Ready-to-Scale AWS Infrastructure Blueprint  

5X Speed, One Price:
Best in class Multi-Account AWS Architecture in a few weeks &
Scale Your Startup to the Clouds

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

FivexL’s Right Start for AWS takes our team's years of expertise in building,
scaling, and securing AWS for Scandinavian and US startups and shapes it into a
productized service.


Leveraging infrastructure as code, the FivexL team's unique experience, and best
AWS practices, the customer receives a fully compliant audit-ready multi-account
AWS organization in a few weeks — a task typically taking a solo in-house
specialist over a year to complete. This efficiency saves time, avoids mistakes,
slashes costs, and ensures no costly rework later in the process.


Thanks to the included AWS Backup configuration and Service Control Policies,
provided AWS infrastructure has all the necessary controls to ensure disaster
recovery and business continuity, thus cutting cyber insurance costs and
protecting business data from ransomware as well as other cyber threats.

Deliverables

  • AWS Multi-Account Strategy*:
    • Implement a predefined set of Organizational Units configured for scalability and security.
    • Recommendations for IAM access policies based on Organizational Units.
    • Documentation and AWS Organisation diagrams.
  • AWS Management Account:
    • Correct configuration of all contact details, including security, operations, and billing, for better account protection from account takeover.
    • Budget and cost anomaly detection alerts via Slack and Email to catch unintended spending early and avoid billing surprises.
    • Implementation of AWS Health alerts for Slack and Email.
    • Initial setup of Single Sign-On (SSO) configuration.
    • Delegation of all security and management services to sub-accounts.
    • Service Control Policies for AWS Organisation management and protection.
  • AWS SSO Account:
    • Terraform SSO Elevator for AWS Just In Time access via Slack requests.
    • Management of SSO users and SSO permission sets.
  • AWS Security Account:
    • Organisation-wide AWS Cloudtrail configuration and Slack alerts for root actions, IAM access denied, and other recommended alerts.
    • Organisation-wide AWS GuardDuty and Slack alerts for intrusion detection and data infiltration.
    • Organisation-wide AWS Config setup to keep track of AWS resources configuration.
    • Organisation-wide AWS Security Hub integration for security posture management.
  • AWS Logs Archive Account:
    • Storage for immutable log data, which cannot be altered or deleted, such as:
      • SSO Elevator’s audit logs.
      • AWS Cloudtrail access logs.
      • VPC Flow logs, Route53 query logs, ALB, and S3 access logs.
      • Production, Development, and Staging application logs.
      • Security and Audit log data.
  • AWS Backup Account:
    • A dedicated account for managing and storing backups, ensuring data resilience and availability in cases of incidents or ransomware.

* Benefits of multi-account AWS strategy for startups

logo

Improved Security

 

logo

Cost Tracking &
Saving Budget

 

logo

Autonomy
for Teams

 

logo

Effective Resource
Management

 

 CopFivexL,  2024yright ©2023 FivexL