Skip to main content

Overview

If you are searching for a Heroku alternative, particularly a Heroku Enterprise alternative, Aptible is one of the strongest platform-as-a-service options to evaluate. For teams that need a Heroku-like developer experience but stronger security, isolation, and compliance foundations, Aptible is a natural next step. Aptible offers simple, abstracted deployment of apps, databases, and infrastructure while providing dedicated infrastructure isolation, enforced security controls, and built-in compliance support for frameworks such as HIPAA, HITRUST, and SOC 2. These capabilities are especially important for startups operating in regulated industries and enterprise teams with strict security, reliability, and audit requirements. Refer to the Security & Compliance docs for more information on our approach to security and compliance, including the specific controls we satisfy. If you are evaluating alternatives due to recent changes to Heroku’s Enterprise offering, you’re in the right place. Many teams are reassessing their infrastructure strategy and looking for a platform that preserves developer velocity while strengthening security, compliance posture, and operational control. This guide will help you both evaluate Aptible and outline a clear path for a smooth migration, including:
  • Heroku vs Aptible comparison
  • Key terminology mapping
  • Technical migration steps:
    • Private Spaces to Dedicated Stacks
    • Projects to Environments
    • Dynos to containers
    • Heroku Postgres and Redis to Aptible-managed databases
    • Auditing add-ons
    • Reconfiguring endpoints and networking
    • Minimizing downtime during cutover
Migrating from Heroku Shield? If you’re currently running compliance-focused workloads on Heroku Shield and handling regulated data such as PHI, see the Heroku Shield to Aptible Migration Guide for Shield-specific guidance.
If you require further assistance or guidance during your migration, please contact Aptible Support. White-glove migration services are also available for teams that want hands-on assistance.

FAQs

Aptible is a security, compliance, and reliability-focused platform as a service (PaaS). Migrating to Aptible enables you to instantly adopt a stronger security and compliance posture, with built-in support for frameworks such as HIPAA, HITRUST, and SOC 2, while maintaining the ease of use and developer experience you may already be familiar with from Heroku.Teams typically migrate to Aptible when they need more robust security controls, stronger compliance guarantees, or higher reliability, without taking on the operational burden of managing their own infrastructure.
If you’re coming from Heroku’s standard platform, Aptible’s pricing model will feel familiar: usage-based billing, simple line items, and no long-term lock-ins or steep minimums.If you’re migrating from Heroku Enterprise or Shield specifically, Aptible differs in two important ways: Aptible does not require a 12-month contract, and Aptible does not enforce high minimum spend thresholds. This makes it easier to adopt without long-term financial commitments.Learn more about pricing.
Yes. Heroku requires a Procfile to define application processes, but on Aptible, Procfiles are optional.If no Procfile is present, Aptible will infer the service command from the Dockerfile CMD instruction. This is referred to as an Implicit Service.You can continue using a Procfile if your application has multiple services or process types. Procfile syntax is compatible between Heroku and Aptible.Note: If you are using Direct Docker Image Deploy (deploying a pre-built image from a container registry), you must place your Procfile at /.aptible/Procfile and your .aptible.yml at /.aptible/.aptible.yml inside your Docker image. See Procfiles and .aptible.yml with Direct Docker Image Deploy for details.

Heroku vs Aptible comparison

The table below summarizes key differences across compliance, developer experience, and pricing.
CategoryHerokuAptible
Compliance
HIPAA EligibilityAvailable (Enterprise/Shield)Included
HITRUST InheritanceNot availableIncluded
BAA SupportAvailable (Enterprise/Shield)Included
Encryption in Transit and at RestIncludedIncluded, by default
Managed Intrusion DetectionNot availableIncluded, by default
24/7 SRE MonitoringAvailable with additional feeIncluded, by default
Automated BackupsIncluded, plan-dependent retentionIncluded, by default
Granular Access ControlLimitedIncluded, by default
Infrastructure IsolationIncluded (Private Spaces)Included (Dedicated Stacks)
Developer Experience
Runtime ModelDynosDocker containers
Build SystemBuildpacksDockerfile-based
Traffic RoutingHeroku RouterExplicit Endpoints
Automatic RollbacksLimitedIncluded, by default
Zero-downtime deploysIncluded, by defaultIncluded, by default
Public and Private AccessLimitedAvailable (Public and Private Endpoints supported)
Managed DatabasesHeroku Postgres & RedisPostgreSQL, MySQL, Redis, Elasticsearch, RabbitMQ, InfluxDB, SFTP
Pricing
Compute Pricing ModelDyno tiersContainer-based pricing
Contract12-month contract (Enterprise)Pay-as-you-go, no lock-in

Key terminology mapping

If you’re migrating from Heroku, the table below maps common Heroku concepts to their Aptible equivalents.
Heroku TermAptible TermDescription
DynoContainerA running instance of your application process
Heroku RouterEndpointNetwork entry point that routes traffic to your service
App URLEndpoint URLPublic hostname exposing your service
Private SpaceDedicated StackIsolated infrastructure environment
ProjectEnvironmentLogical grouping of apps and databases
Config VarsEnvironment VariablesRuntime configuration values
BuildpacksDockerfileDefines how your application is built
Heroku PostgresManaged PostgreSQLProduction database service
Heroku RedisManaged RedisIn-memory data store
Add-onsManaged Databases or External IntegrationsInfrastructure services attached to your app

Before you begin

Before starting your migration, ensure the following:
1

Create an Aptible account

Sign up for Aptible to get started with a 30-day free trial. When you’re ready to begin your production migration, upgrade to the Production plan.
  • Development is intended for early-stage development and testing, when you do not yet have production security or compliance requirements.
  • Production is designed for production workloads and provides access to highly secure and compliant resources, including support for frameworks such as HIPAA.
2

Install the Aptible CLI

The CLI allows you to deploy applications, manage databases, and interact with your environment directly from your terminal.Install the CLI here.
3

Review your existing Heroku setup

Before migrating, make note of the following details from your existing Heroku setup:
  • Application process types (web, worker, background jobs)
  • Environment variables and secrets
  • Add-ons such as databases, caches, or third-party services
  • Any custom build or runtime configuration
  • Networking or domain configuration

Migration steps

Set up your Aptible infrastructure

Private Spaces to Dedicated Stacks

In Heroku, applications can run inside Private Spaces, which define the network boundary and isolation model for your workloads. In Aptible, the equivalent concept is a Dedicated Stack. A Dedicated Stack is an isolated AWS environment with its own VPC, enforced encryption, and infrastructure-level security controls.
1

Provision a Dedicated Stack

Create a Dedicated Stack in the appropriate region. If you need to support HIPAA compliance, Dedicated Stacks are required.
2

Execute a BAA if required

During Stack provisioning, Aptible Support will coordinate execution of your Business Associate Agreement if you are handling PHI.
3

Review networking requirements

Confirm IP allowlists, outbound access, and any required third-party integrations. See Network Integrations for VPN and VPC peering options.
If you currently use multiple Private Spaces for staging and production, you can either:
  • Create separate Environments within a single Dedicated Stack (most common approach)
  • Provision multiple Dedicated Stacks if stricter infrastructure separation is required

Projects to Environments

In Heroku, applications are grouped into Projects and can be connected via Pipelines. In Aptible, applications and databases are grouped within an Environment, which exists inside a Dedicated Stack. An Environment provides logical separation between staging and production workloads and defines access controls.
  • Create an Environment corresponding to each Heroku Project
  • Create separate Environments for staging and production
Granular user access is assigned at the Environment level. For example, you can grant full access to a staging Environment while restricting permissions in production.

Migrate your application

Dynos to Containers

In Heroku, applications run as dynos built via buildpacks and defined by a Procfile. Heroku manages the runtime layer and abstracts containerization. In Aptible, applications run as Docker containers. You define how the application is built and executed using a Dockerfile, and each process type runs as its own service. Key differences:
HerokuAptible
BuildpacksDockerfile
Procfile process typesSeparate services
Dyno scalingContainer scaling
Release phaseExplicit release command via .aptible.yml
1

Add a Dockerfile

If your app does not already use Docker, create a Dockerfile. See Getting Started with Docker for guidance.Example (Node.js):
FROM node:18

WORKDIR /app
COPY package*.json ./
RUN npm install

COPY . .
EXPOSE 3000
CMD ["npm", "start"]
Important checks:
  • App binds to 0.0.0.0
  • Correct port exposed
  • No reliance on ephemeral filesystem storage
2

Translate Procfile process types

Typical Heroku Procfile:
web: bundle exec rails server
worker: bundle exec sidekiq
release: bundle exec rails db:migrate
In Aptible:
  • Deploy web as one service
  • Deploy worker as a separate service
  • Run database migrations using before_release in .aptible.yml
Each service can be scaled independently.Procfile and .aptible.yml placement depends on your deployment method:
If you deploy by pushing code to Aptible’s Git remote, keep your Procfile and .aptible.yml in the repository root directory. Aptible will detect and use them automatically during the build process.
3

Configure environment variables

Export your current Heroku variables:
heroku config --app your-app-name
Recreate them in the Aptible Environment using the Dashboard or CLI:
aptible config:set --app your-app-name KEY=value
Pay special attention to:
  • DATABASE_URL
  • REDIS_URL
  • SECRET_KEY_BASE
  • External service credentials
See Configuration Variables for more details.
4

Scale containers

Match your dyno configuration. If you previously ran 2 web dynos and 1 worker dyno, scale to 2 web containers and 1 worker container.
aptible apps:scale --app your-app-name --container-count 2 SERVICE
Monitor CPU and memory usage after deployment and adjust as needed. See App Scaling for guidance.
5

Validate deployment

Confirm:
  • Application boots without errors
  • Logs are flowing
  • Health checks pass
  • Background jobs process correctly
  • No reliance on Heroku-specific environment assumptions

Migrate your databases

Heroku provides Heroku Postgres and Heroku Redis. In Aptible, you can provision managed PostgreSQL, Redis, as well as MySQL, Elasticsearch, InfluxDB, RabbitMQ, and SFTP.

Migrating PostgreSQL

There are two primary approaches to migrating PostgreSQL databases:
  • Dump and restore works well for smaller databases (under 10GB) and simpler migrations
  • Logical replication is recommended for databases over 10GB or high-traffic production apps where minimizing downtime is critical
For databases larger than 10GB, heroku pg:backups can be slow and unreliable. Logical replication keeps your Aptible database in sync with Heroku until you’re ready to cut over, significantly reducing downtime.

Migrating Redis

1

Provision Redis in Aptible

Create a managed Redis instance:
aptible db:create your-redis \
  --type redis \
  --environment your-environment
Confirm version compatibility. See Redis documentation.
2

Update REDIS_URL

Update the environment variable in Aptible:
aptible config:set --app your-app-name REDIS_URL=redis://...
3

Plan cutover

If Redis is used as:
  • Cache only: No data migration required
  • Job queue: Coordinate cutover carefully to avoid dropped jobs
4

Validate

  • Confirm application connectivity
  • Monitor background worker logs
  • Validate job processing

Audit your add-ons

Before migrating, review all add-ons attached to your Heroku application: 
heroku addons --app your-app-name
Typical mappings:
Heroku Add-onMigration Approach
Heroku PostgresMigrate to Aptible-managed PostgreSQL
Heroku RedisMigrate to Aptible-managed Redis
Logging add-ons (e.g., Papertrail)Configure log drains to your observability provider (no additional cost)
Email providersContinue using external provider and update credentials
Third-party servicesReconfigure networking and environment variables

Configure endpoints and networking

In Heroku, applications are exposed via the Heroku Router. In Aptible, applications are exposed through explicitly defined Endpoints.

Public Endpoints

If your application is publicly accessible:

Private Endpoints

If your Heroku Private Space uses internal routing between services:
  • Create Private Endpoints inside the Dedicated Stack
  • Update internal service URLs
  • Confirm security group or access configuration

Networking checklist

  • Review outbound IP requirements
  • Confirm third-party allowlists
  • Update webhook destinations if needed
  • Verify internal service-to-service communication
Networking differences are often the largest architectural shift when moving to a dedicated infrastructure model. Take time to review your requirements carefully.

Minimize downtime during cutover

To reduce downtime and risk during migration, plan the final cutover carefully.
1

Deploy and validate in staging

Deploy and validate your application in Aptible staging. Perform database migration to staging and test thoroughly.
2

Lower DNS TTL

Lower DNS TTL at least 24 hours before cutover to enable faster DNS propagation.
3

Schedule maintenance window

Schedule a maintenance window if required for your application.
4

Take final backup

Take a final database backup immediately before cutover:
heroku pg:backups:capture --app your-app-name
5

Restore final backup

Restore the final backup to your Aptible production database.
6

Update environment variables

Update environment variables to point to the new database.
7

Switch DNS

Switch DNS to the Aptible Endpoint.
8

Monitor

Monitor logs, performance, and background workers.
Additional considerations:
  • If Redis is used as a job queue, pause workers before final backup
  • Confirm no writes occur between final backup and DNS switch
  • Keep the Heroku app available briefly as a fallback if necessary
After confirming stable traffic and application behavior, decommission your Heroku resources.

Closing thoughts

Once your migration is complete, your workloads run on a platform designed for security, compliance, and long-term scalability. By carefully planning your infrastructure mapping, database migration, and cutover strategy, you can transition with minimal disruption. If you need guidance during your migration, Aptible Support is available to help. White-glove migration services are also available for teams that want hands-on assistance.