cloud.gov news
New S3 plan for sandboxes
In the past, we’ve had issues with users being notified of a sandbox purge even though the sandbox didn’t actually get cleared. So in order to provide a more seamless experience, cloud.gov now offers S3 service plans for sandboxes that automatically clear your S3 contents whenever your sandbox is cleared.
New custom domain service
For custom domain support, cloud.gov provides a CDN service that uses AWS CloudFront. AWS CloudFront is outside the AWS FedRAMP P-ATO boundary, so we’ve updated the CDN service documentation to explain the compliance impact of using this service more clearly.
TLS 1.0 and 1.1 support removal, Drupal 8 made easy, and platform updates
Upcoming breaking change
- We will remove support for TLS 1.0 and 1.1 connections to all applications on cloud.gov on March 30, so that all connections must use TLS 1.2. TLS 1.0 and 1.1 are outdated versions of the encryption protocol for HTTPS connections, and federal standards require federal systems to stop using them (see FedRAMP TLS Requirements). After this change, your applications will be inaccessible for anyone using a client device that requires TLS 1.1 or lower. We estimate this change will block less than 1 percent of traffic that reaches applications hosted on cloud.gov today. It’s probably required for your applications by your own agency as well, but if you have any concerns or questions, please contact us.
Elasticsearch 5.6, upcoming Cloud Foundry Summit, and platform updates
Announcements
Major outage postmortem
On Tuesday January 9 from 17:09 EST to approximately 23:42 EST (6 hours and 33 minutes), the cloud.gov platform and customer applications were unavailable. This was the longest and most significant outage in the history of our platform. No data was lost.
Note about Meltdown/Spectre vulnerabilities
cloud.gov is tracking the recent public disclosure of vulnerabilities in modern CPUs, named the Meltdown and Spectre attacks. We are taking all available steps to mitigate the impact of these vulnerabilities. No customer action is required.
A new homepage, quickstart guide, and more
We’ve been hard at work making cloud.gov work for you. We’re constantly optimizing the platform so it’s secure and meets your expectations.
Starting now, sandboxes expire after 90 days
Starting today, sandbox spaces will expire automatically every 90 days, as planned in our monthly update from November.