Design an enterprise cloud landing zone
WHAT IT TESTS: cloud foundation and governance design. OUTLINE: multi-account or subscription structure, centralized identity and SSO, network topology like hub-and-spoke, guardrails via policy and SCPs, and centralized logging.
WHAT IT TESTS: whether you can lay a governed foundation that lets teams self-serve safely. ANSWER OUTLINE: segment workloads into separate accounts or subscriptions under an organization for blast-radius isolation and billing; centralize identity with an SSO identity provider and role-based federated access, no shared root; design a hub-and-spoke network with shared connectivity and segmentation; enforce guardrails with policy-as-code such as SCPs or Azure Policy and IaC baselines; centralize logging and monitoring into a dedicated, immutable…
Read the original → interview
- #landing-zone
- #cloud-governance
- #iam
- #security
- #enterprise
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.