API Gateway supports a Caching feature that improves API performance and reduces server load. Caching stores the response to an API request and serves it to the client.
January 7
Network File Storage is now in the General Availability (GA) phase. It offers shared file storage for multiple virtual machines and containerized workloads via the Network File System (NFS) protocol, along with seamless integration of Network File Storage in Kubernetes environments. You can now access the product in all data center locations. For more information, see .
The documentation for DBaaS MongoDB and DBaaS PostgreSQL has been restructured to improve navigation and clarity. The following are the structural enhancements:
API documentation is now organized under a dedicated API section for each service with versioned sub-sections v1, making it easier to navigate programmatic guides.
DCD how-to guides are now consolidated under a unified How-Tos section for each service.
Explore our guides and reference documents to integrate IONOS Cloud products and services.
Guides
Explore our guides and reference documents to integrate IONOS Cloud products and services.
Documentation Spotlight
Set Up IONOS Cloud
Additional data center in Frankfurt: IONOS Cloud's services are now also available from our newly added data center in Frankfurt, Germany, enhancing high availability, redundancy, and operational security. Existing deployments in Frankfurt remain unaffected. You can deploy products in the new data center by selecting Germany / Frankfurt am Main (de/fra/2) from the drop-down list in the , or by using the location code de/fra/2 when deploying through the . For more information, see .
The SUSE Linux Enterprise Server (SLES) public image support is available on any type to leverage benefits like cloud-init, Secure Shell (SSH) key, and password injection. The SLES image is available through the DCD and API for data centers in Germany: Berlin de/txl and Frankfurt de/fra and de/fra2 regions. It operates on the . In this version, you can install the Acronis Backup Agent manually after provisioning, providing full flexibility even though automatic installation is unavailable.
September 24
IONOS Cloud is now officially validated to run Red Hat OpenShift workloads, allowing Red Hat-certified partners to deploy their OpenShift infrastructure on the IONOS Public Cloud. This validation ensures that IONOS Cloud meets Red Hat’s technical standards and operational best practices, providing a reliable and consistent platform for certified deployments. Partners can leverage the scalability and performance of IONOS Cloud to run enterprise-grade, containerized applications by enabling secure, certified OpenShift operations exclusively through approved partner environments.
September 1
Bulk data export is now available for specific products on request. To export bulk data from your account, contact the . If you want to manually export data by yourself, see .
A step ahead in the AI Model Hub: With , you can now use AI Model Hub via the to test the most critical endpoints. Additionally, we will extend the free service for another three months. We offer a set of applications and code projects you can use to get your AI journey started.
February 26
A new tutorial on using acme.sh with IONOS Cloud DNS to manage SSL/TLS certificates is now available. This tutorial covers the installation, configuration, and automation of certificate renewal.
February 24
DBaaS now supports MongoDB 7.0. The creation of MongoDB 5.0 clusters is discontinued. Existing clusters are not affected; they can be to a higher major version.
February 13
IONOS now supports Windows Server 2025 images, both and , via the DCD and the API in all server locations.
February 3
AI Model Hub supports the models Llama 3.3 (70B) and Teuken (7B). Document collections can now use all supported embedding models, allow for chunking, and support PostgreSQL as an alternative backend.
Documentation updates
February 28
We have introduced a Tutorials section in the documentation to enhance the user experience and simplify setup processes. This section provides step-by-step instructions and best practices for configuring and managing VPN Gateways. The guides you through creating an IPSec tunnel between a Virtual Data Center (VDC) and an on-premises gateway, offering clear guidance for a smooth setup.
The documentation portal now contains information about the new security advisories that Acronis reported. You can find more details about the reported vulnerabilities on the following pages:
October 25
VM Auto Scaling is now available as an Early Access (EA) feature. It is a cloud computing feature that dynamically scales in or scales out the number of virtual machine instances (horizontal scaling) based on customizable monitoring events. The metric-based policy, defined during its configuration, constantly monitors the load and regularly scales the number of VM instances based on the policy threshold. The functionality ensures that the number of replicas in the group remains within the defined constraints.
Documentation updates
October 18
The documentation for Backup Service has been updated to include a new section called Install the Acronis Backup Agent on Linux. This section provides prerequisites, step-by-step instructions, and configuration options to ensure a seamless installation experience.
Single Sign-On (SSO): Users can access IONOS Cloud services with their Identity Provider credentials, removing the need for multiple logins. After signing in to an IONOS Cloud account, they can seamlessly use SSO to access other IONOS Cloud services like the Reseller Portal, Control Panel, and so on.
