Summary
We started this chapter by identifying the need for a multi-account structure and the benefits it provides when hosting multiple workloads in AWS. Multiple services, solutions, and deployment frameworks fulfill a certain need, but it’s important to understand that they are not going to help you just on their own. Some level of customization is always needed for organizations to implement their specific needs. With the needs and benefits clarified, we moved on to key considerations that you should have when designing a Landing Zone concept. We also looked at some best practices in the areas of multi-account structure, security and IAM, DevOps and Config management, and operations.
Toward the second half of this chapter, we took a deeper look into how AWS Control Tower works under the hood, and out-of-the-box integrations with the CfCT solution. One of the key benefits that customers get from these solutions is that they are supported by AWS, just as they would support...
