Cloud Governance Center uses an Infrastructure as Code (IaC) service to orchestrate other basic Alibaba Cloud services, such as resource directories, RAM, and Cloud Config. After you grant necessary permissions to Cloud Governance Center, Cloud Governance Center can automatically set up an Alibaba Cloud multi-account environment that meets basic security compliance requirements. Then, you can implement extended configurations and create accounts.
Based on the best practices that Alibaba Cloud has accumulated while providing services to many customers, Cloud Governance Center helps set up and manage an Alibaba Cloud multi-account environment.
Build a Landing Zone
Cloud Governance Center checks your Alibaba Cloud account and resource directory usage and provides a matched process that guides you to initialize a resource structure step-by-step. This helps accelerate the business data migration to the cloud and improve management efficiency.
You can configure account baseline settings and quickly create accounts in the account factory. This helps you create controlled resource accounts, reduce the configuration costs of creating accounts, and accelerate business delivery.
Configure Protection Rules
You can configure and enable the protection rules provided by Cloud Config. This prevents the resource directories and basic configurations that are created in Cloud Governance Center from being modified. This also ensures the security of the multi-account environment.
Governance Health Check
After you enable this feature, Cloud Governance Center can continuously monitor the IT governance conditions of enterprises on the cloud and provide governance guidance. This helps optimize IT governance configurations and reduce IT governance risks on the cloud.
Build a Secure and Compliant Cloud Environment
At the initial stage of cloud migration, enterprises need to comprehensively consider the requirements for security compliance and scalability and make reasonable plans for the cloud environment so enterprises can efficiently manage business data on the cloud. Based on the best practices that Alibaba Cloud has accumulated while providing services to many customers, Cloud Governance Center helps enterprises quickly set up a multi-account environment that meets basic security compliance requirements. On this basis, enterprises can implement extended configurations.
● Initialize a Multi-Account Environment Quickly: Cloud Governance Center provides friendly step-by-step guidelines to help enterprises quickly set up a multi-account environment.
● Meet Data Isolation Requirements: Cloud Governance Center helps enterprises create the most commonly used log archive accounts and shared service accounts to meet the requirements of different functional roles for data isolation management.
● Accelerate the Delivery of New Accounts: Cloud Governance Center can orchestrate account baselines based on the business requirements of enterprises, create new accounts with one click, and automatically configure the accounts based on baselines.
Build a Multi-Account Structure Quickly
Enterprises may lack unified planning at the initial stage of cloud migration. Separate business teams manage multiple accounts on their own. The lack of centralized management and control of accounts may pose many security compliance risks. Cloud Governance Center can help enterprises check the current governance status, quickly build a reasonable multi-account structure, and configure management baselines.
● Centralized Management of Business Accounts: You can implement centralized management of the O&M team by setting up functional accounts and business accounts.
● Centralized Management of Employee Permissions: You can implement centralized management of employee permissions by enabling single sign-on (SSO) to reduce the risks caused by employee turnover.
● Protection Rules That Help Enterprises Reduce Risks: You can ensure business security and compliance by applying protection rules to all enterprise accounts.