Security Guidelines for Your IaaS Provider

Pivotal Cloud Foundry supports a variety of Infrastructure as a Service (IaaS) providers. Different IaaS providers require different configuration steps to secure user data, identity information, and credentials.

Security requirements can vary broadly based on the unique configuration and infrastructure of each organization. Rather than provide specific guidance that may not apply to all use cases, Pivotal has collected links to IaaS providers’ security and identity management documentation. The documents below may help you understand how your IaaS’ security requirements impact your PCF deployment.

Pivotal does not endorse these documents for accuracy or guarantee that their contents apply to all PCF installations.

How to Use This Topic

Find your IaaS provider in the list below. The documentation items linked for each IaaS may help you configure and secure your installation infrastructure.

Amazon Web Services (AWS)

• AWS Identity and Access Management guide
  This guide is a reference for AWS’ Identity and Access Management (IAM) features. If you’re new to AWS, start here.
  
  
• AWS identity documentation
  
• AWS credential documentation
  This documentation provides a general definition of IAM terms and provide best practices to help you manage IaaS users and permissions.

Google Cloud Platform (GCP)

• GCP authentication documentation
  This developer-facing documentation explains general authentication guidelines for GCP.

Microsoft Azure

• Azure security documentation
  This site has documentation on Azure security tools. It provides a general guide to how to manage IaaS users and credentials.

OpenStack

• OpenStack credential configuration
  
• OpenStack credential creation
  
• OpenStack deployment configuration
  These documents provide a general reference for OpenStack service credential management.

VMware vSphere

• vSphere Security guide (PDF)
  This guide contains best practices for securing and managing a vSphere installation.