目次
Amazon WorkMail 完全ガイド v2.0
Tier 2 エンタープライズメールボックス・カレンダー・コラボレーション(廃止予定)
ドキュメントの目的
本ガイドは以下を対象としています。
- 初心者向け: Amazon WorkMail とは何か、メールボックス・カレンダー・リソース管理の基本を学びたい方
- 管理者向け: Organization・User・Mailbox・Mobile Device を管理したい方
- 開発者向け: IMAP/POP3・Exchange ActiveSync・API を統合したい方
- 意思決定者向け: Microsoft 365・Google Workspace・ProtonMail との比較・移行判断
2025-2026 年の Amazon WorkMail 最新動向 - 重要なお知らせ
2026年3月31日に Amazon WorkMail のサポートが終了します。 これは AWS による戦略転換に伴うもので、以下が影響を受けます:
- 新規顧客受付: 2026年4月30日より停止
- 既存ユーザー: 2027年3月31日まで使用可能(段階的廃止)
- メール・カレンダー・リソース管理機能: サービス終了
推奨マイグレーションパス:
- Email → Microsoft 365 / Google Workspace / ProtonMail
- Calendar/Contacts → Microsoft 365 / Google Workspace
- File sharing → Amazon WorkDocs / SharePoint
詳細は Amazon WorkMail end of support を参照。
目次
- 本質・定義
- WorkMail が解決する課題
- 主な特徴
- アーキテクチャ
- コアコンポーネント
- 主要ユースケース(10+)
- 設定・操作の具体例
- 類似サービス比較表
- ベストプラクティス
- トラブルシューティング
- 廃止予定・マイグレーション
- 学習リソース・参考文献
- 実装例・チェックリスト
- まとめ
本質・定義
Amazon WorkMail は AWS のエンタープライズメール・カレンダー・コラボレーション管理サービス。以下を提供します:
- Email: Outlook・Apple Mail・Thunderbird 互換
- Calendar: Shared calendar・Meeting booking・Free/busy info
- Contacts: Global Address List・Distribution lists
- Resources: Conference rooms・Equipment management
- Mobile Device Management: Exchange ActiveSync・Mobile security
- IMAP/POP3: Legacy email client 対応
- API Integration: AWS ネイティブ統合・管理自動化
ただし 2027年3月31日にサービス廃止予定のため、新規導入は非推奨。
WorkMail が解決する課題
1. Exchange 互換メールシステム
Exchange Server 不要で、クラウドベースの Outlook 互換メール。
2. Outlook 統合
Outlook desktop client・Outlook Web Access・Outlook mobile で完全互換。
3. カレンダー・会議管理
共有カレンダー・会議室予約・参加者管理。
4. リソース管理
会議室・プロジェクタ・車など equipment の availability 管理。
5. AWS 統合
Lambda・SNS・SES・Cognito との Native Integration。
主な特徴
| 機能 | 説明 |
|---|---|
| Outlook compatible・IMAP/POP3・S/MIME encryption | |
| Calendar | Shared calendar・Booking assistant・Free/busy |
| Contacts | Global Address List・Distribution lists・Groups |
| Resources | Room booking・Equipment management・Availability |
| Mobile | Exchange ActiveSync・iOS/Android native support |
| Storage | 50GB/user default・Expandable |
| Encryption | In-transit & at-rest encryption・KMS integration |
| Compliance | HIPAA・PCI・SOC 2 compliant・Audit logs |
| Integration | Lambda・SNS・SES・Cognito・Directory Service |
| Retention Policy | Email retention・Deletion rules |
アーキテクチャ
graph TB
A["Outlook Client<br/>(Desktop/Web/Mobile)"] -->|IMAP/SMTP| B["WorkMail Server<br/>(Cloud Mailbox)"]
C["Apple Mail<br/>(Desktop/Mobile)"] -->|IMAP/SMTP| B
D["Mobile Device<br/>(iPhone/Android)"] -->|Exchange ActiveSync| B
E["Thunderbird"] -->|IMAP| B
B -->|Store| F["Mailbox Storage<br/>(DynamoDB Backend)"]
B -->|Store| G["Calendar Data<br/>(DynamoDB)"]
B -->|Store| H["Contacts<br/>(Directory Service)"]
I["WorkMail Admin Console"] -->|Manage| J["Organization<br/>(Users, Groups, Resources)"]
J -->|Sync| K["AWS Directory Service<br/>(AD Connector / Cloud Directory)"]
K -->|Auth| L["AWS IAM / Cognito"]
B -->|Trigger| M["Lambda<br/>(Custom handlers)"]
M -->|Send| N["SES<br/>(Email notifications)"]
M -->|Publish| O["SNS<br/>(Event notifications)"]
P["Mobile Device Manager"] -->|Secure| D
B -->|Audit Logs| Q["CloudTrail"]
Q -->|Archive| R["S3<br/>(Compliance archival)"]
S["API<br/>(REST)"] -->|Manage| J
Email Flow
graph LR
A["Sender<br/>(External or Internal)"] -->|SMTP| B["WorkMail Inbound<br/>(MX record)"]
