|
|
|
|
|
|
by atonse
1791 days ago
|
|
|
This is exactly why most of us are more than happy to pay a premium to AWS, GCP, and Azure. They reduce all what you listed to a handful of checkboxes for us plebs. You have to have a few discussions about how you as an org will manage your keys, and you're a couple of terraform files away for having access to this (budget notwithstanding). This is the level of redundancy/backups/processes the large cloud providers have. It's not just "hey is this encrypted" – it's "what happens, how do you retire a drive, are the modules FIPS 140-2 compliant, how do we physically secure our HSMs?" etc It's just so much more than "hey Digital Ocean is 50% cheaper" AWS's egress bandwidth charges still feel criminal though. |
|
|