Supporting Private Spaces as an Add-on Partner
Last updated 13 July 2020
Table of Contents
Heroku Private Spaces allow you to run dynos within an isolated environment. Add-on partners can easily allow their add-ons to be used in Private Spaces apps with a few changes to provisioning flow. More info on add-on support in Private Spaces.
When a customer requests an add-on for a Heroku Private Spaces app, this will be indicated via a special region attribute sent to your integration endpoint.
Supporting Heroku Private Spaces
You can follow these steps to integrate your add-on with Heroku Private Spaces:
- Ensure your add-on infrastructure is ready to provision add-ons in the regions you want to support,
- Use the heroku addons-admin CLI plugin to update your add-on manifest to include the relevant Private Space regions as defined in the manifest region field,
- Inspect the region field included in a provision request,
- Create your add-on instance in the region best suited to minimize latency, and
- Complete and respond to the provisioning request normally with your add-on configuration parameters.
After you’ve updated your manifest region field with the correct Private Space regions, your add-on’s elements page, the Add-on Runtime Availability list and other Heroku properties will update to display the new settings.
Plan Availability
We assume by default that all plans are available in all regions. If you’d like to make only some plans available in Private Spaces, you can:
- Add a new
Available in Private Spaces?boolean feature in the add-on partner portal under theFeatures & Planstab, - Configure the feature correctly for each plan to articulate Private Space availability,
- Return a
422status code when a plan not available in a Private Space is requested in a Private Space region. Be sure to create a usefulmessageattribute explaining why the provisioning was rejected.
Security
Traffic between your add-on and the Private Space will go out over public internet routes. End-to-end transport layer encryption is key. We don’t currently support directly peered connections for third party add-on partners.