B -->|Spam Check| C["Spam Filter"]
C -->|Virus Scan| D["Antivirus"]
D -->|Deliver| E["Recipient Mailbox"]
E -->|Sync| F["Outlook Client<br/>(Desktop)"]
E -->|Sync| G["Outlook Web<br/>(Browser)"]
E -->|Sync| H["Mobile App<br/>(ActiveSync)"]
I["Internal Sender<br/>(Another user)"] -->|Internal delivery| E
コアコンポーネント
1. Organization(オーガナイゼーション)
WorkMail の最上位単位・管理コンテナ。
Key Attributes:
- Organization ID - 一意の organization 識別子
- Directory Type - AWS Managed Directory / AD Connector / Cognito
- Domain Name - Email domain(例:user@company.example.com)
- Region - Data residency(regional deployment)
Example:
{
"OrganizationId": "org-abc123",
"Alias": "company",
"DirectoryId": "d-12345",
"DefaultMailDomain": "company.example.com",
"CreatedDate": "2026-01-15T00:00:00Z",
"State": "Active"
}
2. User(ユーザー)
メールボックス所有者・リソース利用者。
User Types:
- User - Standard mailbox・Calendar・Contacts
- Resource - Room / Equipment(mailbox なし)
- Group - Distribution list(複数ユーザーへの email forward)
User Attributes:
{
"UserId": "user-xyz789",
"Name": "Alice Johnson",
"Email": "alice@company.example.com",
"PrimaryEmail": "alice@company.example.com",
"SecondaryEmail": "alice.johnson@company.example.com",
"FirstName": "Alice",
"LastName": "Johnson",
"MailboxQuota": 50 // GB
}
3. Mailbox(メールボックス)
Email storage・Calendar・Contacts container。
Mailbox Properties:
- Mailbox ID - Unique identifier
- User ID - Owner user
- Quota - Storage limit(default 50GB)
- Retention Policy - Email retention rules
- Encryption - KMS key for encryption
Example:
{
"MailboxId": "mailbox-001",
"UserId": "user-xyz789",
"QuotaUsed": 12.5, // GB
"QuotaLimit": 50, // GB
"CreatedDate": "2026-01-15T00:00:00Z"
}
4. Resource(リソース)
会議室・機材などの共有リソース管理。
Resource Types:
- Room - Conference room・Meeting space
- Equipment - Projector・Laptop・Whiteboard
- Vehicle - Company car・Parking space
Resource Management:
{
"ResourceId": "resource-conf-room-a",
"Type": "Room",
"Name": "Conference Room A",
"Email": "conference-room-a@company.example.com",
"Capacity": 12,
"CalendarEnabled": true,
"BookingAssistantEnabled": true,
"Delegate": "room-manager@company.example.com"
}
5. Mobile Device(モバイルデバイス)
Exchange ActiveSync デバイス管理。
Device Attributes:
- Device ID - Unique device identifier
- Device Type - iPhone / Android / Windows Phone
- User ID - Associated user
- Trust Status - Trusted / Untrusted
- Last Sync - Last synchronization time
Mobile Device Management:
{
"DeviceId": "device-mobile-001",
"UserId": "user-xyz789",
"Type": "iPhone",
"Model": "iPhone 15",
"OS": "iOS 17.4",
"TrustStatus": "Trusted",
"LastSyncDate": "2026-04-28T10:30:00Z",
"LastAccessTime": "2026-04-28T10:35:00Z"
}
6. Directory Service Integration(ディレクトリ統合)
User・Group・Contact 管理の一元化。
Directory Types:
- AWS Managed Directory - AWS が管理する Active Directory
- AD Connector - On-premises AD との同期
- Cloud Directory - AWS CloudDirectory での管理
- External LDAP - LDAP server 統合
主要ユースケース(10+)
1. Mid-market Outlook Replacement
中堅企業向け Exchange server 置き換え。
Architecture:
- 500 users
- Outlook desktop / Web / Mobile clients
- Shared calendars・Conference room booking
- 50GB/user mailbox quota
- Internal company domain: company.example.com
- Cost: ~$4-5/user/month
2. Global Company Email
グローバル企業向けメール・カレンダー・リソース管理。
Setup:
- Multiple regions (us-east-1, eu-west-1, ap-northeast-1)
