Cloud.gov Platform Capabilities
Overview
Cloud.gov is a FedRAMP Moderate–authorized Platform as a Service (PaaS) that abstracts server, network, and operating‑system management so federal teams can focus on mission software. The platform delivers:
- Turn‑key security & compliance – ~155 inheritable controls and continuous monitoring artifacts (package ID F1607067912).
- Self‑service app runtime – push code with the
cf pushcommand; the platform builds, runs, scales, and heals your containers. - Managed backing services – a marketplace of FedRAMP‑authorized databases, queues, and utilities.
- High availability – multi‑AZ deployment in AWS GovCloud plus automatic request routing across app instances.
- Observability out of the box – platform metrics, logs, and 75+ audit‑event types for troubleshooting and compliance.
- Defense‑in‑depth – network isolation, container sandboxing, encrypted traffic everywhere, and phishing‑resistant MFA.
Customer Responsibility: You own application code, data classification, and any controls marked customer‑owned in the Customer Responsibility Matrix (CRM).
Prerequisites
| Requirement | Why it Matters |
|---|---|
Cloud.gov account with Org Manager role | Enables org and space creation |
| FedRAMP package access (ID F1607067912) | Provides CIS/CRM to map control ownership |
| Phishing‑resistant MFA (PIV/CAC) | Avaliable for all Cloud.gov logins |
| System boundary defined | Needed to align inherited vs. customer controls |
FAQs
Q: Does Cloud.gov support High‑impact workloads?
A: No. Cloud.gov is authorized to the Moderate baseline. High‑impact systems require additional controls outside the current authorization boundary.
Q: How many Availability Zones does Cloud.gov span?
A: Multiple AZs within AWS GovCloud (US) for core platform services, with automatic traffic distribution.
Q: Can I deploy container images directly?
A: Yes. Use the Cloud Foundry Docker image feature or the Paketo buildpacks to run OCI‑compliant images.
Q: Where can I get the latest CRM?
A: Request the FedRAMP package (ID F1607067912) via the FedRAMP Marketplace or the Package Access Request Form; the CRM is included.
Q: How do I see platform maintenance schedules?
A: Subscribe to status.cloud.gov for planned maintenance and incident updates.