AWS prescriptive-guidance documentation change
Summary
Updated internal links, fixed grammar ('operational needs' to 'operations needs'), simplified section headers ('Deploy your network' to 'Deploy network'), and replaced hyperlinks with plain text references for platform architecture.
Security assessment
Changes are editorial improvements without introducing new security concepts. Minor grammar fixes and link updates don't address vulnerabilities. Existing security references (guardrails, network controls) remain unchanged.
Diff
diff --git a/prescriptive-guidance/latest/aws-caf-platform-perspective/platform-eng.md b/prescriptive-guidance/latest/aws-caf-platform-perspective/platform-eng.md index 56036a63e..885c0bbbb 100644 --- a//prescriptive-guidance/latest/aws-caf-platform-perspective/platform-eng.md +++ b//prescriptive-guidance/latest/aws-caf-platform-perspective/platform-eng.md @@ -5 +5 @@ -[Documentation](/index.html)[AWS Prescriptive Guidance](https://aws.amazon.com/prescriptive-guidance/)[AWS Cloud Adoption Framework: Platform perspective](welcome.html) +[Documentation](/index.html)[AWS Prescriptive Guidance](https://aws.amazon.com/prescriptive-guidance/)[AWS Cloud Adoption Framework: Platform perspective](introduction.html) @@ -13 +13 @@ StartAdvanceExcel -To support innovation by enabling development teams, the platform needs to adapt at a rapid pace to keep up with the demands of the business. (See the [AWS CAF Business perspective](https://docs.aws.amazon.com/whitepapers/latest/aws-caf-business-perspective/aws-caf-business-perspective.html).) It must do so while being flexible enough to adapt to product management demands, rigid enough to adhere to security constraints, and fast enough to enable operational needs. This process requires the building of a compliant multi-account cloud environment with enhanced security features, and packaged, reusable cloud products. +To support innovation by enabling development teams, the platform needs to adapt at a rapid pace to keep up with the demands of the business. (See the [AWS CAF Business perspective](https://docs.aws.amazon.com/whitepapers/latest/aws-caf-business-perspective/aws-caf-business-perspective.html).) It must do so while being flexible enough to adapt to product management demands, rigid enough to adhere to security constraints, and fast enough to enable operations needs. This process requires the building of a compliant multi-account cloud environment with enhanced security features, and packaged, reusable cloud products. @@ -15 +15 @@ To support innovation by enabling development teams, the platform needs to adapt -An effective cloud environment allows your teams to easily provision new accounts while ensuring that those accounts conform to organizational policies. A curated set of cloud products enables you to codify best practices, helps you with governance, and helps increase the speed and consistency of your cloud deployments. Deploy your best practice blueprints, and detective and preventative [guardrails](https://docs.aws.amazon.com/wellarchitected/latest/management-and-governance-lens/controlsandguardrails.html). [Integrate](https://docs.aws.amazon.com/wellarchitected/latest/management-and-governance-lens/networkconnectivity.html) your cloud environment with your existing landscape to enable desired hybrid cloud use cases. +An effective cloud environment allows your teams to easily provision new accounts while ensuring that those accounts conform to organizational policies. A curated set of cloud products enable you to codify best practices, help you with governance, and help increase the speed and consistency of your cloud deployments. Deploy your best practice blueprints, and detective and preventative [guardrails](https://docs.aws.amazon.com/wellarchitected/latest/management-and-governance-lens/controlsandguardrails.html). [Integrate](https://docs.aws.amazon.com/wellarchitected/latest/management-and-governance-lens/networkconnectivity.html) your cloud environment with your existing landscape to enable desired hybrid cloud use cases. @@ -33 +33 @@ Implement [identity management and access control](https://aws.amazon.com/soluti -### Deploy your network +### Deploy network @@ -35 +35 @@ Implement [identity management and access control](https://aws.amazon.com/soluti -In accordance with your [platform architecture](./platform-arch.html) designs, create a [centralized network account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/infrastructure-ou-and-accounts.html#network-account) to control inbound and outbound traffic to and from your environment. We recommend that you design your networks for rapidly provisioned connectivity between your on-premises network and your AWS environments, to and from the internet, and across your AWS environments. Centralizing your network management enables you to deploy network controls to isolate networks and connectivity across your environment by using preventive and reactive controls. +In accordance with your _platform architecture_ designs, create a [centralized network account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/infrastructure-ou-and-accounts.html#network-account) to control inbound and outbound traffic to and from your environment. We recommend that you design your networks for rapidly provisioned connectivity between your on-premises network and your AWS environments, to and from the internet, and across your AWS environments. Centralizing your network management enables you to deploy network controls to isolate networks and connectivity across your environment by using preventive and reactive controls. @@ -57 +57 @@ In accordance with the [AWS CAF Governance perspective](https://docs.aws.amazon. -Before you proceed, evaluate and certify cloud services for consumption in alignment with your [platform architecture](./platform-arch.html). Then, package and continuously improve enterprise standards as deployable products and consumable services, and use infrastructure as code (IaC) to define configurations in a declarative way. Infrastructure automation mimics software development cycles by allowing access to specific services in each account with role-based access control (RBAC) or attribute-based access control (ABAC). Deploy a method to rapidly provision new accounts and align them with your service and incident management capabilities by using APIs, or develop self-service capabilities. Automate network integration and IP allocation as accounts are created to ensure compliance and network security. Integrate new accounts with your IT service management (ITSM) solution by using native connectors that are configured to operate with AWS. Update your playbooks and runbooks as appropriate. +Before you proceed, evaluate and certify cloud services for consumption in alignment with your _platform architecture_. Then, package and continuously improve enterprise standards as deployable products and consumable services, and use infrastructure as code (IaC) to define configurations in a declarative way. Infrastructure automation mimics software development cycles by allowing access to specific services in each account with role-based access control (RBAC) or attribute-based access control (ABAC). Deploy a method to rapidly provision new accounts and align them with your service and incident management capabilities by using APIs, or develop self-service capabilities. Automate network integration and IP allocation as accounts are created to ensure compliance and network security. Integrate new accounts with your IT service management (ITSM) solution by using native connectors that are configured to operate with AWS. Update your playbooks and runbooks as appropriate.