A cloud migration can be complex, especially when a company has inadequate cloud expertise or there simply isn’t the manpower on hand for a cloud environment to be set up correctly and effectively. Moreover, an environment may consist of hundreds of accounts (AWS) or subscriptions (Azure), and that also makes its management awkward. More and more frequently a landing zone is deployed in order to solve these problems. But what exactly is a landing zone and in what way is it advantageous for developers?
First things first: what exactly is a landing zone? In simple terms a landing zone is a cloud framework in which organisations can carry through a large-scale cloud migration in an efficient and streamlined fashion. The advantage of a landing zone is that a number of parameters (so-called “guardrails”) are established, that determine how applications and data are used in the cloud environment. With a landing zone a cloud environment is automatically created in which best practices prevail in the field of security and compliance, for example.
Guardrails you can lay down concern compliance or users’ rights, for example. In this way a setting can be created such that specific datasets are only accessible for certain departments or for users with certain rights of access, for instance. Since such protocols and roles are pre-defined within the landing-zone environment, a cloud migration takes much less time. Now teams do not have to set their own parameters independently of each other.
Customisation is always the order of the day: a landing zone is devised differently for every organisation. After all, every company uses different applications, has to meet different compliance requirements and works with a different IT infrastructure. For this reason there is also no menu involving an organisation being able to mark the options it wants. What is involved is always a bespoke solution, in which it is important for the landing zone to be set up correctly from the outset – and for that, the necessary expertise is required. To this end, cooperation may be sought with a party that has this expertise in house.
So much for the theoretical side of things; what are the main advantages?
1. Cloud architecture in line with (development) policy
Seeing as established parameters apply, developers (for example) work within a well-defined playing field. This means companies do not run the risk of applications being developed within their cloud environment that are at variance with the organisation’s compliance policy, for example. Likewise the IT manager has fewer concerns about compliance because this is embedded in the foundation of the IT infrastructure.
2. Speed and scalability
As already described above, a migration to the cloud can take place much more quickly thanks to a landing zone. The preparation time is drastically reduced: whereas it used to take at least a day, with a landing zone the time is cut to a few minutes. As you can well imagine, this yields considerable cost savings. A landing zone also leads to a shorter time-to-market for new applications, resulting in DevOps processes being set up more quickly and efficiently. Scalability is another major feature inherent in a landing zone, since it is easy to carry out an extension to new environments. This means that standard profiles, for example, can easily be applied to new users.
3. Security and compliance
Thanks to the guardrails, compliance constitutes an integral part of a landing zone, meaning developers and engineers can work within the landing-zone environment safely and in observance of the compliance rules. What is more, organisations do not spend so much time on implementing complex rules within their public cloud, and the risk of shadow IT is thereby substantially reduced. This applies particularly to the operational phase. But it doesn’t stop with the one-off setting-up of the environment(s); it’s also about keeping all environments up to date in an ongoing and uniform manner.
A landing zone has a high degree of standardisation, meaning engineers work simply with environments that have been developed by others. Moreover, a good landing zone is API driven, so that the implementation of new applications is rendered simple, should this be necessary. This flexibility saves time when the landing-zone environment is scaled up or extended.
5. Better grasp of the costs
It’s a well-known pitfall: organisations quickly lose control of their cloud expenses because they do not have a clear overview of the solutions being used – and the costs attached to them. In a landing zone frameworks are established within which engineers are free to develop new initiatives, without this leading to unexpected and unnecessary costs. Furthermore, the process can be set up in such a way that every account/subscription is visible. This avoids situations in which accounts (and therefore costs) remain under the radar.
Who is it suitable for?
So there are advantages aplenty. But which developers does a landing zone offer most possibilities to, and which organisations take best advantage of it? Two aspects play a major role when it comes to answering this question.
First of all one has to consider what an organisation’s current cloud environment looks like. It is chiefly developers working with organisations that do not have a sound grasp of their cloud expenses, or where there is no clear model for DevOps on hand or inadequate central IT architecture, who could benefit from a landing zone.
Speed also plays a vital role. On account of the shorter migration time, the possibility of implementing new applications quickly within the landing-zone environment, the short time-to-market for new applications and the optimisation of DevOps processes, a landing zone is a solution for developers working at organisations where speed makes the difference. And changes such as scaling-up or new employees can also be assimilated quickly and easily thanks to the intelligence of a landing zone.
Cloud Architect at Sentia with extensive knowledge of inter alia AWS migrations, Cloud Architecture and Infrastructure as a Code. Konstantinos hold expertise within modernization of applications for onboarding to Public Cloud as well as the Sentia Managed Landing Zone framework.