AWS Landing zone: A framework for defining and creating foundations for accounts by automating, baking security baseline, controls, governance, organized, auditable, scalable and self serviceable. A set of best practices ingested in an AWS account before migration. Reliable infrastructure. The tenet of LZ are: - Automation driven versioned infrastructure, such as CI/ CD, Cloudformation templates - Multi-account AWS environment based on AWS best practices, limiting blast radius - Adaptable foundation with guardrails, safeguarding in case of any mis happening - Set of architecture patterns, proxy accesses Building/ Designing LZ components: - Accounts: as discussed Multi account strategy - Network:Domains, Direct Connect, Core Services - Security: Centralized Logging, Configuration, Image (AMI) - IAM: Access, Identity, Federation - Cloud Users: Provide users to deploy the accounts, services by using Service Catalog, Automation (avoid manual steps) etc - Now, Migrate, Iterat
Trying to feel 'Secure' in the world of 'Insecurities' :)
Current Online Users: