Octopus Cloud Frequently Asked Questions

This page answers the most common questions about Octopus Cloud.

If you have an unanswered question, please use the “Send Feedback” button at the foot of this page or contact our Sales team.

Getting started

What is Octopus Cloud?

Octopus Cloud is the easiest way to start with Octopus Deploy; we take care of everything for you. Octopus Cloud has the same functionality as Octopus Server, delivered as a highly available, scalable, secure SaaS application hosted for you.

Where do I begin?

Many customers begin with our getting started guide, which covers the key concepts and terminology we use. When you’re ready, start a free trial to explore Octopus Cloud.

How is Octopus Cloud built?

Our Octopus Cloud architecture overview describes how we deliver Octopus Cloud.

Training and setup

What training is available?

Our Resource Center provides high-quality webinars, blog posts, white papers, and free tools. We also offer books with free PDF versions covering Octopus and broader DevOps topics. We pride ourselves on the quality of our developer documentation and provide free training video tutorials. We support a community Slack channel where our staff regularly assist with customer inquiries.

Professional and Enterprise tier customers receive access to our Support team and expert-guided onboarding. Enterprise tier customers can add on Technical Account Management services. For Enterprise tier customers with over USD $50,000 licenses, we assign a Customer Success Manager.

Can we get support for our initial setup?

Professional and Enterprise tier customers receive our expert-guided onboarding Support. Our Sales and Support teams are highly responsive and available to every customer.

Purchasing

How do I purchase Octopus Cloud?

We recommend new customers start a free trial to get 30 days of access to Octopus Cloud Professional. A credit card is not required. Contact Sales during the trial period to convert to an annual subscription with no data loss.

How can I trial Enterprise tier?

Please contact Sales to trial Octopus Cloud Enterprise tier. Enterprise provides more projects, tenants, machines, and a higher task cap.

What does Octopus Cloud cost?

We license Octopus Cloud in tiers. Our Starter tier costs USD $360 per year, and it allows 10 projects, 10 tenants, 10 machines, and task cap of 5. There are no additional platform fees.

Our Professional and Enterprise tiers are annual licenses priced per project, with tenants and machines sold as add-ons to suit your requirements. We also charge Professional and Enterprise tier customers a flat annual platform fee based on the task cap selected, which defines the number of concurrent deployments/runbook runs your instance can perform.

Do you support monthly billing?

No. Annual billing is the only option for Octopus Cloud subscriptions.

How do I get a quote?

Our Sales team can provide a quote that meets your needs.

How do I use a purchase order?

For customers purchasing or renewing on Starter, simply enter a Customer Reference in the online form. This value will appear on our quote or invoice PDF.

For customers on Professional or Enterprise, please provide our Sales team with your purchase order, which we’ll include in your quote or invoice.

Where can I learn more about pricing?

Please refer to our dedicated Octopus pricing overview page and our Octopus Cloud pricing FAQ. Or, please contact our Sales team who can answer any other questions you may have.

Data centers

Where is Octopus Cloud hosted?

We host Octopus Cloud in the following Azure regions:

West US 2
West Europe
Australia East

Each customer’s Octopus Cloud is wholly located in a single Azure region.

Where are the data centers located?

Each customer’s Octopus Cloud is wholly located in a single Azure region. Microsoft publishes data center information for each Azure region.

Can we choose another Azure region?

Please contact our Sales team to discuss this.

Can I move my Octopus Cloud to another region?

Yes. Contact Support to arrange the relocation.

Security

How does Octopus Cloud approach security?

We pride ourselves on making Octopus Deploy a secure product. In addition, Octopus Cloud instances are secure and compliant out-of-the-box.

Octopus complies with the European Union’s General Data Protection Regulation (GDPR).

Is Octopus Cloud compliant with SOC 2?

We’re regularly audited and maintain a SOC 2 Type II certification. You can request access to our confirmation from our Trust Center.

Is Octopus Cloud compliant with ISO 27001?

Our information security management system has been assessed and found to conform with ISO 27001:2013. You can view our certificate via our Trust Center.

Is Octopus Cloud compliant with HIPAA?

Octopus Deploy is not a covered entity under HIPAA. We don’t process personally identifiable health data directly or on behalf of our customers. Octopus Cloud has global healthcare industry customers operating on our platform.

Where can I learn more about Octopus Deploy compliance?

The security and privacy of our customers’ personal, company, and intellectual property data are top priorities at Octopus. We’re dedicated to maintaining and continuously improving our security and compliance programs, which we publish on our Trust Center.

Which authentication providers are supported?

We have a table that lists the authentication providers Octopus Cloud supports for login. We have narrower provider support for external groups and roles.

What level of encryption is used between an Octopus Server and a Tentacle?

All communication between the Tentacle and Octopus is performed over a secure TLS connection. We recommend TLS1.2+. We configure the trust relationship between Octopus Server and a Tentacle using public-key cryptography. The server and Tentacle establish the trust relationship using X.509 self-signed certificates generated upon installation and using 2048-bit private keys.

How secure is Tentacle communication?

Octopus Cloud communicates with Tentacles you deploy on your targets via TLS-encrypted data transmitted over a TCP connection. You can set up Tentacle communication modes as listening (acting as the TCP server) or polling (acting as the TCP client). Many customers prefer polling for greater security of the Tentacle host.

Can a Tentacle access customer data?

Every process within a Tentacle is executed by the user account configured on its service. You can configure Tentacles to run under a specific user account if you need elevated or alternative permissions. The user account configured constrains the Tentacle’s access to data.

Does Octopus Cloud have any security vulnerabilities?

We make a list of all our security advisories public, including any current vulnerabilities. We practice responsible disclosure as detailed in our security disclosure policy.

Has Octopus Cloud had any vulnerabilities in the past?

Yes. We pride ourselves on making Octopus Deploy a secure product, but no software is ever bug-free, and occasionally, there have been security issues. We’ve published all of our historical advisories since 2021.

Migration

How do I migrate from self-hosted Octopus Server to Octopus Cloud?

We have a step-by-step guide.

The benefits of migrating from self-hosted to Octopus Cloud include:

Likely lower total cost of hosting - taking into account the saving of having your people focused on your mission, not maintenance.
Cloud customers get access to the latest features and functionality.
Lower risk - Once a CVE or bug is found, we issue a patch and automatically apply it.
We perform maintenance that many customers do not (rebuild indexes, backup files and databases, have a recovery plan).
Monitoring and uptime - We monitor every instance to ensure it’s online. When it goes offline, we attempt to automatically recover it, and failing that, we start paging our Support teams.

Can we trial Octopus Cloud while we decide on migration?

Yes. We can arrange temporary licenses to ensure you’re not being double-billed during the trial. Please contact our Sales team to arrange this.

How can I determine my current Octopus Server use?

We have diagnostic scripts we can share with you that make it easy to gather metrics about your configuration and use. Contact our Support team to request access.

Updates

How often is Octopus Cloud updated?

Octopus Cloud is a modern SaaS application that receives frequent updates. New features become available in Octopus Cloud before they become available to our self-host customers. We release bug fixes and improvements regularly and, when necessary, apply these during your maintenance window, typically once or twice weekly.

When are updates performed?

We apply regular maintenance and product updates during your maintenance window, typically once or twice weekly. We may need to apply critical security patches outside of this schedule. In this case, our Support team contacts customers in advance.

How do I know what was upgraded?

We publish our release updates and provide a release comparison tool. Our product roadmap is public and shows the features released recently.

Availability

What is Octopus Cloud’s uptime SLO?

Octopus Cloud’s monthly uptime SLO is 99.5%, measured for the 95th percentile of Cloud instances. This target includes all downtime, including scheduled maintenance.

How is uptime monitored?

Our Cloud Platform team observes uptime and planned downtime durations as part of frequent health checks. We use a third-party vendor to assess availability every minute of the day.

How can we check Octopus Cloud’s status?

We publish Octopus Cloud’s operational status. You can subscribe to status change emails from our operational status page.

Logs and data

How do we access deployment and audit logs?

You can view and download deployment and access logs from Octopus Cloud. Enterprise-tier customers can stream audit logs to their SIEM system.

What is the data backup and retention policy?

Our retention policies let you control which releases, packages, and files Octopus will keep. The retention policy is set to 30 days by default. Backups are subject to storage thresholds, 1TB by default. You can arrange more with our Sales team if required.

What access do Octopus staff have to our data?

We protect all access with multi-factor authentication (MFA), role-based access control (RBAC), and the principle of least privilege (PLP).

In case of issues related to your data or the availability of your Cloud instance, Support Users can be granted temporary access to your Cloud instance, and queries can be run against your Cloud instance database. Only competent, trained, background-checked, and authorized engineers can gain this access. These activities are tightly controlled and have automatic revocation of access mechanisms.

Microsoft Azure may have infrastructure access and, as such, would also have access, as controlled by our service agreements with them.

Also, Octopus Cloud publishes limited telemetry, which we use to track quality of service.

Is access to our data logged?

We log all access to Octopus Cloud instance databases and file storage.

Is data access actively monitored?

Our SecOps team has monitoring and alerting in place based on patterns of suspicious activity. Monitoring focuses on Support Users being granted temporary access to a Cloud instance and queries being run by our staff against Cloud instance databases. Both of these activities are tightly controlled and logged, and access mechanisms are automatically revoked.

Only authorized, skilled, and trained engineers employed by Octopus Deploy may be granted temporary access.