Security Guidelines for Your IaaS Provider

Page last updated:

Warning: Pivotal Cloud Foundry (PCF) v2.3 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

Pivotal Cloud Foundry supports a variety of Infrastructure as a Service (IaaS) providers. Different IaaS providers require different configuration steps to secure user data, identity information, and credentials.

Security requirements can vary broadly based on the unique configuration and infrastructure of each organization. Rather than provide specific guidance that may not apply to all use cases, Pivotal has collected links to IaaS providers’ security and identity management documentation. The documents below may help you understand how your IaaS’ security requirements impact your PCF deployment.

Pivotal does not endorse these documents for accuracy or guarantee that their contents apply to all PCF installations.

How to Use This Topic

Find your IaaS provider in the list below. The documentation items linked for each IaaS may help you configure and secure your installation infrastructure.

Amazon Web Services (AWS)

AWS Identity and Access Management guide
This guide is a reference for AWS’ Identity and Access Management (IAM) features. If you’re new to AWS, start here.
AWS identity documentation
AWS credential documentation
This documentation provides a general definition of IAM terms and provide best practices to help you manage IaaS users and permissions.

Google Cloud Platform (GCP)

GCP authentication documentation
This developer-facing documentation explains general authentication guidelines for GCP.

Microsoft Azure

Azure security documentation
This site has documentation on Azure security tools. It provides a general guide to how to manage IaaS users and credentials.

OpenStack

OpenStack credential configuration
OpenStack credential creation
OpenStack deployment configuration
These documents provide a general reference for OpenStack service credential management.

VMware vSphere

vSphere Security guide (PDF)
This guide contains best practices for securing and managing a vSphere installation.

Create a pull request or raise an issue on the source for this page in GitHub