ishenwei/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fc0dde291fa7c19f90564e88e6a04ed4c26b5ba6
nexus/wiki/sources/ctp-topic-47-enterprise-architecture-cloud-standards.md
weishen 2ed46e251d Auto-sync: 2026-04-18 20:02
2026-04-18 20:02:44 +08:00

56 lines
2.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: "CTP Topic 47 Enterprise Architecture Cloud Standards"
type: source
tags: [Enterprise-Architecture, Cloud-Standards, CTP, AWS, Landing-Zone]
sources: [nas:///volume2/work/Public Cloud Learning Sessions/CTP _ Topic 47_Enterprise Architecture Cloud Standards.mp4]
last_updated: 2026-04-18
---
## Source File
- [[raw/Cloud & DevOps/Public-Cloud-Learning-Sessions/01_AWS-Landing-Zone/ctp-topic-47-enterprise-architecture-cloud-standards.md]]
## Summary
- **核心主题**企业云架构标准、Landing Zone 框架、云守护栏Guardrails
- **问题域**:企业如何在云环境中实现标准化、安全性和治理
- **方法/机制**Landing Zone 框架、Enterprise Architecture、Cloud Guardrails、Terraform IaC
- **结论/价值**:通过预配置框架降低应用团队安全审查负担,實現标准化和自动化
## Key Claims
- Landing Zone 是托管云工作负载的框架,聚焦安全性、合规性和可管理性,核心组件包括账户结构、网络、安全、访问管理和遥测
- Enterprise Architecture 帮助阐明云架构,向应用团队传达可用资源和要求
- Cloud Guardrails 捕获可扩展性、成本最小化和灵活性的强制性要求和最佳实践
- Terraform IaC 允许通过代码指定期望环境,促进标准化和可测试性
## Key Quotes
> "A landing zone is a framework for hosting cloud workloads, focusing on security, compliance, and manageability."
> — Lindsay, Enterprise Architect
> "The account structure aligns with environments (dev, staging, production), and roles define access based on zero trust and least privilege principles."
> — Lindsay
> "We want your knowledge collected here for reuse and help other app developers down the road."
> — Lindsay, on guardrails refinement
## Key Concepts
- [[Landing Zone]]:托管云工作负载的框架,聚焦安全性、合规性和可管理性
- [[Enterprise Architecture]]:企业架构,帮助阐明云架构并传达可用资源
- [[Cloud Guardrails]]:云守护栏,捕获强制要求和最佳实践
- [[Terraform]]:基础设施即代码工具,支持环境标准化和可测试性
- [[Terragrunt]]Terraform 包装器,帮助生成不同环境
## Key Entities
- [[Lindsay]]Enterprise Architect with development background讲师
- [[AWS]]:云服务提供商
## Connections
- [[Terraform]] ← enables ← [[Landing Zone]]
- [[Terragrunt]] ← wraps ← [[Terraform]]
- [[Cloud Guardrails]] ← derived_from ← [[Enterprise Architecture]]
- [[Landing Zone]] ← implements ← [[Zero Trust]]
## Contradictions
- (暂无)
## Action Items
- 应用团队应提供输入以完善守护栏
- 企业架构团队在 intranet 站点创建了包含业务架构概念、数据连接、应用信息和技术路线图的页面
Reference in New Issue View Git Blame Copy Permalink