Ask any two cloud "experts" about whether you can trust cloud providers for running your security sensitive systems and you'll likely get three opinions. When our group of security experts turned to the task of building a robust, reliable, and secure infrastructure, we chose to disregard the conventional wisdom, ignore the FUD, and design controls that allow us to confidently build on AWS, Salesforce, and other cloud providers. This talk walks you through the steps necessary to build a trustworthy cloud infrastructure. We outline how you can deconstruct your security needs into specific technical goals, map those goals onto controls that are available in the cloud, and discuss what risks need to be accepted while others are mitigated. The talk includes detailed discussion of cryptographic, network and logical controls, and is best enjoyed by those with advanced knowledge of AWS.