Multi-Cloud Foundation Architectures

Enterprise-grade governance frameworks across AWS, Azure, GCP, and Oracle Cloud with proper isolation, security controls, and free tier optimization

AWS
Organizations
Azure
Management Groups
GCP
Organization
OCI
Compartments

Organizations Structure

11-account AWS Organizations hierarchy with proper OU structure, security isolation, and cost allocation

AWS Organizations Architecture Diagram

Foundation Accounts

6 core accounts for management, security, logging, networking, and portfolio hosting

Workload Accounts

5 just-in-time accounts created for each certification, maximizing free tier

Sandbox Account

Safe testing environment for experiments without impacting production workloads

Azure Management Groups

Hierarchical subscription management with Azure Policy enforcement and free tier optimization

Azure Foundation Architecture

Management Groups Hierarchy

CloudGuard Portfolio MG with Platform and Landing Zones separation

Azure Policy Governance

Centralized policy enforcement across all subscriptions

Free Tier Optimized

10 App Services, 1M Functions executions, Cosmos DB 25GB

GCP Organization

cloudguardportfolio.com organization with folder-based hierarchy and Organization Policies

GCP Foundation Architecture

Folder Hierarchy

Platform and Landing Zones folders with nested projects

Shared VPC

Centralized network management with service projects

$300 Credits + Free Tier

e2-micro VM, 5GB storage, 2M Cloud Functions invocations

Oracle Cloud Compartments

CloudGuard Portfolio Tenancy with nested compartments and the most generous always-free tier

OCI Foundation Architecture

Nested Compartments

Platform and Landing Zones compartments with security isolation

4 Ampere A1 Cores

24GB RAM + 200GB storage - always free forever!

2 Autonomous Databases

20GB each with automatic backups - always free!

Cost Optimization Strategy

Strategic cost management achieving 6 AWS certifications for $10-60/month through just-in-time provisioning

AWS Cost Dashboard

Free Tier Maximization

Each workload account gets fresh 12-month free tier, reducing costs significantly

Just-In-Time Provisioning

Create accounts right before certification month, stop resources after exam

Account Reuse

Strategic reuse of ML and networking accounts for related certifications

Account Lifecycle Management

8-month strategic timeline from foundation setup to all certifications complete

Account Lifecycle Timeline

Phase 1: Foundation

January - Create 6 core accounts that never get deleted

Phase 2: Certifications

Feb-Aug - One workload account per certification month

Phase 3: Optimization

Ongoing - Archive, idle, and reuse accounts strategically

Strategic Benefits

Why this architecture demonstrates enterprise-level thinking

Enterprise Architecture

Demonstrates understanding of AWS Organizations, multi-account strategies, and security isolation patterns used by Fortune 500 companies

Cost Optimization

Achieving 6 AWS certifications for $10-60/month through strategic free tier usage and just-in-time provisioning shows financial responsibility

Security Best Practices

Proper account isolation, centralized logging, dedicated security tooling account, and IAM Identity Center SSO demonstrate security maturity

Operational Excellence

Documented lifecycle management, automation scripts, and strategic planning show operational maturity beyond typical entry-level candidates

Ready to Explore the Projects?

See this architecture in action across 100 cloud security projects

View Projects About Me