Supporting Private Spaces as an Add-on Partner

Last updated 02 May 2018

Heroku Private Spaces allow you to run dynos within an isolated environment. Add-on partners can easily allow their add-ons to be used in Private Spaces apps with a few changes to provisioning flow. More info on add-on support in Private Spaces.

When a customer requests an add-on for a Heroku Private Spaces app, this will be indicated via a special region attribute sent to your integration endpoint.

Supporting Heroku Private Spaces

You can follow these steps to integrate your add-on with Heroku Private Spaces:

1. Ensure your add-on infrastructure is ready to provision add-ons in the regions you want to support,
2. Use the kensa tool to update your add-on manifest to include the relevant Private Space regions as defined in the manifest region field,
3. Inspect the region field included in a provision request,
4. Create your add-on instance in the region best suited to minimize latency, and
5. Complete and respond to the provisioning request normally with your add-on configuration parameters.

Plan Availability

We assume by default that all plans are available in all regions. If you’d like to make only some plans available in Private Spaces, you can:

• Add a new Available in Private Spaces? boolean feature in the add-on partner portal under the “Features & Plans” tab,
• Configure the feature correctly for each plan to articulate Private Space availability,
• Return a 422 status code when a plan not available in a Private Space is requested in a Private Space region. Be sure to create a useful message attribute explaining why the provisioning was rejected.

Security

Traffic between your add-on and the Private Space will go out over public internet routes. End-to-end transport layer encryption is key. We don’t currently support directly peered connections for third party add-on partners.