Cross-Domain Collaboration: IAM Federation, along with SSO, adds cross-domain authentication, allowing users across organizations to authenticate using IDP and access various applications across other organizations without creating new credentials.
Standardized Protocols: IAM Federation supports industry-standard authentication and authorization protocols, such as Security Assertion Markup Language (SAML) and OpenID Connect, ensuring interoperability between different systems and organizations.
Security: IAM Federation provides a secure way to share identities with domain ownership and authenticate users with IDP, reducing the risk of unauthorized access to resources and services.
Benefits
Improved Security: Identity Provider authentication provides stronger authentication and authorization mechanisms. It also reduces the risk of phishing and password-related attacks.
Simplified User Management: The IONOS Cloud IAM Federation system streamlines user management, allowing contract owners to manage user access to IONOS Cloud services using their existing IDP infrastructure.
Enhanced User Experience: Users can seamlessly access resources without multiple logins.
HDD and ISO images are now accessible through the Data Center Designer (DCD) and the . These latest Debian images are compatible with all IONOS Compute Engine instances, including and .
June 1
Internet Protocol version 6 (IPv6) is now a General Availability (GA) feature for all IONOS Compute Engine instances of type and . Applications can now be hosted in the dual stack with connectivity over both IPv6 and IPv4 within virtual data centers and to and from the internet.
Updates
June 1
Firewall rules configuration for a Network Interface Card (NIC) is now extended to support IPv6. With this enhancement, Firewall rules support ICMPv6 as a protocol, IPv6 addresses as source or destination IPs, and lets you specify the IP version for which a given rule is applicable.
June 1
With IONOS extending IPv6 support to Compute Engine instances, you can now use the Flow Logs to capture data related to IPv6 network traffic flows in addition to IPv4.
The Network Interface Cards (NICs) Multi-Queue feature improves the network performance of and by distributing traffic across multiple queues based on core count, thereby enhancing throughput and reducing latency through efficient multi-core packet processing. This feature is currently available only in the Frankfurt, Germany de/fra/2 data center and particularly beneficial for high-bandwidth, low-latency applications such as databases, analytics platforms, and high-performance computing workloads.
Documentation updates
November 14
A new tutorial describes how to Bring Your Own IP (BYOIP) address or Bring Your Own Autonomous System Number (BYOASN) to IONOS Cloud. It covers the necessary steps for integrating your own IP address range and ASN into IONOS Cloud.
November 5
A new section is available in the AI Model Hub documentation that includes:
: Guidelines on data management and processing practices.
IONOS DBaaS provides support for MariaDB clusters to suit your needs. It offers resources such as CPU cores, RAM size (GB), and storage types to create database clusters. Additionally, the database clusters facilitate point-in-time recovery and backup features, making them highly reliable. It also facilitates cloud-based database patching and scalability. The migration process is straightforward due to its compatibility with MySQL.
March 20
Starting today, the Backup Service management servers will switch to the new IP addresses. We recommend you update the configured firewall rules so that the firewall does not restrict backup agent access and allows the backup agents to communicate effectively. For more information, see .
March 13
Logging Service is enhanced to allow sub-users within your contract number to use their IONOS credentials and access Grafana upon meeting the . This enhancement improves accessibility and provides a seamless experience for all users within the Grafana environment.
DCD Default Settings
You can set the default values for your Virtual Data Centers (VDCs). Each time you open a new VDC, DCD will place your resources in the preset location, assigning them the same number of cores, memory size, storage capacity, and reserved IP addresses. For example, you can specify that all new VDCs must be located in Berlin or that all processors will use the Intel architecture.
To edit the default settings, follow these steps:
In the DCD, go to Menu > My Profile > DCD Default Settings.
A My settings window will open up. Set the default values for Session settings, Data Center settings, Server settings, Storage settings, and IP settings from the respective drop-down lists.
Result: Your new settings will be updated immediately. You can undo your changes either by selecting Reset or Reset All.
Logging Service now allows the primary account owner to create sub-users and delegate pipeline management responsibilities. Sub-users can only view and manage the pipelines assigned to them by the primary account owner and are not authorized to access pipelines created by other sub-users or the primary account owner. Hence, your credentials and data are secure and not shared with other sub-users. For more information, see .
IONOS offers the New Object Storage Web Console (Beta), an enhanced version of the existing Object Storage Web Console in the DCD, providing improved user experience and performance, intuitive design, and faster responsiveness while having the same feature set as the existing web console. Currently, the feature is in the Beta phase and is available by default to all new and existing users. You are encouraged to try out the new web console. This new application console does not impact the functionality of the existing web console.
