Additional Considerations⚓︎
AWS provides resources that you should consult as you begin customizing your deployment:
-
Refer to the Best Practices for Organizational Units with AWS Organizations blog post for an overview.
-
Recommended OUs and accounts. This section of the Organizing your AWS Environment Using Multiple Accounts paper discusses the deployment of specific-purpose OUs in addition to the foundational ones established by the LZA. For example, you may wish to establish a Sandbox OU for Experimentation, a Policy Staging OU to safely test policy changes before deploying them more broadly, or a Suspended OU to hold, constrain, and eventually retire accounts that you no longer need.
-
AWS Security Reference Architecture (SRA). The SRA \"is a holistic set of guidelines for deploying the full complement of AWS security services in a multi-account environment.\" This document is aimed at helping you to explore the \"big picture\" of AWS security and security-related services in order to determine the architectures most suited to your organization\'s unique security requirements.
References⚓︎
-
LZA on AWS Implementation Guide. This is the official documentation of the Landing Zone Accelerator Project and serves as your starting point. Use the instructions in the implementation guide to stand up your environment.
-
AWS Labs LZA Accelerator GitHub Repository. The official codebase of the Landing Zone Accelerator Project.