Public cloud environments can easily grow beyond a point of lack of control, which leads to longer migration cycles, fragmented IT systems, higher cross-team interdependencies and increasing operating costs.
Building a landing zone is therefore a starting point to meet the needs for sustainable cloud migrations, which incorporates best practices followed for operating and governance models.
The cloud landing zone solution will help save time by automating the set-up of the cloud environment for running secure and scalable workloads while implementing an initial security baseline through the creation of core accounts and resources. It also provides a baseline environment to get started with a multi-account architecture, identity and access management, governance, data security, network design, and logging.
The CloudNation landing zone is a set of scripts/templates with which you can automatically create a secure and scalable platform that handles authentication, centralized logging and centralized security.
- Active directory integration
- A shared services account for things like bastion and active directory services
- A security account/subscription for auditors
- A logging account/subscription that all other environments feed their log data to
- Restrictions to ensure that users cannot disable logging
- The ability to add as many other accounts/subscriptions as you need over time (sandbox, dev, test, production, etc), all pre-configured as above