2

I might get shot down for being too vague / opinion-based, whatever. But this is a serious question, and despite Heroku's great documentation on how add-ons work, I cannot for the life of me figure out what they do (i.e. what is the unifying theme that defines an "addon").

As far as I can tell, they create what seems to amount to an API for your app, that external providers can interact with in a generic way (i.e. the SendGrid team doesn't have to configure their service to work with every Heroku app that provisions an add-on). That way (continuing the example above), SendGrid can pull information into their service from your app, write to your app, etc. etc.

What I'm even more unsure about is what the limits of this are. Would these operations be tied to my particular SendGrid account, be able to be used by SendGrid in general, both, or other. Are there permissions? Can I secure my data or my user's data against malevolent SendGrid employees after I provision an add-on?

Am I right? Is there anything more to it?

NotAnAmbiTurner
  • 2,553
  • 2
  • 21
  • 44

1 Answers1

3

Addons are really quite simple. Basically, it's a way for vendors to use Heroku's billing system to provision some 'add on' service that you might find useful.

Let's use Heroku Postgres as an example. It's the most popular addon available. As a user with a Heroku app, if you run the heroku addons:create heroku-postgresql command, here's what happens:

  • An API request is sent from your laptop to Heroku saying "provision a Heroku database for me!"
  • Heroku gets this API request, and forwards it to the addon provider (Heroku Postgres in this case).
  • Heroku Postgres gets a provision API request along with your Heroku app name, provisions a new database for you, and then sets some environment variables in your Heroku app (DATABASE_URL).
  • From this point on, Heroku will start billing you for the Heroku Postgresql addon (depending on what plan you picked, and for how long you use it).
  • Every month Heroku will then charge you money for your apps AND your addons, and pay the addon provider their cut of the money.

The main benefit to using addons as opposed to going to a database vendor's website directly, purchasing a database, and then creating your OWN environment variables is this:

  • Unified billing. Heroku bills you for all the services you use in one place on one credit card. This is easier to track for a lot of companies.
  • You get to use Heroku's support system to interact with ALL the vendors you use. This makes getting support a lot simpler.
  • You are always guaranteed to pay for only what you use. If you provision a Heroku addon and then remove it 10 seconds later, you're only charged for 10 seconds worth of usage. If you buy a database from a vendor directly, they'll usually charge you in different ways which are usually more expensive for you.

To see the full addon API, you can check out this link: https://devcenter.heroku.com/articles/add-on-provider-api

In general, addons are just a nice convenient way of provisioning useful services you probably already use for your applications.

They provide no security benefits or drawbacks. They are completely neutral. Think of them as a convenience factor, they won't at all affect account security / etc.

rdegges
  • 32,786
  • 20
  • 85
  • 109
  • Okay, interesting. So what you're telling me is that Heroku doesn't host the postgres DB in house (which is what I had assumed)? Might you know what the in-house portions of Heroku (if any) are? I'm assuming there's a DNS -- is it any more than that? – NotAnAmbiTurner Oct 22 '15 at 22:38
  • 1
    Nope! Heroku addons are all separate entities. Each one is an independent provider. Heroku just so happens to run several addons themselves, but they follow the exact same rules -- nothing special. – rdegges Oct 23 '15 at 03:45