September 4
The Cloud DNS is now in General Availability (GA) phase. You can publish DNS zones of your domains and subdomains on public Name Servers using Cloud DNS. With the Cloud DNS API, you can create DNS zones and DNS records, import and export DNS zones, secure your DNS zones with DNSSEC and create secondary zones. Additionally, you can also set up ExternalDNS for your with Cloud DNS.
October 2025
What's new
February 2024
What's new
Use the Canvas Mode
You can create a Virtual Machine (VM) using the Canvas mode from the left navigation panel or from the DCD home page.
Option 1: From the left navigation panel
1
In the DCD
2025 Releases
2025 Releases
The following is a list of releases in 2025:
IAM Federation
Identity and Access Management (IAM) Federation is a mechanism that lets users from an external Identity Provider (IDP) access IONOS Cloud resources, such as the , upon successful authentication and establishing the organization account link with the IDP. Federated IDPs such as Security Assertion Markup Language (SAML) 2.0 or OpenID Connect (OIDC) are supported to establish a trust authentication connection. With IAM Federation, users also get to Single Sign-On (SSO) across multiple systems without logging in whenever accessing these resources.
Product Overview
May 2023
What's new
API How-Tos
With IAM Federation APIs, learn how to set user privileges, create and manage Identity Providers (IDPs), request and manage domain ownership, and user account linking with IAM Federation.
July 2023
What's new
My Customer Data
To view or update your data, such as the organization's name and address or contact details, follow these steps:
In the DCD, go to Your Profile > My Customer Data.
A My customer data window will open up. You can view the Email Address, a Contract Number, Company name, First name, and Last name.
July 2025
What's new
Limitations
Active Savings Plans cannot be edited or deleted.
Savings Plans apply automatically, starting with the oldest in the contract and progressing to the newest. You cannot manually select which VMs get applied the pricing of the Savings Plans.
You are always billed for the quantity of resources configured in your Savings Plans, regardless of whether they are deployed and in use.
View Cloud Savings Plans
You must be a contract owner to view Savings Plans. Your contract lists all plans that you created, including those that have expired.
Follow these steps to view plans:
1. In the DCD, go to Management > Cloud Savings Plans.
2. The Cloud Savings Plans window displays the following details:
NAME: Select the name to view the plan's details. To edit the name, see .
Modify Cloud Savings Plan's Name
Only a contract owner can modify the name of Savings Plans.
Follow these steps to modify the name of Savings Plans:
1. In the DCD, go to Management > Cloud Savings Plans.
2. Select a specific Savings Plan by clicking its NAME, displayed as a hyperlink.
3. Enter the new Plan name.
4. Select Update name to confirm the renaming.
Reduced Administration: Organizations can reduce the administrative management associated with managing multiple identities and access credentials of users.
The AI Model Studio, a PaaS solution for fine-tuning pre-trained AI models, is now available in the German market as a collaboration with our partner manufactAI and will be free to test until further notice.
The documentation portal now has information on medium-severity vulnerabilities reported by ETH Zurich university researchers. This vulnerability may allow malicious KVM guest to leak sensitive information.
The Cloud Savings Plans, a new pricing model, offer optimized rates on a specific quantity of resources for selected products over a period of one or three years, compared to standard Pay-As-You-Go (PAYG) pricing. It is ideal for consistent and predictable workloads, providing significant cost reductions. For more information, see the FAQ.
A new tutorial is now available in the documentation portal demonstrating how to view and monitor metrics for MongoDB Enterprise clusters using Grafana. The tutorial guides users through setting up the logging pipeline and configuring Grafana data sources to visualize key performance metrics. These insights help users proactively identify cluster health or performance issues and plan capacity upgrades effectively.
You can now subscribe to release notes through Really Simple Syndication (RSS) feed to receive notifications about the latest updates automatically. The RSS feed provides a machine-readable summary of all new and updated release notes, helping you stay informed through your preferred RSS reader or integration tool. You can subscribe to the feed by using the Subscribe via RSS feed option on the latest release notes page.
You can now interact with the IONOS Telemetry API via the managed Grafana provided by the Logging Service. It is also compatible with Prometheus specifications. The Telemetry API uses the same authentication as the IONOS Cloud API; hence, you can use the same API token to authenticate with the Telemetry API.
Upbound Crossplane Marketplace now lists IONOS Cloud as the Crossplane Provider. With Crossplane, you can convert a Kubernetes cluster into a universal control plane.
