An official website of the United States government US flag signifying that this is a United States federal government website

Updates

For blog posts, see cloud.gov on the 18F blog.

February 10, 2017

Platform Release Notes: February 10, 2017

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past two weeks.

Added

You can download the cloud.gov Control Implementation Summary + Customer Responsibility Matrix, a summary from the FedRAMP JAB P-ATO documentation. It lists whether each Low and Moderate security control is handled by cloud.gov, shared responsibility, or customer responsibility.

Fixed

  • In the dashboard, when you reach the end of your activity log, the log no longer displays a “Show more” button. Previously this button implied there might be more content when there was not.
  • If you’re a member of many organizations, the dashboard can now display all of the spaces and apps for which you’re a member. Previously, on the overview page, some organizations would appear empty or with some spaces and apps missing.

Security

cloud.gov is now included in the 18F vulnerability disclosure policy, which gives guidelines for security researchers from the public.

See also

If you’re interested in details about recent dashboard updates, you can also see the dashboard release notes.

February 2, 2017

cloud.gov is now FedRAMP Authorized.

Now it’s easier than ever to get started with cloud.gov.

We’re delighted to announce that cloud.gov has received a FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO) at the Moderate impact level. This means that cloud.gov successfully completed a comprehensive security and compliance assessment performed by a board of the CIOs and their teams from the General Services Administration, the Department of Defense, and the Department of Homeland Security. cloud.gov is the first completely open source service to receive FedRAMP authorization. Teams can now use cloud.gov with less upfront work, so they can use cloud.gov to deliver services even faster.

Read more about how this new authorization can help your team.

Other new and improved features

Native multifactor authentication

For teams that cannot integrate their agency single sign-on authentication provider with cloud.gov, or for teammates who don’t have access to agency accounts (such as some contractors), cloud.gov now provides a built-in authentication option with multifactor authentication. This is not yet included in the FedRAMP Authorization, but teams can use it if their agency approves.

Clearer pricing and product information

We’ve been making changes to the cloud.gov website in order to make our pricing model and our offerings clearer. We will continue to make improvements to the website and can only do so with feedback from our visitors. If you have anything to share with us, drop us a line at cloud-gov-inquiries@gsa.gov.

A more functional dashboard for using cloud.gov without using the command line

Our web-based dashboard gives people an easy web-based way to manage their applications. You can see an overview of your apps, spaces, and their current state. The dashboard now offers more visual clarity between activities. And now you can edit limits on your applications with a few clicks.

Demonstration of edit mode on the cloud.gov dashboard app panel. User clicks “Modify allocation and scale” to change their application’s allocated memory and disk space.

Interested in using cloud.gov?

We can help you figure out whether the platform meets your needs.

Please complete this interest survey and we will contact you with next steps shortly.

You can also try a free Sandbox account.

If you’re curious to see how the platform works, explore cloud.gov on your own with a limited free Sandbox account. If you have a GSA or EPA email address, you can just log in. Anyone else with a .gov or .mil email address can request an invitation by emailing cloud-gov-inquiries@gsa.gov. No paperwork required.

February 1, 2017

Platform Release Notes: February 1, 2017

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past six weeks.

Added

  • cloud.gov account holders in the GovCloud environment get automated notifications of expiring passwords, starting ten days before expiration.
  • The dashboard provides a start button for stopped apps (on the app page).

Changed

  • The dashboard homepage shows a more detailed summary of all your orgs, spaces, and apps.

Fixed

  • In the dashboard on the app page’s route creation panel, available domains now appear instead of returning an error.

Security

We upgraded the Cloud Foundry deployment to v251. The base filesystem used for running your application has been updated to address several security vulnerabilities. You should restage your application to incorporate fixes in the base filesystem and ensure you’re running the most recent language version supported by your buildpack.

See also

If you’re interested in details about recent dashboard updates, you can also see the dashboard release notes.

December 28, 2016

Platform Release Notes

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past two weeks.

Added

  • You can now create S3 service keys to get direct access to your cloud.gov S3 buckets.

