As an increasing number of applications and services are being made available over networks, such as the Internet, an increasing number of content, application, and/or service providers are turning to technologies such as cloud computing. Cloud computing, in general, is an approach to providing access to electronic resources through services, such as Web services, where the hardware and/or software used to support those services is dynamically scalable to meet the needs of the services at any given time. A user or customer typically will rent, lease, or otherwise pay for access to resources through the cloud, and thus does not have to purchase and maintain the hardware and/or software to provide access to these resources.
It might be the case, however, that a customer will have applications that relate to, or utilize, restricted data, such that the customer will want to be able to execute operational actions to the restricted data, or have the resource provider execute operational actions on the customer's behalf, while still abiding by legal or organizational constraints that regulate which entities have the authority to access the restricted data and to execute the operational actions. Conventional cloud management approaches thus cannot be utilized as the persons, resources, and applications typically responsible for managing the resources in a resource provider environment will not have direct access to any of the resources in that restricted zone. The people inside the restricted zone also typically will not have the knowledge and/or information needed to properly operate and update the resources of the provider from within the restricted zone.