🗂️ Navigation
📁 Multi-Cloud Management
📋 AWS Landing Zone
🔧 Landing Zone Accelerator on AWS (LZA)

Landing Zone Accelerator on AWS (LZA)

Deploy a multi-account cloud foundation for highly-regulated workloads and complex compliance requirements.

Visit Website →

Overview

The Landing Zone Accelerator on AWS (LZA) is an open-source solution built using the AWS Cloud Development Kit (CDK). It is designed to deploy a secure, resilient, and scalable cloud foundation that accelerates readiness for complex compliance programs. It is architected to align with AWS best practices and multiple global compliance frameworks (like NIST, FedRAMP, HIPAA). LZA is often used to enhance a foundational AWS Control Tower deployment with more advanced networking, security, and account customizations.

✨ Key Features

  • Infrastructure as Code (IaC) based on AWS CDK
  • Designed for highly-regulated industries and complex compliance needs
  • Advanced network architecture (VPCs, Transit Gateways, Network Firewall)
  • Extensive customization via configuration files
  • Support for AWS GovCloud (US) and other non-standard partitions
  • Integration with AWS Control Tower Account Factory

🎯 Key Differentiators

  • Open-source and highly customizable
  • Specifically designed for complex compliance frameworks
  • Deep integration with a wide array of AWS services

Unique Value: Accelerates the deployment of a secure and compliant AWS foundation for highly regulated workloads through a customizable, low-code approach.

🎯 Use Cases (4)

Building AWS environments for government, defense, healthcare, and finance sectors Customizing and enhancing a baseline AWS Control Tower landing zone Automating the deployment of complex networking and security controls Deploying landing zones in AWS GovCloud (US) regions

✅ Best For

  • Deploying environments to meet FedRAMP, FISMA, NIST, CMMC, and HIPAA requirements.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Users who need a simple, quick-start landing zone with minimal customization (AWS Control Tower is a better fit)
  • Teams without Infrastructure as Code (IaC) or AWS CDK knowledge

🏆 Alternatives

Custom-built landing zones Third-party cloud management platforms

Provides more customization and compliance-specific features than the standard AWS Control Tower, but requires more technical expertise to manage.

💻 Platforms

API CLI (via AWS CDK)

🔌 Integrations

AWS Control Tower AWS Organizations AWS Security Hub AWS Config AWS Network Firewall AWS Key Management Service (KMS) Over 35 AWS services

🛟 Support Options

  • ✓ Email Support
  • ✓ Live Chat
  • ✓ Phone Support
  • ✓ Dedicated Support (AWS Business Support or Enterprise Support tier)

🔒 Compliance & Security

✓ SOC 2 ✓ HIPAA ✓ BAA Available ✓ GDPR ✓ ISO 27001 ✓ SSO ✓ NIST 800-53 ✓ FedRAMP ✓ DoD CC SRG ✓ CMMC ✓ HIPAA ✓ PCI DSS

💰 Pricing

Contact for pricing
Free Tier Available

Free tier: The solution itself is free and open-source.

Visit Landing Zone Accelerator on AWS (LZA) Website →

🔄 Similar Tools in AWS Landing Zone

AWS Control Tower

Automates the setup of a landing zone in AWS, based on best practices....

Contact

AWS Control Tower Account Factory for Terraform (AFT)

A Terraform module that automates the creation and customization of AWS Control Tower accounts....

Contact

Superwerker

An open-source solution that quickly sets up a secure AWS environment based on best practices....

Contact

Kion

A comprehensive platform for multi-cloud governance, financial management, and automation....

Contact

Turbot

A platform for policy-based control and automatic remediation of enterprise clouds....

Contact

AWS Organizations

A foundational AWS service for managing multiple AWS accounts....

Contact