Today we are announcing Heroku Private Space Peering, a new capability to connect the isolated Private Space network to apps and services in AWS VPCs controlled by you. Now you can build apps in Heroku that connect securely and privately to backend systems and workloads in AWS like a directory service, a search stack, a data warehouse, or a legacy SQL database.
Private Space Peering is available to all Heroku Enterprise customers. Setting up a peering connection takes just a few simple actions. After you have initiated the peering connection on your AWS VPC, it will show up in the list of peerings for your Private Space in the Dashboard Network tab:
Heroku will automatically route dyno network traffic
for your VPC network via the VPC connection ensuring that it never transits the public Internet. This allows you to expose your AWS hosted applications to Heroku apps without adding an Internet gateway and routing Internet traffic into your VPC. Similarly, you can securely connect Heroku apps to AWS services like RDS and Redshift that runs in VPCs. Peering based connectivity is guaranteed to please your network security team, shorten network review audits, and open up new PaaS use cases that previously couldn't meet security requirements.
By now, most IT organizations are executing projects to move existing workloads to the cloud and move to cloud native architectures like 12 Factor where possible. Heroku offers benefits over raw AWS in terms of developer productivity, reduced operations complexity, and simplified governance. But not all workloads are suited for Heroku’s platform abstraction. Therefore, many organizations follow a pragmatic strategy of using both AWS and Heroku to transform IT. With Heroku Private Space Peering, dev teams can now build apps in Heroku that connect securely and privately to existing backend systems and workloads in AWS like a directory service, a search stack, a data warehouse, or a legacy SQL database. Never before have IT teams had this kind of power and flexibility to modernize and optimize for agility without compromising security.
If you’re attending Dreamforce, make sure to catch the Private Spaces session on Tuesday, November 7 at 430pm or stop by the Heroku booth. Or, if you’re attending AWS re:Invent come check out our joint technical session with AWS. For more information see the Heroku Private Spaces and VPC Peering Dev Center articles, or contact Heroku.