Network buildout for cloud computing environments with data control policies

What is claimed is: 1. A computerized system comprising: one or more processors; and one or more computer storage media storing computer-useable instructions that, when used by the one or more processors, cause the one or more processors to: determine, at a buildout service in a first cloud computing environment remote from a second cloud computing environment, that one or more network devices are being added to the second cloud computing environment; obtain, by the buildout service, one or more configuration templates to configure the one or more network devices; populate, by the buildout service, the one or more configuration templates with values from non-restricted data from the second cloud computing environment available to the buildout service; send, from the buildout service to a hardware proxy in the second cloud computing environment, one or more requests to configure the one or more network devices, the one or more requests including the populated one or more configuration templates, wherein the hardware proxy updates the populated one or more configuration templates for the one or more network devices with values from restricted data maintained in the cloud computing environment, and wherein the hardware proxy issues commands to configure the one or more network devices using the one or more configuration templates and the restricted data maintained in the second cloud computing environment and not accessible to the buildout service, the restricted data comprising customer content, end user identifiable information, and access control data. 2. The system of claim 1 , wherein the buildout service determines the one or more network devices are being added to the second cloud computing environment based on each of the one or more network devices being identified as a new device in a network graph available in the first cloud computing environment. 3. The system of claim 1 , wherein the instructions further cause the one or more processors to manage, by the buildout service, manual operations performed by operating personnel to add the one or more network devices to the second cloud computing environment. 4. The system of claim 3 , wherein the buildout service manages the manual operations to add the one or more network devices to the second cloud computing environment using a ticketing system in which tickets are sent to the operating personnel identifying action items for the operating personnel to perform and tickets are closed when the action items are completed by the operating personnel. 5. The system of claim 1 , wherein the hardware proxy configures each of the one or more network devices by logging onto each of the one or more network devices using the access control data for each of the one or more network devices maintained within the second cloud computing environment, and issuing one or more commands to each of the one or more network devices to configure the one or more network devices. 6. The system of claim 1 , wherein the instructions further cause the one or more processors to validate configuration of the one or more network devices. 7. The system of claim 6 , wherein the buildout service validates the configuration of the one or more network devices by: issuing one or more validation requests to the hardware proxy and/or an SNMP proxy in the second cloud computing environment, wherein each of the one or more validation requests identifies one of the one or more network devices and requested validation data; receiving the requested validation data; and validating the configuration of the one or more network devices based on the requested validation data. 8. One or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising: receiving, at a hardware proxy in a first cloud computing environment, a request to configure a network device in the first cloud computing environment, the request including a configuration template and being received from a buildout service in a second cloud computing environment remote from the first cloud computing environment, wherein the configuration template received at the hardware proxy is pre-populated with values from non-restricted data from the second cloud computing environment available to the buildout service; updating, by the hardware proxy, the configuration template with values from restricted data maintained within the first cloud computing environment and not accessible to the buildout service, the restricted data comprising customer content, end user identifiable information, and access control data; and issuing, by the hardware proxy, one or more commands to configure the network device using the updated configuration template. 9. The one or more computer storage media of claim 8 , wherein the hardware proxy issues the one or more commands to the network device by obtaining the access control data for the network device and using the access control data to log onto the network device, the access control data being maintained within the first cloud computing environment and not accessible to the buildout service. 10. The one or more computer storage media of claim 8 , wherein the operations further comprise: receiving, from an execution service, a request for validation data to validate configuration of the network device; logging onto the network device using the access control data for the network device that is maintained within the first cloud computing environment and not accessible to the buildout service; and issuing one or more data request commands to obtain the requested validation data. 11. A computerized method comprising: determining, at a buildout service in a first cloud computing environment remote from a second cloud computing environment, that a network device is being added to a second cloud computing environment, the buildout service not having access to restricted data in the second cloud computing environment, the restricted data comprising customer content, end user identifiable information, and access control data; managing, by the buildout service, manual operations performed by operating personnel to add the network device to the second cloud computing environment; obtaining, by the buildout service, a configuration template to configure the network device; populating, by the buildout service, the configuration template with values from non-restricted data from the second cloud computing environment available to the buildout service; sending, from the buildout service to a hardware proxy in the second cloud computing environment, a configuration request to configure the network device, the configuration request including the configuration template; updating, by the hardware proxy, the populated configuration template with one or more values from restricted data maintained within the first cloud computing environment and not accessible to the buildout service; configuring, by the hardware proxy, the network device using the updated configuration template; and validating, by the buildout service, configuration of the network device. 12. The computerized method of claim 11 , wherein the buildout service determines the network device is being added to the second cloud computing environment based on the network device being identified as a new device in a network graph service provided in the first cloud computing environment. 13. The computerized method of claim 11 , wherein the buildout service manages the manual operations to add the network device to the second cloud computing environment using a ticketing system in