At some point, you’re going to want to move the system you are building into production. You should decide the final destination of your system early on in the project. If you’re building a site that has no server-side code, your options are or Federalist. If you’re going to host server-side code, you should aim to deploy to We also support deployments to Amazon Web Services(AWS), but with no external support. For GSA systems, see comparison of hosting options.

Whichever option you choose, you should start deploying to a production-like environment from early on in the development process.

Note that sending traffic from the internet to your local machine for any testing purposes is not permitted. In order to enable testing, you can request sandbox accounts on both or AWS.


  • Below, “internal” projects mean “things built by and for TTS”, i.e. “not for a partner agency”.
  • If an option isn’t listed below, you probably can’t use it for deploying TTS projects. This includes:
    • GitHub Pages (why)
    • Heroku and other platform services
    • Your personal AWS account
  • Any questions? Ask in #infrastructure.

Server-side code

TTS uses AWS as the underlying Infrastructure-as-a-Service (aka IaaS) cloud platform, but spending effort at the IaaS level is not the best use of your team’s time. TTS has invested in developing to provide for the most common infrastructure needs. uses Cloud Foundry – an open source Platform-as-a-Service (PaaS) – as a team-friendly abstraction above AWS, encapsulating good practice cloud hosting without having to worry about a lot of the details. For most of the products that TTS develops, deploying onto will:

  • Minimize ATO compliance overhead (which is quite hefty) and reduce security concerns
  • Reduce TTS’s overhead for handling infrastructure billing, since it is fully self-service
  • Make it easier for teams to ensure high availability/scalability

As a result, significantly reduces the portion of your team’s capacity that you need to dedicate to operational concerns. For this reason, when making infrastructure decisions, opt to use for your deployment whenever possible, and only resort to directly using AWS for infrastructure pieces that are impossible to achieve through or use new AWS services not yet available in

Comprehensive documentation for is available. has a FedRAMP JAB Provisional ATO at the Moderate level.

Amazon Web Services (AWS)

If you do want to use AWS directly, see the AWS page.

FISMA High systems

There are some specific cases where the product is categorized “FISMA High”. This would usually only happen due to your product handling extremely sensitive information or being critical to normal government function. AWS GovCloud has received a FedRAMP JAB Provisional ATO at the High level.

Note however that when partner agencies assert that of course their product will be FISMA High, TTS often finds upon examination that a product should be really be judged FISMA Moderate or FISMA Low… So don’t discard or AWS as options before probing that point carefully!

Static sites

See page on deploying static sites.

  • Internal: Likely free, but start by checking with #cloud-gov-business with your use case.
  • External: see the pricing page


More information.