What is the AWS Landing Zone Accelerator? Your Secure AWS Environment Vending Machine

How can you scale up environment creation for your highly-regulated industry business? Meet the AWS LZA

Key Takeaways:

Table of Contents

The AWS Landing Zone Accelerator simplifies the setup of a secure, multi-account AWS environment.
It automates best practices, ensuring a quicker and more efficient deployment.
The solution is highly customizable, allowing you to adapt it to your specific business needs.

What is the AWS Landing Zone Accelerator? It’s a solution that automates the setup of a secure, scalable, and high-performing multi-account AWS environment. Designed to accelerate your cloud adoption journey, it incorporates AWS best practices to help organizations quickly set up a robust cloud infrastructure without the steep learning curve.

For businesses in the health, finance, and legal or any highly-regulated industry – having to ensure that your AWS architecture adheres to standards can be a huge pain point. But a necessary pain, if the alternative is failing data compliance and being subject to huge fines by regulatory bodies such the EU’s GDPR.

The team at AWS however don’t want this to be a constraint for their customers. So they developed the predecessor to the AWS Secure Environment Accelerator (ASEA). With the objective to provide a way for Canadian businesses to scale up their account management securely. Due to the success of the ASEA, AWS have now extended its capabilities to make this level of functionality available to customers outside of Canada with the AWS Landing Zone Accelerator.

In this article I’ll break down the AWS Landing Zone Accelerator a little bit. By the end of this, you should have an understanding of what it is, what pains it solves, whether it could be a fit for your business, and how you could get started with the LZA.

What is the LZA? and What problems does it solve?
Overview of the LZA
How to get started with the LZA

What is the AWS LZA?

The LZA was developed to streamline the process of creating new environments that included the core components required for security and governance. Traditionally infrastructure teams would be responsible for creating new development environments, provisioning and configuring all the components that ensure security and compliance standards are met.

Now, imagine that you’re a cloud infrastructure team that has to support hundreds of engineers. That’s a lot of environments that you’ll need to spin up, also a lot of time, and lastly increased risk of missing a core component in the process.

With the LZA, the burden is taken off the infrastructure team significantly. By setting up the LZA with the mandatory security and governance components for an AWS environment, they can not only reduce the manual overhead of spinning up a secure environment, but they can also rest easy knowing all the core components are included automatically.

In a nutshell, with the LZA you don’t have to worry about:

Labour overhead of spinning up secure environments
Scalability of secure environment creation process
Secure environment creation lead time
Risk exposure from manual environment setup with core security and compliance requirements

Overview of the AWS Landing Zone Accelerator

Now that you have an understanding of the problem it solves, let’s dive into the core components that make up the AWS LZA. It can be broken down into the following:

AWS Organizations

AWS developed the Organizations service to allow customers to consolidate multiple AWS accounts into an organization. This makes the management of security access and controls across multiple accounts much easier. With the LZA comes an AWS organization pre-built and that is optimized for security and governance.

Security and governance controls

While the specific security and governance controls will depend on the environment. In general the LZA will equip your environments with:

Identify and access management
Network security
Data encryption
Compliance monitoring
and auditing

The beauty of the LZA is that each organization can tailor it to their needs.

Landing zone deployment pipeline

The landing zone deployment pipeline component allows you to deploy software updates to your environments. It provides you with a structured and automated process for releasing software updates to your dev, stage, and production environments.

Identity and Access Management (IAM)

This allows you to manage access to AWS resources through management of user creation and user groups and policies. IAM is a key component of AWS security, as it provides the ability to control who can access which AWS resources, and what actions they can perform on those resources.

Benefits of using the AWS Landing Zone Accelerator

Quick and easy deployment

Deployment is quick and simple with the LZA, which comes with automation and pre-established best practices. By tailoring it to your requirements, it lets you swiftly and simply create secure, multi-account AWS environments.

Scalable and secure environment

Core components of the LZA such as Control Tower and Organizations allows you to to manage and govern your AWS environment at scale. This ensures that your environments are scalable and reliable, and can support your growing workloads.

Centralized management and governance

By natively including Service Catalog and IAM, there’s one less step in ensuring that your environments are secure and compliant. This helps to protect your sensitive data and resources, and to meet the security and compliance requirements of your industry.

Pre-built framework

AWS Well-Architected comes built in! The LZA comes with pre-built, well-architected framework with automation and pre-defined AWS best practises, making it simpler and faster for you to get setup while also following industry best practices.

Conclusion

The AWS Landing Zone Accelerator is an excellent solution for anyone looking to quickly and easily set up a secure, multi-account AWS environment. With its pre-built, well-architected framework and automation tools, you can quickly and easily set up and manage your AWS environment, ensuring that it is scalable, reliable, and secure.

The AWS Landing Zone Accelerator includes components like:

AWS Control Tower
AWS Organizations
AWS Service Catalog
and AWS Identity and Access Management (IAM)

These all help to provide a comprehensive set of tools and best practices for managing and governing your AWS environment. This makes it easier for you to ensure that your AWS environment is compliant and secure, and can support your growing workloads.

Overall, the AWS Landing Zone Accelerator provides a fast, secure, and scalable way to set up and manage your AWS environment, allowing you to quickly and easily leverage the power of the cloud. Give it a try today and see how it can help you to accelerate your journey to the cloud.

If you want to learn more about the power of the AWS Landing Zone Accelerator, reach out to us at Autimo. We’ve been at the bleeding edge of AWS Landing Zones with our work on the AWS Secure Environment Accelerator. We’d love to see what we can do for your business.

Warren is Co-Founder and CTO of Autimo. He’s been in the industry for a long time now and over his journey he’s helped mentor and grow the careers of many aspiring cloud engineers. As the technology leader in Autimo, his mission is to bring cloud and devops engineering to the world and allow everyone to leverage the power of cloud technology.

Make sure you don't miss out on the next part of the series!

Need help?

Don't hesitate to contact us for more information

We’d love to get in touch to see how we can help you leverage cloud technologies to grow your business.