Postby jefffischer » Wed Jul 20, 2011 2:52 pm
This is more a consideration of PCI requirements than it is technical requirements. If you plan on NOT hosting your customer's payment information and the customer is either visiting an external payment gateway site to enter payment information, or is submitting payment information directly from their browser to the payment provider (never passing through your application servers), then just about any cloud solution would be viable. Of course, the cloud server still need to be security hardened, but without any customer payment account information being stored, the PCI risk is mitigated.
Firehost is a cloud provider that I know of off the top of my head that claims full PCI compliance in the cloud. This would be a valid cloud approach for people wishing to accept payment information through their cloud app servers.
I don't know of anyone that has tried to deploy a Broadleaf Commerce solution in the Google App Engine environment. While it's technically feasible, I would imagine some additional tweaks would be required.