ishenwei/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Auto-sync: 2026-04-18 20:02

Browse Source
This commit is contained in:
weishen
2026-04-18 20:02:44 +08:00
parent 3f2e1765d8
commit 2ed46e251d
50 changed files with 1924 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
wiki/sources/ctp-topic-47-enterprise-architecture-cloud-standards.md Normal file
View File

@@ -0,0 +1,56 @@
---
title: "CTP Topic 47 Enterprise Architecture Cloud Standards"
type: source
tags: [Enterprise-Architecture, Cloud-Standards, CTP, AWS, Landing-Zone]
sources: [nas:///volume2/work/Public Cloud Learning Sessions/CTP _ Topic 47_Enterprise Architecture Cloud Standards.mp4]
last_updated: 2026-04-18
---
## Source File
- [[raw/Cloud & DevOps/Public-Cloud-Learning-Sessions/01_AWS-Landing-Zone/ctp-topic-47-enterprise-architecture-cloud-standards.md]]
## Summary
- **核心主题**企业云架构标准、Landing Zone 框架、云守护栏Guardrails
- **问题域**:企业如何在云环境中实现标准化、安全性和治理
- **方法/机制**Landing Zone 框架、Enterprise Architecture、Cloud Guardrails、Terraform IaC
- **结论/价值**:通过预配置框架降低应用团队安全审查负担,實現标准化和自动化
## Key Claims
- Landing Zone 是托管云工作负载的框架,聚焦安全性、合规性和可管理性,核心组件包括账户结构、网络、安全、访问管理和遥测
- Enterprise Architecture 帮助阐明云架构,向应用团队传达可用资源和要求
- Cloud Guardrails 捕获可扩展性、成本最小化和灵活性的强制性要求和最佳实践
- Terraform IaC 允许通过代码指定期望环境,促进标准化和可测试性
## Key Quotes
> "A landing zone is a framework for hosting cloud workloads, focusing on security, compliance, and manageability."
> — Lindsay, Enterprise Architect
> "The account structure aligns with environments (dev, staging, production), and roles define access based on zero trust and least privilege principles."
> — Lindsay
> "We want your knowledge collected here for reuse and help other app developers down the road."
> — Lindsay, on guardrails refinement
## Key Concepts
- [[Landing Zone]]:托管云工作负载的框架,聚焦安全性、合规性和可管理性
- [[Enterprise Architecture]]:企业架构,帮助阐明云架构并传达可用资源
- [[Cloud Guardrails]]:云守护栏,捕获强制要求和最佳实践
- [[Terraform]]:基础设施即代码工具,支持环境标准化和可测试性
- [[Terragrunt]]Terraform 包装器,帮助生成不同环境
## Key Entities
- [[Lindsay]]Enterprise Architect with development background讲师
- [[AWS]]:云服务提供商
## Connections
- [[Terraform]] ← enables ← [[Landing Zone]]
- [[Terragrunt]] ← wraps ← [[Terraform]]
- [[Cloud Guardrails]] ← derived_from ← [[Enterprise Architecture]]
- [[Landing Zone]] ← implements ← [[Zero Trust]]
## Contradictions
- (暂无)
## Action Items
- 应用团队应提供输入以完善守护栏
- 企业架构团队在 intranet 站点创建了包含业务架构概念、数据连接、应用信息和技术路线图的页面