cloud.gov news

For custom domain support, cloud.gov provides a CDN service that uses AWS CloudFront. AWS CloudFront is outside the AWS FedRAMP P-ATO boundary, so we’ve updated the CDN service documentation to explain the compliance impact of using this service more clearly.

Upcoming breaking change

• We will remove support for TLS 1.0 and 1.1 connections to all applications on cloud.gov on March 30, so that all connections must use TLS 1.2. TLS 1.0 and 1.1 are outdated versions of the encryption protocol for HTTPS connections, and federal standards require federal systems to stop using them (see FedRAMP TLS Requirements). After this change, your applications will be inaccessible for anyone using a client device that requires TLS 1.1 or lower. We estimate this change will block less than 1 percent of traffic that reaches applications hosted on cloud.gov today. It’s probably required for your applications by your own agency as well, but if you have any concerns or questions, please contact us.

Announcements

On Tuesday January 9 from 17:09 EST to approximately 23:42 EST (6 hours and 33 minutes), the cloud.gov platform and customer applications were unavailable. This was the longest and most significant outage in the history of our platform. No data was lost.

cloud.gov is tracking the recent public disclosure of vulnerabilities in modern CPUs, named the Meltdown and Spectre attacks. We are taking all available steps to mitigate the impact of these vulnerabilities. No customer action is required.

We’ve been hard at work making cloud.gov work for you. We’re constantly optimizing the platform so it’s secure and meets your expectations.

Starting today, sandbox spaces will expire automatically every 90 days, as planned in our monthly update from November.

We’ve been hard at work shipping out new features to help you make your apps better, more secure, and improve your experience developing and deploying them. There’s a lot more in here than usual. We hope you see some features and additions in here that you’ve been waiting for. As always, get in touch with us if you have any questions or feedback about these features. See you next month.