Setting up an AWS account has always been a long winded process involving multiple steps that are not automated and require manual authorisations. There’re also a slew of considerations to consider including but not limited to; is an IAM account needed? how about a logging account? how will cross account permissions be handled?.
These considerations leads teams to create an opinionated account setup that may not follow best practices and takes a significant amount of work to have a setup worthy of production.
To solve this, AWS has built a turnkey solution that automates the creation of a best practice, secure and production ready environment on AWS called AWS Landing Zone.
AWS Landing Zone is a set of scripts that can help save time by automating the set-up of an environment for running secure and scalable workloads while implementing an initial security baseline through the creation of core accounts and resources.
It comes with;
- AWS Organizations Account used to manage configuration and access to AWS Landing Zone managed accounts.
- Shared Services Account for creating infrastructure shared services such as directory services.
- Logging account for storing copies of all AWS CloudTrail and AWS Config log files in an audit log account.
- Security Account which manages cross-account roles from a Security account to all AWS Landing Zone managed accounts.
How AWS Landing Zone Accelerates Cloud Adoption
- Get up and running on the cloud quicker
AWS Landing Zone means that you can now create multiple structured and secure AWS accounts with minimal effort saving you a great amount of time thereby accelerating your move to the cloud.
2. Maintain a secure and compliant cloud infrastructure
AWS Landing Zone is based on best practices directly from AWS which means security, compliance and governance are provided out of the box for all Landing Zone accounts.
3. Scalability and flexibility
By providing a consistent Base platform, it gives you a stable platform to build on making it easier to quickly scale your cloud infrastructure.
AWS Landing Zone provides a baseline environment to get started with a multi-account architecture, identity and access management, governance, data security, network design, and logging. It also gives you a stable structure to build on over time, allowing you to spend less time doing undifferentiated heavy-lifting and more time building your amazing product on the cloud.
AWS Landing Zone is a solution delivered by AWS Solutions Architects or Professional Services consultants to create a customized baseline of AWS accounts, networks, and security policies.
AltoStack is an AWS Consulting Partner and will gladly help you automate or optimise your new or existing multi-account setup with AWS Landing Zone.
At AltoStack, we leverage the innovative capabilities of the cloud to help enterprise and scale-up organisations innovate and grow by providing a much more efficient, fast, secure and simple way to adopt DevOps & Cloud Native Computing.
Our full spectrum of digital transformation and cloud services allow you to take the first steps of your Cloud and DevOps journey and accelerate your company’s digital transformation and empower your business to stay ahead of the competition.