Bourne Leisure: Creating the perfect Landing Zone
Bourne Leisure Holdings Limited is a British private company which owns a number of subsidiary undertakings operating in the leisure and holiday sectors in the United Kingdom including Haven Holidays, Butlins and Warner Leisure Hotels.
During the process of making the move from ‘on-premises’ to Public Cloud, Bourne’s services footprint grew organically and the team found ways to achieve their goals. Like all projects, in hindsight, Bourne recognised that a number of objectives would be easier to achieve if their foundations and practices were built with a future state in mind.
To this end, with lessons learned, Bourne approached AWS for advice in building foundations for the future and were pointed to implementing a Landing Zone.
As the chosen AWS Partner, Daemon worked with Bourne to identify all requirements for the Landing Zone, and created a set of design principles aligned to AWS Well Architected practices.
Daemon implemented Bourne’s Landing Zone using the AWS Control Tower. Control Tower provides a GUI based management service, allowing;
- Control of Service Control Policies,
- Organization management,
- Hierarchical guardrails,
- A means to create new accounts quickly via Account Factory,
- Visual dashboarding service to present back multi-account compliance.
The Landing Zone was created with appropriate Organisational Units and Service Control Policies. A set of Guardrails were implemented to meet the requirements of Bourne, including Preventative controls to avoid implementation of unwanted configurations such as S3 buckets being open to the internet. Detective Guardrails were implemented to alert when certain conditions were met, such as users accessing the console without MFA.
An initial set of AWS accounts were implemented to make efficient use of AWS in the future, segregating development and production workloads and implementing specific accounts for connectivity and security.
The Landing Zone provided Bourne with a secure, multi-account AWS environment based on AWS best practices. This has enabled Bourne to save time and money on future projects and cloud migrations and continue their migration to Public Cloud.