Kickstart your journey into AWS with confidence.
What is the Enterprise Cloud Accelerator?
Automate the setup of a new landing zone using best-practices blueprints for account structure, identity, federated access, security and networking using org-formation Infrastructure as Code (IaC) tool for AWS Organisations. This offering comprises an initial workshop to identify your specific objectives and requirements, design the landing zone, deployment and knowledge transfer.
Avoid project delays and re-work, accelerate the set up of a secure, scalable multi-account AWS environment.
Benefits
Efficiency
Automating the creation of a landing zone saves time, effort, and money that would otherwise be required to set up each account manually.
Best Practice
Using best-practice blueprints ensures the landing zone complies with the AWS Well-Architected Framework.
Flexibility
Effortlessly customise your landing zone setup, modifying AWS account structure, budget alerts, security services, networking, and more to meet your specific requirements.
Security
Automatically deploy secure baseline configuration to all accounts, define compliance and security needs in code and monitor the security posture of your entire organisation.
Scalability
Manage AWS Organisations and deploy resources across accounts for easy management and deployment of the landing zone. This enables peer-reviewed, automated changes to environments at scale.
Co-Development
We work with your team to design, develop, and deliver a solution that aligns with your goals. We ensure seamless transition of ownership and operation of the solution to your team post-deployment.
Key Activities
Multi-Account Environment
Establish a secure multi-account setup using AWS Organizations with guardrails to prevent misconfigurations and budgets to monitor spending across accounts, regions, services, and workloads.
Security & Compliance
Enable tools like Security Hub, GuardDuty, and AWS Config for a single-pane view of security posture and track compliance against standards like the CIS AWS Foundations Benchmark.
Federated Access
Provide centralised access through AWS IAM Identity Center, integrating identity sources like Okta, Active Directory, or Google Workspace, or use the built-in directory to manage users.
Networking
Use a Networking Account to centrally manage network configurations, with options for site-to-site VPNs or AWS Direct Connect to integrate on-premises infrastructure.
Centralised Logging
Consolidate AWS CloudTrail and Config logs into an S3 bucket in a Log Archive Account for compliance and streamlined analysis.
How it works
1. Discovery
We will thoroughly assess your organisation’s business requirements and current architecture. Before customising your foundational AWS environment, fourTheorem Senior Architects will deep dive into your specific requirements, target architecture, code base, development & deployment process, etc.
2. Implementation
We work with you to establish a well-defined and organized structure for AWS accounts, ensuring a consistent and secure environment for managing your organization’s AWS resources and applications. We set up AWS IAM Identity Center, enabling centralized management of your team’s access across AWS accounts and applications. And enable Security and Compliance Services and implement baseline security measures.
3. Follow Up
Assess whether the end solution meets your requirements. With training and support, we’ll equip your team to maximise the benefits of the AWS Enterprise Cloud Accelerator and adapt it to future needs.
