Two years ago, we introduced Heroku Private Spaces as a new platform abstraction that combines powerful network isolation features with the seamless developer experience of Heroku.
Today we are announcing Heroku Private Space Peering, a new capability to connect the isolated Private Space network to apps and services in Amazon VPCs controlled by you. Now you can build apps in Heroku that connect securely and privately to backend systems and workloads in AWS like a directory service, a search stack, a data warehouse, or a legacy SQL database.
How It Works
Private Space Peering is available to all Heroku Enterprise customers. Setting up a peering connection takes just a few simple actions. After you have initiated the peering connection on your Amazon VPC, it will show up in the list of peerings for your Private Space in the Dashboard Network tab:
Heroku will automatically route dyno network traffic destined for your VPC network via the VPC connection ensuring that it never transits the public Internet. This allows you to expose your AWS hosted applications to Heroku apps without adding an Internet gateway and routing Internet traffic into your VPC. Similarly, you can securely connect Heroku apps to AWS services like Amazon RDS and Amazon Redshift that runs in VPCs. Peering based connectivity is guaranteed to please your network security team, shorten network review audits, and open up new PaaS use cases that previously couldn't meet security requirements.
Transforming to Cloud Native with Heroku and AWS
By now, most IT organizations are executing projects to move existing workloads to the cloud and move to cloud native architectures like 12 Factor where possible. Heroku offers many benefits in terms of developer productivity, reduced operations complexity, and simplified governance. Some workloads are more complex and require more flexibility. Therefore, many organizations follow a pragmatic strategy of using both AWS and Heroku to transform IT. With Heroku Private Space Peering, dev teams can now build apps in Heroku that connect securely and privately to existing backend systems and workloads in AWS like a directory service, a search stack, a data warehouse, or a legacy SQL database. Never before have IT teams had this kind of power and flexibility to modernize and optimize for agility without compromising security.
Learn More
For more information see the Heroku Private Spaces and VPC Peering Dev Center articles, or contact Heroku.