- 2,000+ users
- Shared address book
- Compliance archive (GDPR, retention)
- Auto-reply with timezone awareness
3. Financial Services Organization
金融機関向け regulated email。
Requirements:
- HIPAA / PCI compliance
- Email encryption (S/MIME)
- Audit trails・Retention policy
- DLP (Data Loss Prevention) via Lambda
- Archive to S3 for compliance
4. AWS-native Collaboration
AWS インフラとの deep integration。
Workflow:
1. Lambda detects event
→ Publishes to SNS
2. SNS→ WorkMail
→ Sends email notification to user
3. User replies to email
→ Lambda trigger
→ Updates database / triggers workflow
5. Conference Room Booking
会議室管理・自動予約。
Setup:
- Create "Conference-Room-A@company.example.com"
- Set capacity: 12 people
- Enable BookingAssistant
- Delegate to receptionist
Usage:
- User invites room to meeting
- Room's booking assistant auto-accepts/declines
- Prevents double-booking
- Updates shared calendar
6. Distribution Lists & Groups
メーリングリスト・グループメール。
Example:
- engineering@company.example.com
→ Includes 50 engineers
- When user sends to engineering@...
→ All members receive copy
- Group manager controls membership
7. Executive Assistant Setup
役員秘書による代理メール管理。
Scenario:
- CEO delegates email to assistant
- Assistant reads CEO's emails
- Responds on behalf of CEO
- CEO reviews & approves important messages
8. Mobile-first Organization
モバイル主導の organization。
Devices:
- iPhone / Android devices
- Exchange ActiveSync sync
- Auto-sync mail/calendar/contacts
- Remote wipe capability for lost devices
9. Retention & Compliance Archive
コンプライアンス・保持ポリシー。
Policy:
- Standard user email: Retain 7 years
- Regulatory roles (Legal, Finance): Retain 10 years
- Auto-delete after retention expires
- Export to S3/Glacier for long-term archive
10. SMTP Relay for Applications
アプリケーションからのメール送信。
Scenario:
- Application sends email via WorkMail SMTP
- Authentication: Service account
- Route: company.example.com
- Logging: CloudTrail audit
11. Out-of-office & Auto-reply
OOO・自動返信管理。
Setup:
- Set OOO dates: April 28 - May 5
- Auto-reply: "I'm away, back May 6"
- Delegate to team member
- Auto-reply to external only
12. Directory Synchronization
On-premises AD との同期。
Architecture:
- AD Connector syncs on-prem AD
- WorkMail users auto-created
- Password sync via AD
- Group membership sync
- Changes reflect in 5-15 minutes
設定・操作の具体例
AWS Console - Organization & User 作成
1. Organization 作成
1. WorkMail Console → Create Organization
2. Organization name: "MyCompany"
3. Directory: AWS Managed Directory (New)
4. Domain name: company.example.com
5. Admin user: admin@company.example.com
6. Create → ~15 min for setup
2. User 作成
1. WorkMail Organization → Users
2. Create User
3. Name: Alice Johnson
4. Email: alice@company.example.com
5. Password: (auto-generated or custom)
6. First Login: User must set password
7. Create → Mailbox ready
3. Resource 作成(会議室)
1. WorkMail Organization → Resources
2. Create Resource
3. Name: Conference Room A
4. Email: conf-room-a@company.example.com
5. Type: Room
6. Capacity: 12
7. Booking Assistant: Enable
8. Create → Calendar accessible
AWS CLI - Organization & User 管理
# Organization list
aws workmail list-organizations
# Create user
aws workmail create-user \
--organization-id org-abc123 \
--name "Alice Johnson" \
--email alice@company.example.com \
--password TempPassword123!
