2.8 KiB
title, type, source-type, category, tags, date-added, video-source, audio-source, status
| title | type | source-type | category | tags | date-added | video-source | audio-source | status | |||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| CTP Topic 35 AWS Landing Zone Design Refresher (SaaS Labs) | cloud-learning | video | DevOps & SRE/01_AWS-Landing-Zone |
|
2026-04-14 | nas:///volume2/work/Public Cloud Learning Sessions/CTP _ Topic 35_ AWS Landing Zone Design Refresher (SaaS _ Labs).mp4 | summarized (Gemini 摘要) |
CTP Topic 35 AWS Landing Zone Design Refresher (SaaS Labs)
Source: NAS /volume2/work/Public Cloud Learning Sessions/CTP _ Topic 35_ AWS Landing Zone Design Refresher (SaaS _ Labs).mp4
Type: VIDEO | Category: 01_AWS-Landing-Zone
Status: 🟡 Awaiting Whisper transcription → Summary
摘要
AWS Landing Zone Design Refresher
This session provides an overview of AWS Landing Zones, focusing on their design, updates, and differences between SaaS and Labs environments. The primary goal of landing zones is to support diverse AWS use cases while ensuring reuse, control, auditing, and management. Our AWS landing zones, they're built infrastructure as code as you'd expect on terraform templates using the grunt work framework.
AWS SaaS landing zones offer customer-dedicated environments with product accounts for each product area, such as Snacks. These accounts connect to shared services accounts for security, logging, and networking. The core accounts group includes Active Directory, DNS, and network accounts to support IT services within the micro-focus infrastructure. The shared service accounts host services like artifactory, cyberqualice, cyber EPO, ArcSight, and monitoring. Grunt work accounts manage AMIs, logs, and security across all accounts. Product accounts host IT products, projects, applications, and supporting AWS resources, managed by individual project teams.
Recent changes to the landing zones include network segmentation to block direct connectivity to SaaS workloads, decommissioning of the Gruntworks Cloud Trail in favor of CCOEs Cloud Trail, and proposed rerouting of ingress traffic via checkpoints in the network account. Native AWS backup is likely to be mandated, and management VPCs may be removed for new accounts. The key difference between SaaS and Labs is that SaaS is for production, while Labs is for development, with plans to introduce internet access into Labs. Basically, the only answer is that SAS is production, Labs is development. The PoC landing zone will be combined with Labs to maximize shared resources. The Cloud Technology Design Forum aims to standardize and centralize microfocus's cloud delivery offering, including landing zone designs.
关键概念
行动项
相关视频
配对视频笔记链接(生成后填入)
最后更新: 2026-04-14