GOV.UK PaaS onboarding

This sets out the typical journey for building a public-facing service with an in-house development team. It assumes you're building according to the Digital Service Standard and the Service Manual. If you're migrating an existing application, or working with suppliers there are additional factors to consider; we discuss these at the bottom.

1. Initial evaluation

2. Collaborate with your team on the platform

3. By the end of the trial period

  • Sign Memorandum of Understanding (MOU)
  • Move onto the appropriate paid tier given the needs of your service
  • Work with Finance colleagues to set up billing arrangements
  • Engage with your Information Security/Assurance colleagues to begin the process of accreditation; we can provide the PaaS documentation if they want to review it

4. Build towards private beta

  • Set up ‘spaces’ for each of your service’s environments - integration, staging, production - and link them to your CI service
  • Configure each environment with the proper backing services; these are often small and open in integration, but high-availability and encrypted in production
  • Turn on extra instances of key apps in production to get high availability
  • Continue development, trying out backing services and app ideas on a pay-as-you-go basis
  • Add user-provided services such as logging*, file storage*, antivirus etc.
  • Add features to integrate with any legacy APIs
  • Procure a monitoring and alerting solution* and add key metrics; these will be specific to your application and can’t be provided by the platform automatically

5. Enter private beta

  • Work with your SIRO to get authority to operate your service with small amounts of production data
  • Request a URL
  • Use the platform marketplace to turn on a CDN using your trial domain name
  • Move to an appropriate paid platform support plan
  • Iterate your application support model

6. During private beta

  • Iterate your service during private beta, based on real user feedback and any incidents
  • Your accreditor should want you to arrange penetration testing at various stages throughout development; always give us a week’s notice of this
  • Reconfigure or add new backing services as needed

7. After your beta service assessment

  • change your support plan
  • request a new URL and re-configure the CDN

8. Enter the public beta phase with your service

  • Continue to iterate your service based on user feedback and production needs, adding other services (e.g. autoscaling) where needed
  • Pass final assessment

9. After live assessment

  • Keep your dependencies up to date
  • Be ready to redeploy if there are vulnerabilities in language runtimes

* These services may be available through the PaaS platform in the future rather than as separate procurements; please see our roadmap for more information

Suppliers developing on GOV.UK PaaS

Services must always be owned by a civil servant who will take responsibility for the supplier's usage and spend. They can request accounts for supplier team members, and can delegate further account creation where appropriate. If you are a supplier wanting to do speculative investigation on GOV.UK PaaS please raise a support ticket and our engagement team will contact you.

Migrating an existing service to GOV.UK PaaS

To contact us during working hours, use our support email address, .

An existing service will normally have made technology choices, and changing these will come with some switching costs. Our roadmap shows the technologies we support, both now and in the future. Bear in mind that we are always looking for private beta partners for new features, which may align with your development cycle.

There may be some work involved in making your applications follow the 12-factor app principles, or separating out a monolithic service into components.

Some issues may also only be visible when using production-scale data, and where necessary we may grant short-term access to any paid services; however tenants will need to be careful if using production data.