Information on security advisory for CVE-2024-21626 is available on the documentation portal. The vulnerability enables containerized escape for attackers using a malicious image, a malicious Dockerfile, or an upstream image.
Effective March 15, 2024, the Basic Authentication across IONOS’ APIs and SDKs is completely deprecated for user accounts with 2-Factor Authentication (2FA) enabled or 2FA forced. Impacted users can only generate tokens from the API/SDK Authentication Token Manager.
Cloud DNS is now available as an Early Access (EA) feature. You can publish DNS Zones of your domains and subdomains on public Name Servers using Cloud DNS. You may also programmatically manage your DNS Zones and Records via API.
The documentation for Managed Kubernetes has been updated to include information about the maintenance window as well as the cluster and node pool maintenance processes.
The Vulnerability Register serves as a comprehensive record detailing security vulnerabilities that impact IONOS Cloud products and services. This report has been developed as an integral component of our continuous commitment to assist you in effectively mitigating security risks and safeguarding the integrity of your systems.
Application Load Balancer is now in the General Availability (GA) phase. With the Application Load Balancer (ALB), incoming application layer traffic can be routed to targets based on user-defined rules.
Network Load Balancer is now in the General Availability (GA) phase. With the Network Load Balancer (NLB), you can automatically distribute workloads over several servers, which minimizes disruptions during scaling.
NAT Gateway is now in the General Availability (GA) phase. With the NAT Gateway, you can enable internet access to virtual machines without exposing them to the internet by a public interface. It acts as an intermediary device that translates IP addresses between the private network and the public internet.
IONOS Object Storage is expanding support of Contract-owned Buckets to the metro region of Frankfurt, Germany de. It is available for use at the eu-central-4 endpoint. For more information, see Endpoints.
Identity and Access Management (IAM) Federation now supports organizations in onboarding their Identity Provider (IDP) and allowing their users to link their account with IONOS Cloud. With this feature, the user can Log in to the Data Center Designer using IDP, which also facilitates Single Sign-On (SSO).
We are pleased to announce the release of the new IONOS Cloud provider for Pulumi. With this release, developers and DevOps teams can now use Pulumi’s powerful Infrastructure as Code (IaC) framework to define, deploy, and manage resources on IONOS Cloud more efficiently and flexibly. For more information, see IONOS Cloud provider for Pulumi.
My Settings lets you set defaults for any infrastructure created in subsequent data centers
Set User Privileges through the API
Set required user privileges for a user to manage IAM resources.
Create Identity Provider
Learn how to create an IDP for your organization using the API.
Retrieve Identity Provider
Learn how to retrieve an IDP for an organization using the API.
Retrieve all Identity Providers
Learn how to retrieve all associated IDPs for an organization using the API.
Ensure Identity Provider
Learn how to update an existing IDP of an organization using the API.
Delete Identity Provider
Learn how to delete an IDP associated with your organization using the API.
Request Domain Ownership
Learn how to map the organization domain to establish IDP connection using the API.
Retrieve Domain
Learn how to retrieve the organization domain using the API.
Retrieve all Domains
Learn how to retrieve all the domains associated with the organization using the API.
Verify Domain Ownership
Learn how to verify the ownership of the domain associated with the organization using the API.
Retrieve Link
Learn how to retrieve a link of the account associated with the IAM Federation using the API.
Retrieve all Links
Learn how to retrieve all links of the accounts associated with the IAM Federation using the API.
, go to
Menu
>
Virtual Data Centers
.
2
Set Create mode to Canvas.
Result: The label changes to Create in Canvas.
3
Click Create in Canvas to create the data center and then configure structured and visualized setup for complex workloads.
Select a creation mode
4
Enter the following details:
Name: Enter a name to identify your data center.
Region: From the drop-down list, choose the physical location of the data center that hosts your infrastructure.
Description:(Optional) Add information that describes the VDC.
Create default network security group: Select the checkbox to associate a default security group with the data center. By default, a set of predefined security rules are applied to all VMs created in that respective data center. You can also later and of a default security group.
5
Select Create to confirm.
Result: An empty data center is created immediately, available in your DCD dashboard in the My Virtual Data Centers, and can be opened in the Workspace. Drag and drop resources from the Pallette on the left to the Workspace to design your infrastructure, configure each resource, and Provision to deploy your designed infrastructure. For more information, see Configure a Data Center.