Changed

  • We upgraded Cloud Foundry (the underlying open source project that powers cloud.gov) to Release v250, which includes updates to buildpacks and improvements for internal components.

Security

The Cloud Foundry upgrade included updates for the base filesystem used for running your application, addressing several security vulnerabilities in that filesystem. You can restage your application to ensure you incorporate fixes in the base filesystem and are running the most recent language version supported by your buildpack.

December 21, 2016

East/West Sandbox Deprecation Notice

Update: since the time of this posting, we have postponed the cutoff date from January 15th to a new date that we expect to confirm and announce soon.

The original cloud.gov environment in AWS East/West is now officially deprecated and will be retired. We will be in touch to assist with migration of Prototyping, FISMA Moderate, and FISMA Low organizations to the new environment shortly.

Sandbox organizations in AWS East/West will be retired as of January 15. We will be deleting these sandbox organizations after this date. If you have hosted anything in a sandbox space that you would like to preserve, you must back it up or migrate it to the new environment yourself.

Required steps

  1. Create a GovCloud sandbox space.
    • EPA, FDIC and GSA users log into dashboard.fr.cloud.gov.
    • All others please request an invitation by contacting cloud-gov-inquiries@gsa.gov.
  2. Using the Cloud Foundry command line interface (CLI) cf run the command cf login -a api.fr.cloud.gov --sso and follow the instructions.
  3. (Optional) Migrate your application.

Background

We heard loud and clear that a FedRAMP Moderate JAB P-ATO for cloud.gov would be critical to ensuring cloud.gov could be used in production for most federal agencies. Getting that ATO required hosting on AWS GovCloud instead of AWS East/West so we have created a new and improved version of cloud.gov there. We anticipate receiving JAB P-ATO for cloud.gov in January, 2017. The new version of cloud.gov includes additional features that many have asked for, including: more reliable and faster SSH, better services, easy custom domains and IPv6 support. We are now opening access to this new environment to everyone. Find out more about the changes.

December 14, 2016

Platform Release Notes

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past two weeks.

Added

  • New dashboard features:
    • On an application page, you can now edit the number of application instances, instance memory, and disk quota.
    • Org and space level views now include a quick overview of the health of application instances.

Changed

  • We upgraded Cloud Foundry (the underlying open source project that powers cloud.gov) to Release v249 (see also Release v248), which includes updates to buildpacks and improvements for internal components.
  • Changes in Cloud Foundry require an upgrade to the latest version of the command line interface (CLI) client (cf) in order for cf logs to work properly. Please upgrade your local version to the latest version (installation instructions).

Fixed

  • The latest Cloud Foundry command line interface client (available here) addresses an issue where inspecting application logs returned errors.
  • We updated the cloud.gov account creation form to include previously-missing information about password requirements.

Security

The Cloud Foundry upgrade included updates for the base filesystem used for running your application, addressing several security vulnerabilities in that filesystem. You can restage your application to ensure you incorporate fixes in the base filesystem and are running the most recent language version supported by your buildpack.

November 30, 2016

Platform Release Notes

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past two weeks.

Added

  • The dashboard now allows restarting of apps from the app page.

Changed

  • We upgraded Cloud Foundry (the underlying open source project that powers cloud.gov) to Release v247, which includes updates to buildpacks and improvements for internal components.

Fixed

  • Dashboard: We fixed an issue that prevented creating service instances on the marketplace page.

Security

The base filesystem used for running your application has been updated to address several security vulnerabilities. You can restage your application to ensure you incorporate fixes in the base filesystem and are running the most recent language version supported by your buildpack.

November 18, 2016

Platform Release Notes

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past four weeks.

Added

  • cloud.gov supports the .NET Core buildpack (learn about buildpacks).
  • You can invite teammates who aren’t in agencies with supported single-sign-on authentication (GSA, EPA, FDIC). After you invite them, they can log in by creating a cloud.gov account with multi-factor authentication.
  • The dashboard shows the current memory, disk usage and quota limits for apps.
  • You can create deployer accounts programmatically.
  • For FDIC users: you can log into cloud.gov using your agency single-sign-on credentials.

