Cloud Providers
While having multiple cloud providers offers flexibility, the Open Home Foundation's current strategy is to limit the number of cloud providers. This standardization is critical for efficiency and for laying the groundwork for future compliance efforts.
Currently, we are not directly involved in ISO certifications, but we anticipate this becoming a requirement. Adopting non-standard services now creates long-term technical debt, making future compliance (security, audit, and operational requirements) significantly more complex and costly. Therefore, all services should aim to use the approved, minimal set of cloud services unless an absolute requirement mandates an alternative.
| Area | Standard/Strategy | Why |
|---|---|---|
| Core Cloud Provider | AWS | Current standard, mature service offering, non-profit credits/support. |
| Secondary Cloud Provider | Scaleway | A good option to reduce costs in some use cases compared to AWS. (High egress) |
| Infrastructure as Code (IaC) | Terraform | Standard for managing and provisioning infrastructure across multiple providers. |
| Edge/CDN/Security/Nameserver | Cloudflare | Provides global content delivery, domain management, and essential security services (WAF, DDoS protection, and DNS). |
| Static site deployment | Netlify | |
| Secure Resource Access | Tailscale | Provides a secure way to access private resources across multiple clouds via a unified VPN. |
| RDNS | Namecheap | Cheaper than AWS. Zone can be directly delegated to AWS. |
| Compliance Focus | Future ISO 27001 Readiness | Prepares the foundation for future security, audit, and operational requirements. |
| Connectivity | Tailscale | Tailscale is a mesh VPN service that creates secure, private networks between your devices and servers using WireGuard encryption, without requiring complex configuration. |
| Data Residency | [Regions TBD] | Necessary for potential future data sovereignty and privacy mandates. |