Option 2: From the DCD home page
Alternatively, you can also create a data center using the following option:
1. In the DCD, go to the My Virtual Data Centers section, and select Canvas from the Create mode drop-down list.
After logging in to the DCD, you can scale your infrastructure capacity by modifying already provisioned instances exclusively through the Canvas mode. For more information, see Configure a Data Center.
Select Edit to update the primary Contact email address, Billing email address and Phone number associated with your account in the Contact section. You can also add other billing addresses by selecting Add another billing email address. Select Save to make changes.
My customer data window
Result: Your Customer Data will be saved.
QUANTITY: Displays the number of resources associated with the plan.
STATUS: Indicates if the plan is Starting soon, Active, Expiring soon, or Expired.
START DATE: Displays the date the plan started and billing commenced.
END DATE: Displays the date the plan expires and billing concludes.
Toggle the Show expired button to list plans that have already expired. You can also select Create Cloud Savings Plans to create new plans.
Discover our latest products, features, and enhancements to develop innovative applications.
Most Popular
Navigate directly to the most popular product guides to accelerate solution discovery and boost efficiency.
Get Started
With the Data Center Designer, you can create a fully functioning Virtual Data Center and manage services provided by IONOS Cloud.
Account Management
Manage your IONOS Cloud DCD account, payment details, and security functions to access and manage your contract securely.
Management
Manage user access and security policies, review resource usage and cost incurred, set cost alerts.
APIs
Build, deploy, and manage applications on the IONOS Cloud infrastructure more efficiently to enable integration, improve scalability, and enhance security.
SDKs
Simplify developing and managing applications deployed on the IONOS Cloud infrastructure with IONOS Cloud SDKs to build scalable, reliable, and efficient solutions.
Config Management Tools
Manage and control the configurations of software systems and infrastructure components in an automated and systematic manner.
AI Model Hub
A comprehensive platform to access AI foundation models and document collections supporting retrieval augmented generation use cases.
Compute Engine
Scalable instances with a dedicated resource functionality.
Cloud GPU VMs
High-performance GPU instances for compute-intensive workloads.
Cubes
Scalable instance with an attached NVMe Volume.
Managed Kubernetes
Facilitate a fully automated setup of Kubernetes clusters.
Private Container Registry
Manage docker and OCI compliant registries for use with your managed Kubernetes clusters.
Event Streams for Apache Kafka
A flexible and fully-managed Apache Kafka service for seamless data streaming and real-time analytics in the cloud.
In-Memory DB
An open-source instance that offers scalability, security, backup and recovery, and in-memory database persistence while supporting key-value data formats.
MariaDB
A fully-managed, open-source, MySQL-compatible database cluster offering backup, database patching, enhanced security, and scalability.
MongoDB
An open-source, NoSQL database cluster offering security, backup snapshots, and horizontal scalability with replication and sharding.
PostgreSQL
An open-source SQL database cluster offering security, backup and recovery, and horizontal and vertical scalability with replication.
CDN
Improve content distribution to websites with edge servers designed to optimize content delivery and secure web applications with WAF and Layer 7 DDoS protection.
Cloud DNS
Simplified ways to manage DNS zones and records and enhanced security with DNSSEC.
Cross Connect
Establish secure network connections between multiple Virtual Data Centers using a single LAN conduit within the IONOS Cloud ecosystem.
DDoS Protect
Increase your online security with DDoS protection and ensure uninterrupted operations from malicious attacks.
Flow Logs
Enhance security and provide detailed visibility into your network traffic.
Managed Application Load Balancer
Managed optimal load balancing service offered at the application level to improve responsiveness and availability.
Managed NAT Gateway
Boost online access and communication by equipping your networks with a managed NAT gateway, which can effectively translate IP addresses to a single, protected point and provide secure internet connectivity.
Managed Network Load Balancer
Maximize your Cloud's availability with a managed NLB that distributes incoming traffic in a scalable, fault-tolerant manner to ensure a seamless and reliable user experience.
VDC Networking
Core network management including configuring firewalls and reserving IPs to establish isolated virtual networks that interconnect VMs and various resources within the virtual data center.
VM Auto Scaling
Automatic scaling of VM instances according to performance metrics and VM load.
VPN Gateway
Securely establish site-to-site connections between on-premises networks and cloud resources using WireGuard or IPSec protocols.
Logging Service
Manage, monitor, and analyze log data from various sources using a centralized, and scalable platform.
Monitoring Service
Advanced metrics service on host-based, application, network, and system metrics, and is compatible with Prometheus.
Monitoring as a Service (Legacy)
Gather metrics on Dedicated Core Server and Cube resource usage.