# List users
aws workmail list-users \
--organization-id org-abc123
# Get user details
aws workmail describe-user \
--organization-id org-abc123 \
--user-id user-xyz789
# Update user
aws workmail update-user \
--organization-id org-abc123 \
--user-id user-xyz789 \
--job-title "Senior Engineer" \
--company "MyCompany" \
--office "SF" \
--telephone "+1-555-1234" \
--street "123 Main St" \
--city "San Francisco" \
--state "CA" \
--zip-code "94105" \
--country "USA"
# Delete user
aws workmail delete-user \
--organization-id org-abc123 \
--user-id user-xyz789
# Create group
aws workmail create-group \
--organization-id org-abc123 \
--name "Engineering Team" \
--email engineering@company.example.com
# Add users to group
aws workmail associate-member-to-group \
--organization-id org-abc123 \
--group-id group-001 \
--member-id user-xyz789
# Get mailbox details
aws workmail describe-mailbox \
--organization-id org-abc123 \
--user-id user-xyz789
# Set mailbox retention policy
aws workmail put-retention-policy \
--organization-id org-abc123 \
--folder-configurations '[
{
"Name": "INBOX",
"Action": "DELETE",
"Period": 2555
}
]'
# List mobile devices
aws workmail list-mobile-device_access_overrides \
--organization-id org-abc123 \
--user-id user-xyz789
# Wipe mobile device
aws workmail reset-personal_access_device \
--organization-id org-abc123 \
--user-id user-xyz789 \
--device-id device-mobile-001
Python SDK - Mailbox & Calendar Management
import boto3
from datetime import datetime, timedelta
class WorkMailService:
def __init__(self, org_id):
self.workmail = boto3.client('workmail')
self.org_id = org_id
def create_user(self, name, email, password):
"""Create WorkMail user"""
response = self.workmail.create_user(
OrganizationId=self.org_id,
Name=name,
Email=email,
Password=password,
FirstName=name.split()[0],
LastName=name.split()[-1]
)
return response['UserId']
def get_mailbox_quota(self, user_id):
"""Get mailbox storage quota"""
response = self.workmail.describe_mailbox(
OrganizationId=self.org_id,
UserId=user_id
)
return {
'QuotaUsed': response['MailboxQuota']['QuotaUsed'],
'QuotaLimit': response['MailboxQuota']['QuotaLimit']
}
def set_mailbox_retention(self, user_id, retention_days):
"""Set email retention policy"""
response = self.workmail.put_retention_policy(
OrganizationId=self.org_id,
UserId=user_id,
FolderConfigurations=[
{
'Name': 'INBOX',
'Action': 'DELETE',
'Period': retention_days
},
{
'Name': 'SENT_ITEMS',
'Action': 'DELETE',
'Period': retention_days
},
{
'Name': 'TRASH',
'Action': 'PERMANENTLY_DELETE',
'Period': 30 # Auto-purge trash after 30 days
}
]
)
return response
def create_resource(self, name, email, resource_type):
"""Create shared resource (meeting room, equipment)"""
response = self.workmail.create_resource(
OrganizationId=self.org_id,
Name=name,
Type=resource_type, # 'ROOM' or 'EQUIPMENT'
Email=email
)
return response['ResourceId']
def enable_booking_assistant(self, resource_id):
"""Enable booking assistant for room"""
response = self.workmail.update_resource(
OrganizationId=self.org_id,
ResourceId=resource_id,
BookingOptions={
'AutoAcceptRequests': True,
'AutoDeclineRecurringRequests': False,
'AutoDeclineConflictingRequests': True
}
)
return response
def list_mobile_devices(self, user_id):
"""List mobile devices"""
response = self.workmail.list_mobile_device_access_overrides(
OrganizationId=self.org_id,
UserId=user_id
)
return response['Overrides']
def remote_wipe_device(self, user_id, device_id):
"""Remote wipe lost mobile device"""
response = self.workmail.reset_personal_access_device(
OrganizationId=self.org_id,
UserId=user_id,
DeviceId=device_id
)
return response
# Usage
service = WorkMailService('org-abc123')
# Create user
user_id = service.create_user(
name='Alice Johnson',
email='alice@company.example.com',
password='TempPassword123!'
