Whether it is per business unit or per application, many AWS customers use multiple accounts to meet their infrastructure isolation, separation of duties, and billing requirements to establish their AWS Landing Zone. In this session, formerly called "Architecting Security & Governance across a Multi-Account Strategy," we discuss the latest updates around establishing your AWS Landing Zone. We cover considerations, limitations, and security patterns when building a multi-account strategy. We explore topics such as thought pattern, identity federation, cross-account roles, consolidated logging, and account governance. In addition, BP shares its journey and approach to establishing its AWS Landing Zone. At the end of the session, we present an enterprise-ready landing zone framework and provide the background needed to implement an AWS Landing Zone. We encourage you to attend the full AWS Landing Zone track; search for #awslandingzone in the session catalog. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.