This whitepaper is for historical reference only. Some content might be outdated and some links might not be available.
Overall security governance - AWS Landing Zones
Relevant to most of the Principles covered by the Good Practice
Guide, a Landing Zone is a solution available from AWS that
automatically creates an environment consisting of a set of
related AWS accounts configured in such a way as to establish
security (and cost-related) guardrails for AWS usage by a wide
variety of teams with minimum friction. The environment includes
the foundations of identity management, logging and monitoring,
governance, security, and network design, the specifics of which
may be implemented using decisions made in examining each of the
principles covered below. For more information about the solution
itself, see the
AWS Landing Zone