Backup Service
Secure data storage backup solution with encryption, rapid disaster recovery, and data restoration for all application scenarios.
Block Storage
Cloud-based storage service offering cost-effective, large-scale storage with HDD storage and high performance and durability with SSD storage.
IONOS Cloud Object Storage
An S3-compliant service that stores and manages data as objects in a bucket, offering secure storage using access control and object lock.
Network File Storage
A managed service offering shared file storage for multiple VMs and containerized workloads through a secure NFS protocol.
Certificate Manager
Streamlined methods for provisioning and managing SSL/TLS certificates for web applications.
Network Security Groups
Secure your virtual networks effortlessly with Network Security Groups, your shield against unauthorized access and threats.
SSH Key Manager
Securely generate, store, and manage SSH keys to enable reliable authentication, and authorization to access remote servers and systems.
Security Safeguards
Central information source to securely use IONOS Cloud products and services.
Previous Releases
Welcome to the previous releases section of our documentation portal for IONOS Cloud. This section is dedicated to archiving previous release notes for the year(s), excluding the latest release.
IONOS Object Storage introduces contract-owned buckets in a new region eu-central-3. Users within a single organization can benefit from our Object Storage using contract-owned buckets. Users can now create this bucket type from within the . The earlier bucket-type functionality presented within the Object Storage continues to be supported and is now referred to as user-owned buckets. For the list of operations supported in contract-owned buckets, see .
May 24
IONOS announces the release of our Certbot plugin for Cloud DNS. With this plugin, you can automate the process of obtaining and renewing SSL/TLS certificate. This feature enhances security and simplifies certificate management for your domains.
This detailed will help you get started with the Certbot plugin for Cloud DNS, which provides step-by-step instructions on how to set up and use the plugin effectively.
May 23
Information on the security advisory for CVE-2024-4323 reported by Tenable Research is now available in the documentation portal. The memory corruption vulnerability in Fluent Bit can result in a denial of service, information disclosure, or remote code execution.
May 17
IONOS has introduced self-service functionality features via the DCD to improve the customer experience by giving users control over certain features. provides additional control and flexibility to your account. With the module, you can add new payment methods. This feature has enhanced security to provide seamless yet strong customer authentication.
May 13
You can now leverage the IONOS Cloud DNS API service to create and manage Reverse DNS (PTR) records for IPv4 and IPv6 addresses. This enhancement enables you to efficiently manage your DNS configurations and network settings and enhance .
May 7
Logging Service is enhanced to allow you to configure an unlimited retention period for your logs. With this enhancement, you can store your logs for an indefinite period. The enhancement is available since April 29, 2024.
May 6
Information on the security advisory for four vulnerabilities reported by Acronis is now available in the documentation portal. These vulnerabilities reported in the Cyber Protect Agent cause local privilege escalation and information manipulation without authorization.
and now support Proxy Protocol versions to send additional connection information, such as the source and destination. The Targets associated with your ALB and NLB can now be configured to accept incoming traffic using the Proxy Protocol.
November 23
Information on security advisory for CVE-2023-23583, also known as Escalation of privilege for some Intel processors vulnerability, is available on the documentation portal. This vulnerability is based on an unexpected behavior for some Intel(R) processors that may allow an authenticated user to potentially enable escalation of privilege and information disclosure or denial of service via local access.
November 15
Logging Service is now in the General Availability (GA) phase. You can create logging pipeline instances on the available locations to gather logs from multiple sources. You may also programmatically manage your logging pipelines via the API. To learn more about what changed during the transition from the phase to the GA phase, see .
Documentation updates
November 13
Cross Connect is now available as an feature on a restricted early access basis. To access this feature, please contact your sales representative or . With the enhanced feature, you can connect multiple seamlessly in the same region and under the same contract. Connections can be established via a private LAN only, thus enabling consistent and reliable data transfer and ensuring seamless connections, reduced latency, and minimized addressing discrepancies. Cross Connects are flexible, meaning you can easily modify the existing setup by effortlessly adding or deleting existing data centers or modifying the associated data centers.
November 1
Information on security advisory for CVE-2023-20569, also known as Return Form Procedure (RET) Speculation or Inception is available on the documentation portal. This vulnerability is reported by AMD as a sensitive information disclosure due to speculative side-channel attacks.
Create a TXT Domain Record
Prerequisites:
The request for domain ownership using the API must be complete.
The organization uses to publish the Domain Name System (DNS).
Note: If your organization uses any other domain provider, contact your provider to locate the DNS settings and add the TXT record value by referring to the steps in this guide.
