæ§ã®ãã©ã€ããŒã CA ããèªç€Ÿã®ãã©ã€ããŒã CA ããªãã¬ãŒã·ã§ã³ããããã®å
è¡æè³ãç¶ç¶çãªã¡ã³ããã³ã¹ã³ã¹ããªãã«åŸãããŸããACM ãã©ã€ããŒã CA 㯠ACM ã®èšŒææžç®¡çæ©èœããã©ã€ããŒãèšŒææžã«æ¡åŒµãããããªãã¯ããã³ãã©ã€ããŒãèšŒææžãäžå€®ã§äœæã管çã§ããããã«ããŸããACM ãã©ã€ããŒã CA ã§ã¯ãããããããŒã®æ¹ã¯ API ãçšããŠããã°ã©ã ã§ãã©ã€ããŒãèšŒææžãäœæããããã€ã§ããããã«ãªããè¿
éæ§ãåäžããŸãããŸããã«ã¹ã¿ã èšŒææžã©ã€ãã¿ã€ã ãŸãã¯ãªãœãŒã¹åãèŠããã¢ããªã±ãŒã·ã§ã³ã®ããã®ãã©ã€ããŒãèšŒææžãäœæããæè»æ§ãåŸãããŸãããã©ã€ããŒãèªèšŒæ©é¢ã«ã€ããŠè©³çްãã芧ãã ããã
AWS Certificate Manager ã䜿çšããã°ããŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ã®ããã« SSL/TLS èšŒææžãååŸããéã«å¿ èŠãªãæéãããããšã©ãŒãçºçããããå€ãã®ã¹ããããå®è¡ããå¿ èŠããªããªããŸããããŒãã¢ãèšŒææžçœ²åãªã¯ãšã¹ã (CSR) ã®çæãèªèšŒæ©é¢ãžã® CSR ã®éä¿¡ãèšŒææžã®åãåãåŸã®ã¢ããããŒããšã€ã³ã¹ããŒã«ã¯å¿ èŠãããŸãããAWS ãããžã¡ã³ãã³ã³ãœãŒã«ã§æ°åã¯ãªãã¯ããã®ã¿ã§ãä¿¡é Œã§ãã SSL/TLS èšŒææžã AWS ã«ãªã¯ãšã¹ãã§ããŸããèšŒææžãäœæããããšèšŒææžãèªåçã«ãããã€ããããããã客æ§ã¯ãŠã§ããµã€ããã¢ããªã±ãŒã·ã§ã³ã® SSL/TLS ãæå¹ã«ã§ããŸãã
AWS Certificate Manager ã§ã¯ã Elastic Load Balancing ã API Gateway ãªã©ã® ACM çµã¿èŸŒã¿ã®ãµãŒãã¹ ãšå ±ã«äœ¿ããããªãã¯ãŸãã¯ãã©ã€ããŒã SSL/TLS èšŒææžã®ããããžã§ãã³ã°ã«ã¯ãè¿œå æéã¯ããããŸããããæ¯æãããã ãã®ã¯ãã¢ããªã±ãŒã·ã§ã³ãå®è¡ããããã«äœæãã AWS ãªãœãŒã¹ã®æéã®ã¿ã§ãããã©ã€ããŒãèšŒææžã«ã¯ãACM ãã©ã€ããŒã CAãã¯ãäœæãããµãŒãã¹ãšèšŒææžã«å¯ŸããŠæã ã®æ¯æãããããšãã§ããŸããäœæãããã©ã€ããŒãèšŒææžã®æ°ãå€ããªããšãèšŒææžåœããã®æéã¯å°ãªããªããŸãã
AWS Certificate Manager ã¯ãACM å
ã§ç®¡çãããElastic Load Balancing ã API Gateway ãªã©ã® ACM çµã¿èŸŒã¿ã®ãµãŒãã¹ã§äœ¿ãããŠããèšŒææžã®æŽæ°ããã»ã¹ã管çããŸããACM ã¯ãããã®èšŒææžã®æŽæ°ãšãããã€ã¡ã³ããèªååããŸããACM ãã©ã€ããŒã CA API ã§ã¯ãACM ã¯ãªã³ãã¬ãã¹ãªãœãŒã¹ãEC2 ã€ã³ã¹ã¿ã³ã¹ãIoT ããã€ã¹ã«å¯Ÿãããã©ã€ããŒãèšŒææžã®äœæãšæŽæ°ãèªååã§ããŸãã
