Remote credential management for hybrid clouds with enterprise networks

A system and method of initializing a virtual machine within a secure hybrid cloud is disclosed. One method includes transmitting service mode credentials to a cloud broker from a cloud-based virtual machine, receiving a service mode community of interest key from a credentialing service based on the service mode credentials, and establishing a secure service mode connection based on the service mode community of interest key. The method also includes receiving role VPN credentials at the cloud-based virtual machine and establishing a secure role connection to the cloud broker using the role VPN credentials, thereby providing, in response to the role VPN credentials, a role VPN community of interest key to a virtual data relay dedicated to the cloud-based virtual machine. The method further includes receiving role cloud credentials at the cloud-based virtual machine and establishing secure communications at the cloud-based virtual machine based on the role cloud credentials, including receiving a role cloud community of interest key at the cloud-based virtual machine used for secure communication among the cloud-based virtual machine and other cloud-based virtual machines within a common community of interest with the cloud-based virtual machine.