This guide refers to two running case studies, which are introduced here and referred to at the end of each chapter.
Alice deploys a private cloud for use by a government department in the US. The cloud must comply with relevant standards, such as FedRAMP. The security paperwork requirements for this cloud are very high. It must have no direct access to the internet: its API endpoints, compute instances, and other resources must be exposed to only systems within the department's network, which is entirely air-gapped from all other networks. The cloud can access other network services on the Organization's Intranet. For example, the authentication and logging services.
Bob is a lead architect for a company that deploys a large greenfield public cloud. This cloud provides IaaS for the masses and enables any consumer with a valid credit card access to utility computing and storage, but the primary focus is enterprise customers. Data privacy concerns are a big priority for Bob as they are seen as a major barrier to large-scale adoption of the cloud by organizations.