AWS Certificate Manager ã§ã¯ãSSL/TLS èšŒææžã§äœ¿çšããããã©ã€ããŒãããŒãä¿è·ããã³ç®¡çããããèšèšãããŠããŸãããã©ã€ããŒãããŒãä¿è·ããã³ä¿åããéã«ã¯ã匷åãªæå·åãšããŒç®¡çã«é¢ãããã¹ããã©ã¯ãã£ã¹ã䜿çšãããŸãã
ãã AWS ãªãŒãžã§ã³ã§ AWS Certificate Manager ã«ããæäŸããã SSL/TLS èšŒææžã¯ãAWS ãããžã¡ã³ãã³ã³ãœãŒã«ãAWS CLIãAWS Certificate Manager API ã䜿ã£ãŠç°¡åã«éäžç®¡çã§ããŸããAmazon CloudTrail ãã°ã確èªããŠãåèšŒææžã®äœ¿çšç¶æ³ãç£æ»ããããšãã§ããŸãã
AWS Certificate Manager 㯠AWS ã®ä»ã®ãµãŒãã¹ãšçµ±åãããŠãããããSSL/TLS èšŒææžãããããžã§ãã³ã°ããElastic Load BalancingãAmazon CloudFront ãã£ã¹ããªãã¥ãŒã·ã§ã³ã Amazon API Gateway ã® API ã§ãããã€ã§ããŸããAWS Certificate Manager ã¯ãŸã E ã¡ãŒã«ã§æ€èšŒããããããªãã¯èšŒææžã® AWS Elastic Beanstalk ãš AWS CloudFormation ãšå ±ã«äœ¿çšã§ããèšŒææžã®ç®¡çã容æã«ããŸããããã AWS ã¯ã©ãŠãã§ã䜿ãã®ã¢ããªã±ãŒã·ã§ã³ãšå ±ã«äœ¿çšã§ããããã«ããŸããAWS ãªãœãŒã¹ã§èšŒææžããããã€ããã«ã¯ãAWS ãããžã¡ã³ãã³ã³ãœãŒã«ã®ããããããŠã³ãªã¹ãã§ãããã€ããèšŒææžãéžæããŸãããŸãã¯ãAWS API ã AWS CLI ãåŒã³åºããŠãèšŒææžããªãœãŒã¹ã«é¢é£ä»ããããšãã§ããŸãããã®åŸãAWS Certificate Manager ã«ãããéžæããããªãœãŒã¹ã«èšŒææžãèªåçã«ãããã€ãããŸãã
AWS Certificate Manager ã䜿çšãããšããµãŒãããŒãã£ãŒã®èªèšŒæ©é¢ (CA) ã«ããçºè¡ããã SSL/TLS èšŒææžã®ã€ã³ããŒããšãElastic Load Balancingã Amazon CloudFront ãã£ã¹ããªãã¥ãŒã·ã§ã³ã Amazon API Gateway ã® API ã§ã®èšŒææžã®ãããã€ãç°¡åã«è¡ãããšãã§ããŸããã€ã³ããŒãããèšŒææžã®æå¹æéãã¢ãã¿ãªã³ã°ããŠãæ¢åã®èšŒææžã®æéåããè¿ãå Žåã¯ä»£æ¿ãã€ã³ããŒãã§ããŸãããŸãã¯ãAWS Certificate Manager ã«ããç¡æèšŒææžããªã¯ãšã¹ãããŠãä»åŸã®æŽæ°ç®¡çã AWS ã«ä»»ããããšãå¯èœã§ããèšŒææžã®ã€ã³ããŒãã«ã¯äžåè²»çšãããããŸããã
SSL/TLS ãç°¡åã«æå¹ã«ã§ãããããAWS Certificate Manager ã¯ã転éäžã®ããŒã¿ã®æå·åã«é¢ããèŠå¶ãã³ã³ãã©ã€ã¢ã³ã¹ã®èŠä»¶ãäŒæ¥ãæºããã®ã«åœ¹ç«ã¡ãŸããã³ã³ãã©ã€ã¢ã³ã¹ã«é¢ããå
·äœçãªæ
å ±ã«ã€ããŠã¯ãAWS ã³ã³ãã©ã€ã¢ã³ã¹ã®ãµã€ããåç
§ããŠãã ããã
AWS Certificate Manager ã¯ãŸããSSL/TLS èšŒææžã®æŽæ°ãªã©ãèšŒææžã®ç¶æã«é¢ãã課é¡ã管çããã®ã«ã圹ç«ã€ãããèšŒææžã®æéåãã«ã€ããŠå¿é ããå¿ èŠã¯ãããŸããã

