@Polgarmx can you tell me how you will have DreamFactory installed for use in these projects, will it be installed from GitHub or using one of the BItnami images? DreamFactory uses the AWSSDKforPHP which comes with the class CloudHSMclient and class CloudHSMexception. I imagine using some custom scripting and leveraging the client included in the SDK you could talk to the cloudHSM for key management and cryptographic operations in DreamFactory to meet these strict regulatory/compliance requirements. Alternatively, Chef has capabilities for key management using what they call data bags as well as a compliance server for audit controls/invoking audits on your infrastructure. Is there a specific regulatory requirement to which you have to adhere to in order to be compliant?
↧