)
print(f"User created: {user_id}")
# Check mailbox
quota = service.get_mailbox_quota(user_id)
print(f"Mailbox: {quota['QuotaUsed']}GB / {quota['QuotaLimit']}GB")
# Set retention
service.set_mailbox_retention(user_id, retention_days=2555) # 7 years
# Create conference room
room_id = service.create_resource(
name='Conference Room A',
email='conf-room-a@company.example.com',
resource_type='ROOM'
)
service.enable_booking_assistant(room_id)
Terraform IaC - WorkMail Infrastructure
# AWS Managed Directory for WorkMail
resource "aws_directory_service_directory" "workmail_directory" {
name = "company.example.com"
password = var.directory_password
type = "MicrosoftAD"
edition = "Standard"
vpc_settings {
vpc_id = aws_vpc.main.id
subnet_ids = [aws_subnet.private_a.id, aws_subnet.private_b.id]
}
tags = {
Service = "WorkMail"
}
}
# WorkMail Organization
resource "aws_workmail_organization" "main" {
alias = "mycompany"
directory_id = aws_directory_service_directory.workmail_directory.id
enable_logging = true
tags = {
Application = "WorkMail"
Environment = "production"
}
}
# Admin user
resource "aws_workmail_user" "admin" {
organization_id = aws_workmail_organization.main.id
account_id = aws_workmail_organization.main.id
name = "Admin User"
email = "admin@company.example.com"
password = random_password.admin_password.result
first_name = "Admin"
last_name = "User"
role = "ADMIN"
depends_on = [aws_workmail_organization.main]
}
# Standard user
resource "aws_workmail_user" "alice" {
organization_id = aws_workmail_organization.main.id
account_id = aws_workmail_organization.main.id
name = "Alice Johnson"
email = "alice@company.example.com"
password = random_password.alice_password.result
first_name = "Alice"
last_name = "Johnson"
role = "USER"
depends_on = [aws_workmail_organization.main]
}
# Conference Room Resource
resource "aws_workmail_resource" "conference_room_a" {
organization_id = aws_workmail_organization.main.id
account_id = aws_workmail_organization.main.id
name = "Conference Room A"
email = "conf-room-a@company.example.com"
type = "ROOM"
capacity = 12
booking_options {
auto_accept_requests = true
auto_decline_conflicts = true
auto_decline_recurring = false
}
depends_on = [aws_workmail_organization.main]
}
# Distribution List
resource "aws_workmail_group" "engineering" {
organization_id = aws_workmail_organization.main.id
account_id = aws_workmail_organization.main.id
name = "Engineering Team"
email = "engineering@company.example.com"
depends_on = [aws_workmail_organization.main]
}
# Group membership
resource "aws_workmail_group_member" "alice_engineering" {
organization_id = aws_workmail_organization.main.id
group_id = aws_workmail_group.engineering.id
member_id = aws_workmail_user.alice.id
}
# CloudWatch Log Group for audit
resource "aws_cloudwatch_log_group" "workmail_logs" {
name = "/aws/workmail/audit"
retention_in_days = 30
tags = {
Service = "WorkMail"
}
}
output "organization_id" {
value = aws_workmail_organization.main.id
}
output "organization_arn" {
value = aws_workmail_organization.main.arn
}
類似サービス比較表
| 機能 | WorkMail | Microsoft 365 | Google Workspace | ProtonMail | Zoho Mail |
|---|---|---|---|---|---|
| 〇 | 〇 | 〇 | 〇 | 〇 | |
| Calendar | 〇 | 〇 | 〇 | △ | 〇 |
| Contacts | 〇 | 〇 | 〇 | △ | 〇 |
| Outlook Compatible | 〇 | 〇 | △ | ✕ | △ |
| IMAP/POP3 | 〇 | 〇 | 〇 | △ | 〇 |
| Exchange ActiveSync | 〇 | 〇 | 〇 | △ | 〇 |
| Room Booking | 〇 | 〇 | △ | ✕ | △ |
| AWS Native | 〇 | ✕ | ✕ | ✕ | ✕ |
