The best of both worlds

Private Spaces is a new Heroku runtime that delivers the best of both worlds; the simplicity and success of the Heroku experience delivered as a service, combined with isolation, network and trust controls historically only available in on-premise, behind the firewall deployments. With Heroku Private Spaces, companies no longer have to choose between the experience and success of the cloud, and stringent security controls - making Heroku ready for the most demanding enterprise applications. Private Spaces is currently only available for Heroku Enterprise customers.

Combine PaaS with enterprise-grade network control features

Private Spaces combine the best of PaaS with enterprise-grade features traditionally only available with on-prem data centers. The best of PaaS means easy deployment, scaling, and devops. The enterprise-grade features Private Spaces brings to this are centered around security, dedication, isolation, and network control - perfect for many kinds of sensitive apps, data, and microservices.

A private, dedicated, distributed application runtime

A Private Space consists of a private, dedicated, distributed application runtime inside a customizable network boundary. Once a Space is created, the developer experience is almost entirely the same as with traditional Heroku. You push code in the same way, you use for scaling in a similar way, and the Add-ons ecosystem is available in a similar way. (Some Add-ons, such as Heroku Postgres and Heroku Redis, can also be created "inside" the Private Space for enhanced isolation.) A few management components are still "common" — helping to preserve the Heroku developer and management experience — while everything to do with running your apps and keeping them healthy is private and dedicated.

Getting Started

Private Spaces are available to Heroku Enterprise customers and can be created in either the Heroku Dashboard (look for the "Spaces" tab) or the Heroku CLI (see "heroku help spaces"). Spaces are billed via Add-on credits.

A single click creates "your own private Heroku", in your choice of region, with a configurable network boundary — all while preserving the powerful Heroku developer experience and ecosystem. You still use "git push heroku master" to push code and "heroku addons:create" to use an Add-on, and you can still instantly scale. Except now your apps and data are on a private runtime in a private network, in a region of your choice, with configurable isolation.

Please read the Heroku Spaces Dev Center article carefully for more information before creating or using a Space.