[Infographic] 15 Steps to Build a Successful Cloud Landing Zone
[Infographic] How to Launch a Successful Cloud Landing Zone
A successful cloud initiative is built on a rock-solid foundation:
A secure, reliable, high-performing Cloud Landing Zone!
Here are 15 steps to help you prepare and deliver a robust Landing Zone—whether that's on AWS, GCP or Azure.
1. Keep a clear focus on desired business outcomes
Always clearly define why your Landing Zone is being built.
- Identify a quick lighthouse project to prove the concept (8 to 12 weeks)
- Regularly review progress against business outcomes (at least once a week)
2. Define how your Landing Zone will need to be used
Before a single line of code is written, define how the accounts created by the Landing Zone are going to be consumed by applications, services and end users.
- Work with the business to determine the modes of consumption
- Continuously review the modes of consumption
- Set appropriate security and compliance guardrails for each account type
3. Assemble the right team
Determine the right skills and team structure that you need and manage Landing Zones on an ongoing basis.
- Align your team structure with Landing Zone components
- Rotate people between delivery functions to avoid silos
- Ensure you have people with Landing Zone experience in your team
4. Get dependencies and prerequisites in place
You can save a lot of time and money by getting dependencies and prerequisites in place even before the full team lands.
- Order account prerequisites in bulk to avoid delays
- Establish a dependencies checklist (and use it!) to avoid delays to new team members joining
5. Get the support of key stakeholders and teams early on
Engage early with the people and teams that manage key integration points to avoid delays and blockers.
- Invite crucial stakeholders to key progress meetings and reviews
- Regularly show them progress and get their feedback to avoid ‘big reveals’
- Involve key stakeholders in the delivery itself
6. Choose and execute a lighthouse project
Build a ‘quick win’ project to prove the concept and help drive progress and feedback.
- Get early support, from the top, for the lighthouse
- Inform and educate the project team on all things cloud
- Launch as soon as is viable to get feedback early
7. Take a cloud native approach
It is common for businesses to try to emulate their existing on-premise infrastructure in the cloud. This is a mistake.
- Always consider cloud native tools and services
- Only use third party tools that can be automated
- Use cloud native tooling for tactical changes to avoid blockers
8. Clearly define and scope discrete delivery objectives
In the cloud, you can always do more. You might never finish your Landing Zone implementation unless you scope and prioritize clear delivery objectives.
- Be vigilant as to what constitutes the ‘core’ of your Landing Zone
- View the Business-Specific Requirements components as Landing Zone features or extensions
9. Create a well-defined security and compliance model
The ability to create and manage accounts with a known, measurable and enforceable security and compliance posture is one of the key features of a Landing Zone implementation.
- Engage early with the InfoSec team to prevent last-minute blockers
- Use industry standards as a starting point (but modify where needed)
10. Automate everything
The ability to create resources via API calls or tools that wrap around those API calls is probably the greatest benefit that running services in the cloud provides: use it
- Embed an automation-first culture
- If you can’t automate it, don’t use it
- Never put off automating a task
- Keep the tasks that cannot be automated on the backlog as open issues
How to Build a Cloud Landing Zone That Delivers Real Business Value
Many cloud adoption initiatives fail. It does not have to be this way!
The key to a strong cloud initiative is a rock solid foundation: a secure, reliable and high-performing Cloud Landing Zone!
11. Build a Test Landing Zone
Your Landing Zone is a critical piece of infrastructure and needs to be tested the same as any other mission-critical IT component
- Your Test Landing Zone should build accounts that are representative of those in your Production Landing Zone
- Perform regular build/destroy life cycles on the Test Landing Zone
12. Track, measure and demonstrate your security and compliance framework
Regulated businesses have to be able to demonstrate and report on specific security and compliance controls both to internal and external audiences
- Keep the tracking document simple and concise
- Regularly review the tracking document
- Share the compliance documents widely to improve transparency across the business
13. Go green and stay green
Keep on the right side of technical debt by immediately dealing with any security and compliance alerts as they arise
- Create a security- and compliance-aware culture
- Keep security and compliance as a priority item on the agenda of key meetings
14. Watch the costs
Poorly managed cloud implementations—including your Landing Zone and the accounts it creates—can result in large bills if not managed properly
- Design a simple resource tagging policy and enforce its usage
- Tear down and recreate resources daily
- Create automated lifecycle policies for object and backup storage
- Regularly review resource utilisation and adjust if appropriate
15. Lightweight design, iterative delivery
The flexibility of the cloud allows you to make course corrections as you go. Do not be afraid to pivot if that ends up delivering the best outcome.
- Make your Landing Zone an ever-evolving creation
- Deliver iteratively to demonstrate the value of the work
- Learn as you go
For a complete guide, get the white paper: How to Build a Cloud Landing Zone That Delivers Real Business Value: 15 Principles and Best Practices.