| Encryption | KMS | Microsoft | E2E | Standard | |
| Compliance | HIPAA, PCI | HIPAA, PCI | HIPAA | GDPR | HIPAA |
| Price/user/month | $4-5 | $6-20 | $6-18 | $5-12 | $3-5 |
| Status | ⚠️ 廃止予定 | ✅ Active | ✅ Active | ✅ Active | ✅ Active |
ベストプラクティス
✅ 推奨事項
1. Directory 設計
- AWS Managed Directory: 新規・小~中規模
- AD Connector: On-prem AD 既存・同期必須
- Cloud Directory: AWS-only・Cognito integration
2. User & Resource Management
- Distribution Lists を活用: Team emails・Project lists
- Resource booking を自動化: Booking assistant enable
- Delegation 活用: 秘書による代理管理
3. Mobile Device Security
- Exchange ActiveSync enable: Mobile device management
- Trusted device list 管理: Lost device remote wipe
- Auto-sync 制限: Data usage 最適化
4. Compliance & Retention
- Retention policy 設定: Role-based retention(Legal 10y, Standard 7y)
- Audit logging enable: CloudTrail で全操作記録
- Archive to S3: Compliance archive・Long-term storage
5. Security & Encryption
- S/MIME enable: Email encryption
- KMS integration: Data encryption at-rest
- Access control: IAM role・Directory-based
❌ 避けるべき事項
| ❌ アンチパターン | ✅ 改善案 |
|---|---|
| Retention policy なし → Data bloat | Set retention by role(Legal 10y, Admin 7y, User 3y) |
| Ad-hoc user creation | Directory syncing・Automation script |
| Mobile device unmanaged | Exchange ActiveSync・MDM integration |
| No audit logging | CloudTrail enable・S3 archival |
| Password never reset | Change password at first login・Policy enforce |
トラブルシューティング
| 問題 | 原因 | 解決策 |
|---|---|---|
| “Organization creation fails” | Region not supported / VPC misconfiguration | Supported region 確認(us-east-1, us-west-2, eu-west-1 etc) |
| “User cannot access mailbox” | Password not set / First login not completed | Reset password・Force user to change at next login |
| “Outlook sync fails” | IMAP/ActiveSync disabled / Server address wrong | Verify server address (mail.example.com)・Protocol enable |
| "Mobile device not syncing | Untrusted device / ActiveSync disabled | Trust device in console・Enable ActiveSync |
| “High mailbox quota usage” | Unlimited retention / Backup accumulation | Set retention policy・Archive old mail to S3 |
| “Conference room double-booked” | Booking assistant disabled / Conflicts not checked | Enable booking assistant・Set auto-decline conflict |
| “Directory sync delayed” | AD Connector connection issue / Password mismatch | Test AD Connector connectivity・Verify passwords |
| “Email delivery slow” | Relay misconfiguration / High queue | Check mail flow・Monitor WorkMail logs in CloudWatch |
廃止予定・マイグレーション
Timeline
- 2026-04-30: New customer acceptance ENDS
- 2026-12-31: New user/group creation ENDS
- 2027-03-31: Service fully discontinued
Pre-migration Checklist
- [ ] User list export(CSV)
- [ ] Email backup(PST export or S3 archive)
- [ ] Calendar export(ICS format)
- [ ] Distribution lists mapping
- [ ] Domain transfer plan
- [ ] MX record migration
- [ ] SPF/DKIM configuration
- [ ] Migration tool selection(Microsoft、Google、手動)
- [ ] Timeline・rollout plan
- [ ] Rollback plan
Migration Paths
Option 1: Microsoft 365(Outlook Compatibility)
Pros:
- Best Outlook compatibility
- Calendar・Contacts seamless
- Teams integration
- Advanced compliance features
Migration:
1. Microsoft Migrate tool
2. Mailbox migration(batch or staged)
3. Domain handoff
4. Cutover
5. Rollback window
Timeline: 2-4 weeks
Option 2: Google Workspace(Web-first)
Pros:
- Lower cost
- Google Drive integration
- Collaboration tools