Changed

  • We upgraded Cloud Foundry (the underlying open source project that powers cloud.gov) to Release v246, which includes updates to buildpacks and improvements for internal components.

Security

You can restage your application to incorporate the latest security fixes and ensure you’re running the most recent language version supported.

July 19, 2016

Full steam ahead on FedRAMP assessment

Over on the 18F team blog, we’ve posted an update on cloud.gov’s FedRAMP assessment progress. In short: we’ve passed the FedRAMP Ready milestone, and we expect to receive FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO) in November. More details in the post!

July 7, 2016

Today’s Dashboard update (formerly the “Deck”)

Today we released a new version of the cloud.gov Deck (now Dashboard). The best part is invisible: we refactored the codebase so we can improve it much faster than we could with the old version. But it has visible changes too, so here’s what’s new, what we have in mind, and how to tell us what you think.

We’ll keep the old Deck around for about a week and then will redirect it to this new version. Let us know if this would cause problems for you.

What’s new and different

  • Name: We took this opportunity to rename it from the “Deck” to the “Dashboard”, since that’s what people usually call it.
  • Style: It fits into the overall cloud.gov style and navigation! So for example, when you’re in the Dashboard troubleshooting something, you can easily go look at documentation and status.
  • Navigation: Navigating to your orgs, spaces, and apps is simpler: the sidebar displays a straightforward list of the orgs and spaces in your account, along with the marketplaces available for your orgs. You won’t have to click as many menus to do common tasks.
  • Labels: Data about your apps has unit labels to identify whether numbers are in GB or MB.
  • Code: The Dashboard’s refactored codebase has better tests and less repetition.
  • More potential for open source collaboration: This improved codebase will help us encourage reuse and contributions by outside-18F teams that are also building tools on top of Cloud Foundry.

What’s missing in this version

  • App management options: This version doesn’t include all the earlier Deck’s options for managing apps (such as starting/stopping them, binding services, and updating routes). Instead, it links to documentation for those tasks on the command line. These web options weren’t used much, and we’re researching whether we should prioritize rebuilding them. (We’re curious what you think.)
  • App logs and events: The Dashboard now points to logs.cloud.gov for viewing app logs and events, instead of duplicating it.
  • Quota meter: We didn’t re-implement the small quota indicator from the old Deck, since it was mostly mysterious to people. We’re researching how to helpfully explain your quota usage.
  • Perfectly bug-free experience: We have a list of known bugs — please feel free to file more if you notice something weird or broken.

What we’ve heard that people want

As we figure out next steps, we know that people want the Dashboard to help them:

  • Understand how to use cloud.gov
  • Troubleshoot apps that are having problems
  • Do more tasks that are only available on the command line
  • Get insight into quotas and billing

We’d like your thoughts

Everyone can file issues for bugs and suggestions. If you’re in 18F, come talk to us about the Dashboard in #cloud-gov-navigator. If you’re a cloud.gov user outside 18F, you can send thoughts and questions to us at cloud-gov-support@gsa.gov.

June 15, 2016

Changes to login and cf-ssh

Earlier this month we updated cloud.gov login and cf-ssh in ways that mean most cloud.gov users need to change how they use them. You’ve probably already made these changes if you need to (we sent email notifications to people who should log in using the new system), but here are the details as a handy reference.

For GSA and EPA, your cloud.gov login is now your agency login

We updated how @gsa.gov and @epa.gov accounts authenticate with cloud.gov. When you log in, use your official agency credentials instead of your old cloud.gov-specific username and password. Here’s how:

  • On the web: At https://login.cloud.gov/, select the button for your agency and enter your agency credentials (the same credentials you use for your agency’s own services).
  • On the command line: Use the new command listed at Setting up the command line for agency accounts: cf login -a api.cloud.gov --sso

This update improves the security of these accounts because you’re now using your agency’s existing multi-factor authentication system. This is a step in our progress toward FedRAMP compliance and certification for cloud.gov.

