Heroku publishes API for its platform cloud

Amazon piggybacker wants kids of its own

Heroku has released the public beta of a platform API to help its developers build apps and services that sit on top of its PaaS, which in turn sits on Amazon Web Services.

With the platform API, Heroku is letting developers "automate, extend and combine Heroku with other services," the company wrote on Thursday. This lets you build a service which sits on a platform (Heroku) that sits on a virtualized infrastructure cloud (Amazon).

Potential use cases include automating workloads, combining Heroku with other services, and building apps for controlling Heroku environments from smartphones and tablets.

A handy way of thinking about this is that Heroku is a pilot fish to Amazon's great big shark, and now Heroku has made an API available that could let developers build little complementary Heroku fish.

"Someone developing a self-hosted blog could create a tool to automatically build up all the required settings for a blog into a user's account. Or someone running a continuous integration server could use this to manage test runs on Heroku or [deployments] based on passing tests," Wesley Beary who heads up Heroku's API team, told The Register via email.

"IDEs can use the API to provide insight into the running version of the code as you edit it," he says. "You can also build tools to help you bootstrap apps or ensure apps match your expectations (especially across environments, like staging vs production)."

The API uses HTTP and JSON to transfer data. Available methods include DELETE, GET, HEAD, PATCH, PUT, and POST, with comprehensive documentation available.

"Previously our API was focused on providing for our internal needs as we developed toolbelt and dashboard. As a private, undocumented API falls short of external needs, we have iterated toward a better designed and documented, supported way to extend and build upon Heroku platform primitives," Beary says.

The availability of the API follows Heroku's recent expansion into Europe via renting resources in Amazon Web Services' major European data center hub. Amazon operates its own platform-as-a-service via Elastic Beanstalk, which is handy for developers building apps within an IaaS-heavy environment, but has fewer features than Heroku for those devs who want to stay away from infrastructure entirely.

As computing is steadily being abstracted further and further away from underlying hardware, companies piggybacking on the growth of megaclouds are in a bind – do they keep on automating the middleware and management and hope Amazon doesn't clone their service, do they keep on fleeing up the stack, or do they become brokers and manage other clouds?

With the public API, Heroku is trying to run up the stack and maintain developer loyalty in the process. ®

Other stories you might like

  • Having trouble finding power supplies or server racks? You're not the only one
    Hyperscalers hog the good stuff

    Power and thermal management equipment essential to building datacenters is in short supply, with delays of months on shipments – a situation that's likely to persist well into 2023, Dell'Oro Group reports.

    The analyst firm's latest datacenter physical infrastructure report – which tracks an array of basic but essential components such as uninterruptible power supplies (UPS), thermal management systems, IT racks, and power distribution units – found that manufacturers' shipments accounted for just one to two percent of datacenter physical infrastructure revenue growth during the first quarter.

    "Unit shipments, for the most part, were flat to low single-digit growth," Dell'Oro analyst Lucas Beran told The Register.

    Continue reading
  • Mega's unbreakable encryption proves to be anything but
    Boffins devise five attacks to expose private files

    Mega, the New Zealand-based file-sharing biz co-founded a decade ago by Kim Dotcom, promotes its "privacy by design" and user-controlled encryption keys to claim that data stored on Mega's servers can only be accessed by customers, even if its main system is taken over by law enforcement or others.

    The design of the service, however, falls short of that promise thanks to poorly implemented encryption. Cryptography experts at ETH Zurich in Switzerland on Tuesday published a paper describing five possible attacks that can compromise the confidentiality of users' files.

    The paper [PDF], titled "Mega: Malleable Encryption Goes Awry," by ETH cryptography researchers Matilda Backendal and Miro Haller, and computer science professor Kenneth Paterson, identifies "significant shortcomings in Mega’s cryptographic architecture" that allow Mega, or those able to mount a TLS MITM attack on Mega's client software, to access user files.

    Continue reading
  • HashiCorp tool sniffs out configuration drift
    OK, which of those engineers tweaked the settings? When infrastructure shifts away from state defined by original code

    HashiConf HashiCorp has kicked off its Amsterdam conference with a raft of product announcements, including a worthwhile look into infrastructure drift and a private beta for HCP Waypoint.

    The first, currently in public beta, is called Drift Detection for Terraform Cloud, and is designed to keep an eye on the state of an organization's infrastructure and notify when changes occur.

    Drift Detection is a useful thing, although an organization would be forgiven for thinking that buying into the infrastructure-as-code world of Terraform should mean everything should remain in the state it was when defined.

    Continue reading

Biting the hand that feeds IT © 1998–2022