Add-on Controls

Last updated 27 February 2016

This feature is currently available in Heroku Enterprise.

Add-on controls let organization admins control which add-ons can be used with apps in the organization. Enabling the add-on controls feature restricts non-admin organization members from installing add-ons that are not on the approved add-ons whitelist.

Setting up the add-ons whitelist

To set up the add-ons whitelist:

  1. Navigate to the organization’s Settings page. “Add-on Controls,” contains the approved list of whitelisted add-ons.
  2. In the search box, type the name of the add-on you would like to approve.
  3. Click the add-on to add it to the whitelist.

Addons-Controls-Dashboard

After the add-on whitelisting restrictions are enabled, the approved add-ons on this list are the only ones members can install to apps in the organization.

To enforce the add-on controls, click the button that says “Enable Add-ons Whitelisting Restrictions.”

Enabling the controls does not cause any currently provisioned add-ons to stop working, but it prevents add-ons that are not on the whitelist from being installed from now on.

Handling whitelist exceptions and overrides

Whitelist exceptions are add-ons that are currently in use by at least one app in your organization, but are not on the add-ons whitelist.

Addons-Controls-Exceptions

The primary reason for an add-on to appear on this list is that it was installed before the add-on controls were enabled.

A second reason that an add-on may appear as a whitelist exception is that it has been installed by an admin. Admins have the ability to override add-on controls by installing an add-on using the CLI. The ability to override add-on controls allows admins to try out an add-on before placing it on the whitelist, or to grant a “one-off” installation request by personally installing an add-on to the relevant app. In either case, this usage is tracked and the add-on will appear on the whitelist exceptions list.

To learn more about the usage of the add-on, click on the number of installs (displayed to the right side of the add-on name). This reveals information about which apps have the add-on installed and the date of installation.

Browsing and installing whitelisted add-ons

Team members can browse the subset of add-ons available for install in their organization using the “Filter by Organization” drop-down menu on the Elements page. You must be signed in to do this.

Addons-Controls-Elements

Addons-Controls-Details

Add-on installation restrictions

Add-ons that are not whitelisted for use are marked as restricted and cannot be installed. As an organization member, if you see a restricted add-on that you would like to use, talk to your admin about getting it whitelisted.

On a user’s personal apps that are not part of the organization, all add-ons will still be installable.

Addons-Controls-Restricted

Feedback on add-on controls

As always, we welcome any feedback you have on this feature. Please reach out to us at addons-feedback@heroku.com or contact us via support.

Feedback

Log in to submit feedback.