Skip to main content

This is for internal use by the PaaS team. Public-facing documentation is located at


We use BOSH for software packaging, release management, and virtual machine (VM) lifecycle management.

BOSH runs as a single instance per environment and runs the following components:


Architecture diagram showing BOSH director and colocated components: sshd, Director, UAA, CredHub


BOSH Director

The BOSH director has an API which we connect to using a reverse proxy (nginx) through a SOCKS proxy managed by SSH.


CredHub has an API which we connect to through a SOCKS proxy managed by SSH.


Operators and components on the BOSH director use UAA.

Colocated components talk to UAA directly using the TLS certificate generated by BOSH.

Operators use Google single sign-on (SSO) to authenticate with UAA, using an Amazon load balancer which is accessible through the VPN or office network. They do not use the SOCKS proxy because that requires users to sign in through a web browser.


Review Accessing BOSH, Credhub, and UAA.