Auto-sync: 2026-04-19 06:32
This commit is contained in:
25
wiki/concepts/AWS-Landing-Zone.md
Normal file
25
wiki/concepts/AWS-Landing-Zone.md
Normal file
@@ -0,0 +1,25 @@
|
||||
---
|
||||
title: "AWS Landing Zone"
|
||||
type: concept
|
||||
tags:
|
||||
- AWS
|
||||
- Architecture
|
||||
- Multi-Account
|
||||
---
|
||||
|
||||
## Definition
|
||||
AWS Landing Zone 是 AWS 推荐的企业级云基础架构框架,通过多账号策略、安全基线、网络架构等组件提供安全、可扩展的云环境起点。
|
||||
|
||||
## Key Components
|
||||
- **多账号策略**:通过 AWS Organizations 管理多个账户
|
||||
- **安全基线**:安全组、SCP、密码策略等
|
||||
- **网络架构**:VPC、Transit Gateway、VPN/Direct Connect
|
||||
- **身份管理**:IAM 角色、SSO、AD 集成
|
||||
|
||||
## Related Concepts
|
||||
- [[Network-Segregation]]
|
||||
- [[SSM-Access]]
|
||||
- [[Gruntwork-Landing-Zone]]
|
||||
|
||||
## Related Entities
|
||||
- [[AWS]]
|
||||
Reference in New Issue
Block a user