---
title: "CTP Topic 47 Enterprise Architecture Cloud Standards"
type: source
tags: [Enterprise-Architecture, Cloud-Standards, CTP, AWS, Landing-Zone]
sources: [nas:///volume2/work/Public Cloud Learning Sessions/CTP _ Topic 47_Enterprise Architecture Cloud Standards.mp4]
last_updated: 2026-04-18
---

## Source File
- [[raw/Cloud & DevOps/Public-Cloud-Learning-Sessions/01_AWS-Landing-Zone/ctp-topic-47-enterprise-architecture-cloud-standards.md]]

## Summary
- **核心主题**：企业云架构标准、Landing Zone 框架、云守护栏（Guardrails）
- **问题域**：企业如何在云环境中实现标准化、安全性和治理
- **方法/机制**：Landing Zone 框架、Enterprise Architecture、Cloud Guardrails、Terraform IaC
- **结论/价值**：通过预配置框架降低应用团队安全审查负担，實現标准化和自动化

## Key Claims
- Landing Zone 是托管云工作负载的框架，聚焦安全性、合规性和可管理性，核心组件包括账户结构、网络、安全、访问管理和遥测
- Enterprise Architecture 帮助阐明云架构，向应用团队传达可用资源和要求
- Cloud Guardrails 捕获可扩展性、成本最小化和灵活性的强制性要求和最佳实践
- Terraform IaC 允许通过代码指定期望环境，促进标准化和可测试性

## Key Quotes
> "A landing zone is a framework for hosting cloud workloads, focusing on security, compliance, and manageability."
> — Lindsay, Enterprise Architect

> "The account structure aligns with environments (dev, staging, production), and roles define access based on zero trust and least privilege principles."
> — Lindsay

> "We want your knowledge collected here for reuse and help other app developers down the road."
> — Lindsay, on guardrails refinement

## Key Concepts
- [[Landing Zone]]：托管云工作负载的框架，聚焦安全性、合规性和可管理性
- [[Enterprise Architecture]]：企业架构，帮助阐明云架构并传达可用资源
- [[Cloud Guardrails]]：云守护栏，捕获强制要求和最佳实践
- [[Terraform]]：基础设施即代码工具，支持环境标准化和可测试性
- [[Terragrunt]]：Terraform 包装器，帮助生成不同环境

## Key Entities
- [[Lindsay]]：Enterprise Architect with development background，讲师
- [[AWS]]：云服务提供商

## Connections
- [[Terraform]] ← enables ← [[Landing Zone]]
- [[Terragrunt]] ← wraps ← [[Terraform]]
- [[Cloud Guardrails]] ← derived_from ← [[Enterprise Architecture]]
- [[Landing Zone]] ← implements ← [[Zero Trust]]

## Contradictions
- （暂无）

## Action Items
- 应用团队应提供输入以完善守护栏
- 企业架构团队在 intranet 站点创建了包含业务架构概念、数据连接、应用信息和技术路线图的页面