Front page  »  Amazon Web Services Solutions  »  Cloud Foundations

Cloud Foundations

Front page  »  Amazon Web Services Solutions  »  Cloud Foundations

Cloud Foundations

What does this solution do?

Amazon Web Services‘s Cloud Foundations whitepaper defines thirty capabilities required for a company's cloud environment. It covers six categories such as governance, risk management and compliance, operations, security, business continuity, finance, and infrastructure. It is a comprehensive improvement over the cloud adoption strategy of a company after the Landing Zone. The Cloud Foundations Quick Start Pack is a deployment tool for the infrastructures of the cloud environment built exactly as defined in the whitepaper. It aims to quickly deploy a cloud-ready environment including a basic landing zone, security baselines, and DevOps functions within two weeks, using cloud-native technologies and automation services. It will effectively assist you to deploy, operate and govern workloads on the cloud efficiently, and make them available for business production fast. You can continue building based on it and constantly enhance the capabilities of your cloud environment.

Service price: Fixed price quotation, the final quote for standard service (excluding customization) is ¥150,000 RMB (tax included).

Delivery mode: The whole process is delivered by the consultants of the Amazon Web Services Professional Services with a two-week implementation period.

Solution Advantages

Fast delivery

The Cloud Foundations Quick Start Pack can help you accelerate toward value, reduce implementation costs, and facilitate adoption of security best practices. You can focus your limited IT resources on high-value opportunities such as large-scale migrations, building the next-generation serverless applications and reinventing business processes on the cloud.

Enhanced security

Deploying with a centrally managed set of code improves the solution’s quality and security. The Cloud Foundations Quick Start Pack has many baseline configurations for compliance and security built into it. You can also propose new security and compliance requirements and quickly integrate them into existing code and configurations, continuously improving the security of your cloud environment.

Simplified work

The Cloud Foundations Quick Start Pack simplifies the build process for an organization with multiple Amazon Web Services accounts. With infrastructure-as-code, the Quick Start Pack is developed and tested in advance for infrastructure resources and their configurations on the cloud, thereby reducing a lot of common errors during implementation and greatly saving deployment time.

Solution Overview

Below presented are the architecture and the web portal of Service Workbench.

About the architecture diagram:

  1. Management Account: It includes an Amazon Organizations organization or a virtual organization and necessary Amazon Identity and Access Management (Amazon IAM) functional roles.
  2. Infrastructure Account: It centrally manages Amazon Simple Notification Service (Amazon SNS) topics, Amazon CodePipeline pipelines and their Amazon CodeBuild projects. It includes automated provisioning Amazon Step Functions state machine, the Amazon Service Catalog Account Factory and Pipeline Factory products.
  3. Security Account: It centrally manages Amazon Key Management Service (Amazon KMS) customer keys and their key policies. It includes alternative solutions to Service Control Policies and Tag Policies, and security enhancements based on Amazon Security Hub.
  4. Logs Account: It centrally manages Amazon Simple Storage Service (Amazon S3) buckets for logs from Amazon CloudTrail, Amazon Config, Amazon GuardDuty, Amazon Virtual Private Cloud (Amazon VPC) flow logs. It includes an Amazon OpenSearch Services domain to search and show logs.
  5. Network Account: It centrally manages Amazon VPCs and their children resources, such as subnets, security groups, route tables, gateways, and endpoints, with subnets shared with member accounts. The VPCs are connected by the Amazon Transit Gateway.
  6. Member Accounts: They are bootstrapped and configured based on the best practices recommended by Amazon Web Services.
Explore all Amazon Web Services Solutions

Browse our portfolio of Amazon Web Services -built solutions to common architectural problems.

Learn more 
Find a Partner

Find Amazon Web Services certified consulting and technology partners to help you get started.

Learn more 
Start building in the console

Sign-up and start exploring our services.

Get started