nexus/wiki/concepts/AWS-Landing-Zone.md

---
title: "AWS Landing Zone"
type: concept
tags:
  - AWS
  - Architecture
  - Multi-Account
---

## Definition
AWS Landing Zone 是 AWS 推荐的企业级云基础架构框架，通过多账号策略、安全基线、网络架构等组件提供安全、可扩展的云环境起点。

## Key Components
- **多账号策略**：通过 AWS Organizations 管理多个账户
- **安全基线**：安全组、SCP、密码策略等
- **网络架构**：VPC、Transit Gateway、VPN/Direct Connect
- **身份管理**：IAM 角色、SSO、AD 集成

## Related Concepts
- [[Network-Segregation]]
- [[SSM-Access]]
- [[Gruntwork-Landing-Zone]]

## Related Entities
- [[AWS]]