An Architect is designing a VMware Cloud Foundation (VCF)-based private cloud solution for a customer. During the requirements gathering workshop, the customer stated the following:

• All users must only have access to the solution components to fulfill their defined role.

• All administrative users must be authenticated to a separate approved identity source for administrator accounts only.

• All service users must be authenticated to the central approved identity source.

• All service account passwords must be stored centrally in an approved secrets management platform.

When creating the design, how should the Architect classify all the stated requirements?