You must add the token value provided in the response to the TXT Domain Record.
You can create a record of type TXT by following these steps:
1. In the DCD, go to Menu > Network Services > Cloud DNS > Public zones tab.
2. Select Primary Zones from the drop-down list.
3. Select the appropriate primary zone in the DNS ZONES column to create records. Alternatively, click Details & Records in the ACTIONS column.
4. Click Create record in the Details & Records window.
5. Enter the following details in the Create Record window:
Enabled/Disabled: Set it to either Enabled (by default) or Disabled.
Name: Leave the name value empty for your DNS record. It helps to identify the domain associated with the token by the domain name.
TTL: Enter an appropriate Time-To-Live (TTL) setting for your DNS record in seconds. The default value is 3600 seconds.
6. Click Save to create the DNS record.
Result: Your DNS record of type TXT is successfully created.
Next steps
After creating the TXT Domain Record, you must manually trigger the domain ownership verification using the API. This endpoint will only change the domain status to Approved when the TXT Record contains the provided token. The duration of this process ranges from a few seconds to up to a week, depending on your domain provider.
Note: It is recommended to use the command dig +short {yourdomain} TXT to confirm the presence of the token before triggering verification.
You can verify the domain ownership status by using the API.
Payment Details
You can view and update your account's billing and payment details.
Note:
Only users with the contract owner role are authorized to modify payment details.
Available payment options vary based on the country associated with your contract; as a result, you may see both options or only Credit card. The availability of SEPA Direct Debit is subject to geographic restrictions.
To edit the payment details, follow these steps:
In the DCD, go to Menu > Your Profile > Payment details.
The Payment Details window will open up. You can set up the payment method by selecting Set up payment method. A Change payment method window will open up.
Select the payment methods in Available payment methods to choose from how you would like to pay. The
Select this option to enter your Credit card information. Each transaction is encrypted using Secure Socket Layer (SSL), and the information is secure. You need to provide the following information:
Card number: Enter the valid card number for payment processing.
Expires (month): Select the expiration month of your credit card from the drop-down list.
Select Save to make changes.
Result: Your Payment details will be saved.
Log in to the Data Center Designer using IDP
Prerequisite: The user account must be linked with IAM Federation.
1
Initiate DCD Login
1. Open a web browser and navigate to .
2. Enter your user account Email Address associated with your organization IDP. 3. Click Next.
2
Authentication Options
The user can choose from the following options:
Option 1: Continue to Log in to the DCD using your IONOS Cloud Credentials
3
Complete Sign In
Enter your organization login credentials, such as Email, Password, and Sign In.
Result: The user is succesfully logged in to the DCD using their credentials linked with the organization IDP.
Set User Privileges through the API
Prerequisite: You need administrative privileges to create and assign user privileges using the Cloud API.
To set user privileges using the Cloud API to manage IAM resources, follow these steps:
1. Authenticate to the Cloud API using your API credentials.
2. Create a user using the POST /cloudapi/v6/um/users endpoint.
Enter the following required parameters for the user:firstname, lastname, email, and password.
3. using the POST /cloudapi/v6/um/groups endpoint.
Enter the required group name parameter for the group.
Set the accessAndManageIamResources privilege to true.
4. that is created using the POST /cloudapi/v6/um/groups/{groupId}/users endpoint and provide the user ID in the header.
Enter the required id parameter to identify the user uniquely.
Result: The accessAndManageIamResources privilege is granted to the user.
Overview
Identity and Access Management (IAM) Federation is a system that offers users a seamless authentication experience when logging in to the Data Center Designer (DCD). Using an Identity Provider (IDP) to authenticate the users allows them to share their identity information and proceed with linking the user account with DCD. It also enables Single Sign-On (SSO) when users wants to log in to the DCD using IDP.
When users log in to the DCD with their organization credentials, all services and resources accessed within the DCD remain the same as when they log in using their IONOS Cloud account.
Note:
The IAM Federation supports only the Federation for Authentication.
The mapping of federation for access will be introduced in future iterations.
Prerequisites: User accounts must be pre-created in IONOS Cloud, and Access and manage Identity and Access Management resources privilege must be granted. For more information, see and .
IAM Federation workflow
The IAM Federation works as follows:
1. Identity Provider (IDP): The organization sets up an IDP responsible for authenticating users and providing their identity information to other entities.
2. Service Provider (SP): IONOS Cloud, which wants to allow users to access its resources, such as DCD. For more information, see .
