Deno Subhosting: the easiest and most secure way to run untrusted multi-tenant code
Since launching Deno Deploy (our cloud hosting solution) in 2021, we’ve been surprised at the number of companies that reached out with an ask like the following:
Hey Deno team, would it be possible to get access to the APIs that you use to run your hosting product? We’d like to give our users the ability to write some custom logic within our app, but setting this up in our public cloud presents some security concerns and a lot of extra work. Especially if we want it to run fast and serverless. Ideally we’d use a combo of Deno’s runtime for secure sandboxing plus automated deployment to Deno’s cloud infra – in the same way Deno powers Netlify edge functions.
After fielding dozens of requests like this, we realized that there was an opportunity for subhosting to solve a widespread need. Enabling companies to quickly and securely run custom code written by their users – without having to staff and maintain a dedicated engineering team to do it.
Why run untrusted code?
If you look at most major B2B SaaS companies, you’ll find that a very large percentage already give their users the ability to write some custom logic within their products. There are two major reasons for this – both of which drive significant benefits to conversion and retention:
Extending product functionality & customization. For example, companies like Airtable, Atlassian, Slack and Zoom all allow their users to create custom workflows, automations and integrations via code. Rather than trying to individually satisfy the long tail of feature requests from major customers, these companies empowered their customers to create a perfect solution for their own needs.
Creating a marketplace for third-party applications. For example, companies like Shopify, HubSpot and Salesforce have been very successful at building a marketplace of custom-coded third-party applications. This marketplace not only extends the functionality of the core product seamlessly, but also deepens partner investment in the ecosystem.
Although these capabilities are more common among the largest B2B SaaS companies, their appeal is much broader. Early and mid-stage startups are increasingly looking to offer these same tools to their customers as a way to differentiate and provide value, especially when developers are among the main buyers. The problem is that safely running untrusted code often requires a significant investment that’s difficult to prioritize with limited engineering resources.
Common engineering and business roadblocks
In our conversations with companies ranging from small startups to large enterprises, we’ve heard a few major challenges surfaced up repeatedly when it comes to running untrusted code. Often these led to projects being continually punted or blocked when the full cost of implementation was taken into account. Those challenges included:
Running code securely: Businesses are understandably cautious about running user-written code on their infrastructure to prevent granting unintended access to internal systems or data from other users, or for fear the code could be used maliciously in other ways (e.g. sending spam). Deno provides comprehensive security countermeasures to these concerns.
Preserving user experience: In offering users the ability to enhance your product through coding, it’s crucial they don’t have to face steep learning curves or unnecessary hurdles like writing a bunch of boilerplate. Deno uses the most widely known programming language, furnishes an extensive standard library, supports all relevant modern web standards, and is compatible with 2M+ NPM packages.
Infrastructure management and scaling: Supervising infrastructure running user-created code in public cloud environments presents several challenges. For example, using the same VM or container for different customers makes it difficult to isolate properly. Using different VMs or containers per customer balloons cost. Deno Subhosting was engineered to solve these problems, as well as others associated with upgrading and scaling.
Usage-based customer billing: Frequently, businesses aim to bill customers using the code as part of a paid feature or based on usage. However, when hosting on a public cloud provider, it can be very difficult to attribute usage or cost to the customer that incurred them. Attributing costs to customers on Deno Subhosting is easy and straightforward.
Check out Deno Subhosting
We built Deno Subhosting to be a simple way to provide all the benefits of running untrusted user code, while solving all of the major challenges. For users who are new to Deno Deploy, check out our new Subhosting product page or get started with a free Subhosting account (no credit card required).
If you already have a Deno Deploy account, you can check out Subhosting by logging in and creating a new organization, then choosing “Subhosting” in the next screen.