Terms of service


You and Your means any user deploying applications on cloud.gov.au.

Our, Us and We means the providers of the cloud.gov.au platform managed by the Digital Transformation Agency.

cloud.gov.au means the cloud foundry platform and associated applications, api endpoints, and services (such as databases) that we provide, including:

  • api.system.*.cld.gov.au
  • console.system.*.cld.gov.au
  • grafana.system.*.cld.gov.au
  • logs.*.cld.gov.au

Applications you deploy means application code you run on cloud.gov.au, such as code deployed with the `cf push` command.


cloud.gov.au is managed by the Digital Transformation Agency. Your use of cloud.gov.au is deemed to be your acceptance of these Terms of Use. Please read them carefully.

These terms of use are governed by the laws of the Australian Capital Territory, Australia and you agree to submit to the exclusive jurisdiction of the courts of the Australian Capital Territory.

If any of these terms of use are held to be invalid, unenforceable or illegal for any reason, the remaining terms of use will continue in full force.

These terms of use do not negate any terms or conditions that apply to your use of any other government service.

You must comply with the AWS Acceptable Usage Policy.

You must comply with the APS Code of Conduct.

We reserve the right to terminate applications, and revoke access if these terms and conditions are not met.

We may revise these terms and conditions from time to time. We will notify you in writing of any changes.

Please contact us if you have any questions, problems or feedback regarding the terms of use.

Lawful purposes

You agree to use cloud.gov.au only for lawful purposes, and in a manner that does not infringe the rights of or restrict or inhibit the use and enjoyment of cloud.gov.au by any third party. This includes conduct which is unlawful or which may harass or cause distress or inconvenience to any person, the transmission of obscene or offensive content or disruption to cloud.gov.au.

You must not post or transmit via cloud.gov.au any unlawful, defamatory, obscene, offensive or scandalous material, or any material that constitutes or encourages conduct that would contravene any law.


We are responsible for maintaining the availability, and security of the platform and services (such as databases) that are provided to you.

You are responsible for maintaining the availability, security, and performance of your applications deployed to cloud.gov.au.


Your use of cloud.gov.au does not affect or reduce any obligation owed to you by any Agency, or reduce any obligation you owe to any Agency.

The documentation on cloud.gov.au is not a substitute for independent professional advice and you should obtain any appropriate professional advice relevant to your particular circumstances. You must exercise your own judgement and carefully evaluate the material on cloud.gov.au.


We are responsible for the security of information.

We are committed to protecting the information you provide on cloud.gov.au. We will use all reasonable endeavours to ensure that cloud.gov.au and your information are not compromised. In line with the DTA’s Secure Cloud Strategy, we recommend you take a risk-based approach to ensure the security of your applications deployed on cloud.gov.au.

We recommend that you keep your developer workstations up-to-date with security patching.

You must conduct your own application pen-testing, but must get approval from cloud.gov.au beforehand.

You are responsible for security of the applications you deploy on cloud.gov.au, which includes but is not limited to DoS protection, patching library vulnerabilities, and fixing application code vulnerabilities.


For more information about how we protect your privacy and personal information, please see our privacy policy.

We do not share information about you with other government agencies without your permission unless it:

  • is necessary to provide you with a service that you have requested
  • is required or authorised by law
  • will prevent or lessen a serious and imminent threat to somebody's health

Users are responsible for undertaking their own security and privacy assessments for their applications and data.