AWS Architecture
Landing Zone and Multi-Account Network Architecture for Fortune 500 Tech Firm
▶ Play
Press Play to walk through the architecture
GOVERNANCE · IDENTITY · ACCESS
NETWORK CONNECTIVITY · WORKLOAD ACCOUNTS
SECURITY · COMPLIANCE CONTROLS
MONITORING · LOGGING · AUTOMATION
Admin
Platform Admin
Landing zone setup
Control Tower
Landing zone orchestration
Organizations
Account management
IAM Identity Center
SSO & permissions
CloudFormation
Infrastructure templates
Transit Gateway
Cross-account routing
Production VPC
Prod workload isolation
Development VPC
Dev environment
Route 53
DNS resolution
EC2
Application workloads
Security Hub
Centralized findings
GuardDuty
Threat detection
Config
Compliance assessment
IAM
Account-level policies
CloudTrail
API audit logging
CloudWatch
Metrics & alerting
Systems Manager
Operations automation
S3
Log storage
Ingestion
Compute
Data
Security
Data flow