- Mobile-first design
Migration:
1. Google Workspace setup
2. Email migration(IMAP)
3. Calendar/Contacts migration
4. Domain transfer
5. Outlook client migration
Timeline: 2-3 weeks
Option 3: ProtonMail(Encryption-first)
Pros:
- E2E encryption
- Privacy-focused
- GDPR-friendly
Cons:
- Outlook compatibility limited
- CalDAV only for calendar
Timeline: 2 weeks(simpler)
Migration Strategy Example
Phase 1: Preparation (Weeks 1-2)
- Target service select (Microsoft 365 chose)
- Pilot users: 10 key users
- Domain DNS planning
- Backup strategy
Phase 2: Pilot Migration (Weeks 3-4)
- Pilot users on Microsoft 365
- Mail forwarding enabled
- Rollback plan tested
- User feedback collected
Phase 3: Full Migration (Weeks 5-8)
- Batch 1: Departments (50 users/week)
- Batch 2: Support ongoing
- Mail forwarding maintains continuity
- Old system read-only mode
Phase 4: Cutover (Week 9)
- Final sync
- Mail forwarding disabled
- Old system archived
- Rollback disabled
Phase 5: Post-migration (Week 10+)
- Support・troubleshooting
- Archive old mailbox to S3 (7-year retention)
- WorkMail organization deletion
学習リソース・参考文献
公式ドキュメント・ガイド(8+)
- What is Amazon WorkMail
- Amazon WorkMail Administrator Guide
- Amazon WorkMail User Guide
- Amazon WorkMail API Reference
- Amazon WorkMail end of support
- WorkMail Setup Guide (IMAP/Outlook/Mobile)
- WorkMail Pricing
- Amazon WorkMail FAQs
ベンダー・OSS リソース(5+)
- Microsoft 365 Exchange Online
- Google Workspace Gmail Admin Help
- ProtonMail Business Documentation
- Zoho Mail Administration
- Kopano Server(Open-source alternative)
AWS Blog・ホワイトペーパー(5+)
- AWS Business Productivity Blog
- Amazon WorkMail Best Practices
- AWS Well-Architected Framework - Security Pillar
- AWS Migration Accelerator Program(MAP)
- AWS Compliance Programs(HIPAA, PCI, SOC 2)
実装例・チェックリスト
実装例 1: Executive Email Setup with Delegation
# Setup CEO email with executive assistant
service = WorkMailService('org-abc123')
# Create CEO user
ceo_id = service.create_user(
name='John Smith',
email='john.smith@company.example.com',
password='TempPassword123!'
)
# Create assistant user
assistant_id = service.create_user(
name='Sarah Johnson',
email='sarah.johnson@company.example.com',
password='TempPassword123!'
)
# Delegate CEO's mailbox to assistant
service.delegate_mailbox(ceo_id, assistant_id)
# Set retention for executive (10 years for compliance)
service.set_mailbox_retention(ceo_id, 3650)
チェックリスト - WorkMail 導止前
⚠️ 重要: WorkMail は 2027年3月31日に廃止予定のため、新規導入は非推奨
代わりに以下を検討:
- [ ] Microsoft 365 / Google Workspace / ProtonMail への移行
- [ ] 既存 WorkMail からの early migration
- [ ] AWS-native の場合でも、long-term viability を考慮
まとめ
Amazon WorkMail は Tier 2 エンタープライズメール・カレンダー・リソース管理サービス。ただし 2027年3月31日にサービス廃止予定のため、新規導入は非推奨。
Key Takeaways
- Outlook 互換・AWS native な mail service
- Calendar・Resource booking・Distribution list を統合
- **Directory Service(AD/Cloud)**と deep integration
- ⚠️ 2027年3月31日廃止予定
推奨される使用シーン
✅ 既存 AWS インフラとの統合が絶対必須
✅ Small/mid-market で Outlook 互換必須
✅ ただし、廃止予定のため新規導入は避ける
非推奨シーン
❌ 新規導入(廃止予定のため)
❌ Long-term email strategy(Microsoft 365 / Google Workspace推奨)
❌ Advanced collaboration tools 必要(Teams / Slack推奨)
代替サービス(Recommended)
- Microsoft 365 Exchange Online - Outlook 完全互換・Calendar・Teams
- Google Workspace Gmail - Web-first・Drive integration
- ProtonMail Business - Encryption-first・Privacy
- Zoho Mail - Affordable・Global coverage
- Kopano Cloud - Open-source・On-prem option
最終更新:2026-04-27
バージョン:v2.0
⚠️ ステータス:廃止予定(2027年3月31日終了)