Vmware has just released a great guide: the official hardening guide for vSphere 5. The terminology has changed and if you are used to the version 4.1, there is a nice companion document to help you compare.
The security of the virtualization layer is fundamental for the security of the cloud infrastructures. This is acknowledged by the Cloud Security Alliance, by making it one of the domains in the guidance document and the virtualization layer is one of the root causes of the top threats to cloud computing as well.
In the hardening guide, I enjoyed the classification on component and subcomponents which helps IaaS security administrators to establish the security perimeter and prioritize the actions.
It is also important that IaaS users understand the services managed by IaaS providers “under the hood” and to draw the line between the shared responsibility of IaaS users and IaaS providers. Ed Moyle of Savvis explains it beautifully in one blog post about compensating controls in the cloud.
So, thank you Vmware for the guide!