News
- News
- Last Updated: July 23, 2019
- Scott Truitt
There are many reasons to choose Heroku Data services, but keeping the services you use secure and up-to-date rank near the top. This foundation of trust is the most important commitment we make to our customers, and frequent and timely maintenances are one way we deliver on this promise.
We do everything we can to minimize downtime, which is typically between 10 – 60 seconds per maintenance. There are ways for you to minimize disruption too (see the tips and tricks below). The rest of the post explains how we think about Heroku Data maintenances, how we perform them, and when we perform them.
Hackers exploit known but unpatched vulnerabilities or out-of-date software. Minimizing the time between when a patch or update becomes available and when it gets deployed is the most effective means of limiting damage. There’s nothing worse than seeing your company’s high-profile breach at the top of Hacker News and the Wall Street Journal.
This business and reputation risk is real. Like you, we’re faced with the same choice. We believe it’s best to budget some prevention time upfront for patching and updating data services. Otherwise, an incident may cost us (and you) a larger amount of remediation time and effort, to say nothing of the potential damage done to our (and your) brand, business, and customers.
That’s why we invest significant engineering, security, and operations effort into creating a proactive security posture that keeps your stack up-to-date through frequent, scheduled maintenances.
- News
- Last Updated: May 22, 2019
- Scott Truitt
Today, we're thrilled to announce Heroku Postgres via PrivateLink, a new integration that enables customers to seamlessly and securely connect Heroku Postgres databases in Private Spaces to resources in one or more Amazon VPCs. Heroku Postgres via PrivateLink connections are secure and stable by default because traffic to and from Heroku Postgres stays on the Amazon private network; once a PrivateLink is set up, there is no brittle networking configuration to manage. As always, security …
- News
- Last Updated: May 16, 2024
- Becky Jaimes
The data we store holds value, but refining data into meaning remains a difficult task. Over the last few months, we've taken a step back to figure out what we can do to help our users cross that divide, and rebuilt Heroku Dataclips from scratch with that goal in mind. The result is an experience that makes accessing and working with your data easier than ever, enabling anyone on your team familiar with SQL to …
- News
- Last Updated: March 21, 2019
- Becky Jaimes
After a successful two-month Beta period, PostgreSQL 11 is now the default version for all new provisioned Heroku Postgres databases. All Postgres extensions, tooling, and integration with the Heroku developer experience are ready to use, giving you the power of PostgreSQL 11 with the ease and usability of Heroku for building data-centric applications.
We'd like to re-emphasize a few features – among the many released in Postgres 11 – that we are particularly excited about.
- News
- Last Updated: June 03, 2024
- Vikram Rana
2018 was an amazing year for Heroku and our customers. We want to extend a big thank you for your feedback, beta participation, and spirit of innovation, which inspires us every day to continuously improve and advance the platform.
In the past year, we released a range of new features to make the developer experience more productive, more standards based, and more open. We achieved significant compliance milestones, provided trust controls for creating multi-cloud apps, …
- News
- Last Updated: December 05, 2018
- Khushboo Goel
We are happy to announce two major improvements to our SSO experience for Heroku Enterprise customers: easier SSO login for users via the Heroku CLI, and the ability for admins to add more than one certificate at the Enterprise Team level.
Logging into all your different cloud applications can be a pain. We know that many of you like to use Heroku via the command line interface and in your web browser side-by-side, and until …
Last October, we announced the ability for you to deploy pre-built Docker images to Heroku via Container Registry. Today, building Docker images with heroku.yml is generally available; you can now:
- Use git push heroku master to build your Docker images on Heroku
- Take advantage of review apps in Docker-based projects
For most teams, using containers in production requires you to spend time setting up and maintaining complex infrastructure. By using heroku.yml to build your Docker …
- News
- Last Updated: June 03, 2024
- Terence Lee
Your Heroku application’s journey to production begins with a buildpack that detects what kind of app you have, what tools you need to run, and how to tune your app for peak performance. In this way, buildpacks reduce your operational burden and let you to spend more time creating value for your customers. That’s why we’re excited to announce a new buildpack initiative with contributions from Heroku and Pivotal.
The Cloud Native Computing Foundation (CNCF) …
- News
- Last Updated: September 13, 2018
- Michael Friis
Today we're excited to announce Site-to-Site Virtual Private Network (VPN) support for Heroku Private Spaces. Heroku customers can now establish secure, site-to-site IPsec connections between Private Spaces on Heroku and their offices, datacenters and deployments on non-AWS clouds.
VPN is a powerful, proven and widely-adopted technology for securely combining multiple networks (or adding individual hosts to a network) over encrypted links that span the public Internet. VPN is well-understood and in use by most enterprise IT departments, and is supported on all major cloud providers and by a range of hardware and software-based systems.
- News
- Last Updated: September 13, 2018
- Michael Friis
Today we’re announcing a powerful new network control for apps running in Heroku Private Spaces: Internal Routing. Apps with Internal Routing work exactly the same as other Heroku apps, except the web process type is published to an endpoint that’s routable only within the Private Space and on VPC and VPN peered networks (see the Private Space VPN support companion post). Apps with Internal Routing are impossible to access directly from the public internet, improving security and simplifying management and compliance checks for web sites, APIs and services that must not be publicly accessible.
Subscribe to the full-text RSS feed for News.