No, not just for HIPAA/PCI compliance, that's just one of the many benefits. Here's some more reasons why I love Convox, Kubernetes/ECS, Docker:
* Effortlessly achieve 100% uptime with rolling deploys
* Running a single command to spin up a new staging environment that is completely identical to production
* Easily spinning up identical infrastructure in a different AWS region (Europe, Asia, etc.)
* Easily spinning up infrastructure inside a customer's own AWS or Google Cloud account for on-premise installations
* Automatic SSL certificates for all services. Just define a domain name in your Convox configuration, and it will automatically creates a new SSL certificate in ACM and attach it to your load balancer.
* Automatic log management for all services
* Very easily being able to set up scheduled tasks with a few lines of configuration
* Being able to run some or all of my service on AWS Fargate instead of EC2 with a single command
* Ease of deploying almost any open source application in a few minutes (GitLab, Sentry, Zulip Chat, etc.)
well, I am not really interested in your convox-ads but more in your claim that it somehow makes the typical docker-workflow of running random-software from the net somehow HIPPA and PCI-compliant? That's an interesting claim, especially with your description of it as zero-effort.
No, Convox doesn't automatically make any application compliant. Convox makes it far easier to achieve HIPAA/PCI compliance by easily setting up compliant server infrastructure:
Note that dedicated instances are no longer required for HIPAA compliance [1]. Also note that the private Convox console is completely optional. You can achieve all of this with the free and open source convox/rack project: https://github.com/convox/rack
As I mentioned in my original comment, you still need to do a lot of work to set up company policies and make sure your application complies with all regulations.
You should also be aware that I'm comparing Convox with some other popular options for HIPAA-compliant hosting:
* Datica: https://datica.com (I think it starts around $2,000 per month, but not 100% sure)
These companies do provide some additional security and auditing features, but I think there's no reason to spend thousands of dollars per month when Convox can get you 95% of the way in your own AWS account. PLUS: If you have any free AWS credits from a startup program, you might not need to pay any hosting bills for years.
* Effortlessly achieve 100% uptime with rolling deploys
* Running a single command to spin up a new staging environment that is completely identical to production
* Easily spinning up identical infrastructure in a different AWS region (Europe, Asia, etc.)
* Easily spinning up infrastructure inside a customer's own AWS or Google Cloud account for on-premise installations
* Automatic SSL certificates for all services. Just define a domain name in your Convox configuration, and it will automatically creates a new SSL certificate in ACM and attach it to your load balancer.
* Automatic log management for all services
* Very easily being able to set up scheduled tasks with a few lines of configuration
* Being able to run some or all of my service on AWS Fargate instead of EC2 with a single command
* Ease of deploying almost any open source application in a few minutes (GitLab, Sentry, Zulip Chat, etc.)