Use the new version of cf-ssh

If you use cf-ssh for running one-off commands, we released version 3 on June 2. Please download and use that latest version.

If you haven’t updated cf-ssh, you may get this error when you try to use it:

Initiating tmate connection...success
ssh: Could not resolve hostname tmate.18f.us: nodename nor servname provided, or not known

That usually means you need to update cf-ssh to our latest version.

February 12, 2016

Logging service

New feature: Zero-setup persistent logs.

Given the universal need for compliant logging, we’ve recently added a common logging facility to cloud.gov. Now, logs and events for every cloud.gov application are stored and indexed automatically, with zero setup required.

For more information about this feature, please see our documentation about logging.

Now that cloud.gov provides platform-level logging, the ELK service we previously provided will be deprecated. If you are still using it, we recommend you delete the instance whenever is convenient to reduce your resource usage (and hence costs).

If you have feedback about this service, please don’t hesitate to contact us.

September 14, 2015

Even more console features and a new home for updates

Now you can view log and event data for your apps and adjust permissions for your org and spaces via the web. We’re also publishing these updates via cloud.gov.

View log and event data for your apps in the console

When you take a look at the details for an application via the cloud.gov console, you’ll now be able to see any recent logs generated by your application, as well as a list of recent deployment events from cloud.gov itself.

Adjust permissions for your orgs and spaces in the console

It’s now possible to inspect and adjust the permissions for the individual orgs and spaces you control.

Updates now published via the cloud.gov website

We’ve also started consolidating announcement about updates to cloud.gov, like this one, on cloud.gov! Check it out.

Want to know more?

Follow our team:

That’s all for now…

September 1, 2015

Status page and console additions

We’ve added a new status page to show you the state of the cloud.gov platform, and we’ve made significant upgrades in your ability to manage your apps via the web.

Status Page

As production use of cloud.gov ramps up, it’s important that you have a constant picture of the platform’s status, which may affect your product’s operations and availability.

We’re now providing this visibility via the cloud.gov Status Page, where you’ll be able to see at a glance:

  • When there are any ongoing or recent degradations in service
  • When any maintenance is planned or recently completed

We’ve proactively subscribed existing users to that page, so there’s no need for any action on your part… You’ll be notified via e-mail whenever problems are identified, or when planned maintenance is expected to impact your application’s availability. However, you can also use the subscription control at the upper-right of the page to subscribe to updates via texts or Atom/RSS feed if you so choose.

Console Improvements

In addition to the command-line client, the cloud.gov web-based console has now entered an alpha state. You can use the console to review your organizations and spaces, and manage the state of your applications, services, and routes. Creation of accounts, orgs, and spaces is still managed via GitHub request.

Here are examples of actions now possible via the magic of your Interweb-capable browsing apparatus:

  • Traverse the layout of your accessible organizations and spaces
  • Control access to your owned orgs and spaces for other accounts
  • Browse a list of available services and provision new instances
  • Bind service instances with specific applications
  • Edit the routes that will bring user traffic to an application
  • Inspect the live resource utilization of a running application
  • Restart stopped or misbehaving applications

If you’ve not taken a look in a while, please check it out!

Note I said above the console is in “alpha” state, and really it’s more of an MVP. Please report problems or feature requests or better yet, make pull-requests via GitHub. (Side note: We are short-handed on front-end/design/UI resources, so any quick help anyone can offer, even if it’s just some help with our IA, would be very VERY welcome!)

Other stuff

We’re now publishing our roadmap in story-map form in case anyone wants to get a peek at what we’re focused on now and what we’re juggling for the future. Our focus right now is: Buttoning up loose ends that prevent us from offering cloud.gov to other agencies.

Our intra-sprint kanban board is also visible, as is the calendar of cloud.gov team rituals for anyone who would like to attend.

That’s all for now…

May 29, 2015

Updates for the week of 5/29/2015

Platform:

  • Upgraded to release 210
  • Binary and Static buildpacks are now built in the deployment
  • Added Newrelic Insights and Plugins for platform monitoring data

Services:

  • The rds service now encrypts the passwords