Overall Architecture
We provide the following Landing Zone reference architecture based on Huawei Cloud's practices and extensive delivery experience. This architecture involves nine domains: organization and account management, identity and permissions management, centralized network management, resource sharing management, unified security management, unified compliance audit, unified O&M management, unified financial management, and data perimeters.

The resources of the nine domains are managed by specific accounts. For example, organization and account management is implemented in the master account (management account), and centralized network management is implemented in the network operations account. The following table lists the accounts for these domains.
Domain |
Account |
---|---|
Organization and account management |
Master account (management account) |
Identity and permissions management |
Master account (management account) |
Centralized network management |
Network operations account |
Resource sharing management |
Public service account |
Unified security management |
Security operations account |
Unified compliance audit |
Security operations account and logging account |
Unified O&M management |
O&M monitoring account |
Unified financial management |
Master account (management account) |
Data perimeters |
Master account (management account) and sandbox account (used to test various control policies) |
The previous sections detailed the design of organizations and accounts. The following sections will describe the designs of the other eight domains.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot