Cloud.gov experienced a minor incident on July 22, 2025, lasting —. The incident has been resolved; the full update timeline is below.
Update timeline
- resolved Jul 22, 2025, 03:56 PM UTC
Status: Resolved Time (ET): July 22, 2025 - 10:20 AM - 10:46 AM Impact: Some customers routing API traffic through Cloud.gov may have seen intermittent 403 (Forbidden) errors. Root cause: A recent update to our traffic-filtering rules was inadvertently too restrictive, blocking valid API calls. Resolution: At 10:46 AM ET we refined our traffic filtering rules to resolve the issue. All API services have returned to normal operation. Next steps: Post-mortem: We will be conducting a post-mortem of this incident and sharing our findings in the coming days.
- postmortem Jul 25, 2025, 08:13 PM UTC
**Summary** A change to our traffic filter rules caused some APIs to return 403 errors. We fixed the rules and restored full service in 26 minutes. **Timeline \(Eastern Time\)** * 10:20 AM: An engineer applies new traffic filter rules. * Change took effect immediately. * Shortly after, customers saw 403 errors on some APIs. * The engineer identified the filter rules as the cause. * The engineer updated the rules to restore access. * 10:46 AM: All API traffic returned to normal. **Impact** * Some API calls received 403 Forbidden errors for 26 minutes. * We have no evidence of data loss or unauthorized access. **Root Cause** 1. We were unable to fully test the filter change before moving it into production. 2. We did not gather enough peer review before release. **Next Steps** * Hold a team review for any filter-rule changes. * Improve and publish clear documentation on traffic filters. * Improve real-time monitoring of 4xx error rates on our load balancers. * Require a final sign-off step before publishing filter rules. Thank you for your patience. If you have any questions, please contact us at [[email protected]](mailto:[email protected]).