3. Federation Protocol: The IDP and SP agree on a federation protocol, such as SAML (Security Assertion Markup Language), OpenID Connect, or OAuth, to facilitate the exchange of identity information.
4. User Authentication: When users try to access a resource from IONOS Cloud, they are redirected to the IDP for authentication.
5. Authentication and Authorization: The IDP authenticates the user and provides an authentication response to IONOS Cloud, which includes the user's identity information and authorization attributes.
6. Access to Resources: IONOS Cloud then uses the authentication response to grant access to the requested resources, eliminating the need for the user to log in again to the DCD.
Resource Overview
You can track the global usage of resources available in your account along with the overview of usage limits per instance.
To view the resource overview, follow these steps:
In the DCD, go to Menu > Management > Resource Overview.
A Resource Overview window will open up with a summary of all resources.
Info If you want to extend these resources, contact .
Set User Privileges
Users need appropriate privileges to access and manage Identity and Access Management (IAM) resources. IAM has a group privilege called Access and manage Identity and Access Management resources, which must be enabled for a group so that the members of this group inherit it through group privilege settings and can access and manage the IAM resources.
Prerequisite: Make sure you have one or more Groups in the User Manager. To create one, see Create a group.
To set user privileges, follow these steps:
1. In the DCD, go to Menu > Management > Users & Groups.
2. Select the Groups tab in the User Manager window.
3. Select the appropriate group to which you want to assign privileges from the list of groups.
4. In the Privileges tab, select Access and manage Identity and Access Management resources.
Result: The privilege to manage IAM resources is granted to all the members in the selected group.
Revoke user privileges
To revoke user privileges, follow these steps:
1. In the DCD, go to Menu > Management > Users & Groups.
2. Choose one of the following options:
Option 1: Remove the User from all the Groups in which the Privilege is Enabled
1. Select the user from the Users tab in the User Manager window.
2. Go to the Groups tab, select the group name enabling the privilege, and click Remove from Group.
3. Repeat step 2 for all the groups where the privilege to be revoked is applied.
Option 2: Remove the Privilege from all the Groups the User Belongs To
1. Select the Groups tab in the User Manager window.
2. Select the Group Name in which the privilege to be revoked is applied and the user belongs to this group.
3. Clear the checkbox against the privilege name.
4. Repeat steps 2 and 3 for all the groups where the privilege to be revoked is applied.
Note: To revoke this privilege from a contract administrator, turn off the administrator option on the user account. After performing this action, the contract administrator will become a contract user, and the privileges set up for the user before becoming an administrator will be in effect.
Result: The privilege is successfully revoked.
How-Tos
A step-by-step guide on configuring and managing IAM Federation for a user account.
Set User Privileges for Data Center
Users need appropriate privileges to create and manage data center. The group privilege called Create Data Center must be enabled for a group so that the members of this group inherit it through group privilege settings and can create and manage Virtual Data Center (VDCs).
Prerequisite: Make sure you have one or more Groups in the User Manager. To create one, see Create a group.
To set user privileges to create and manage VDCs, follow these steps:
In the DCD, go to Menu > Management > Users & Groups.
Select the Groups tab in the User Manager window.
Select the appropriate group to assign relevant privileges.
In the Privileges tab, select Create Data Center.
Note: You can remove the privileges from the group by clearing Create Data Center.
Result: The privilege to create and manage VDCs is granted to all the members in the selected group.
Revoke user privileges
You can revoke a user's Create Data Center privilege by removing the user from all the groups with this privilege enabled.
Warning: You can revoke a user from this privilege by disabling Create Data Center for every group the user belongs to. In this case, all the members in the respective groups would also be revoked from this privilege.
To revoke this privilege from a contract administrator, disable the administrator option on the user account. After performing this action, the contract administrator will become a contract user, and the privileges that were set up for the user before becoming an administrator will then be in effect.
for DNS zones and records management is now also available via the Data Center Designer (DCD) graphical user interface. Leverage the capabilities of either the DCD or the based on your specific needs and use case for DNS management.
June 10
The self-restoration of MariaDB clusters from a backup via the has been made possible by enhanced IONOS DBaaS for MariaDB, which minimizes downtime and data loss in unanticipated scenarios. For more information about its use cases, see .
Cloud Savings Plans
The Cloud Savings Plans offer optimized rates on resources for a specific usage amount over one or three years. This pricing model delivers significant cost reductions compared to the standard Pay-As-You-Go (PAYG) pricing. It provides guaranteed optimized prices for a set usage and term, making them ideal for predictable and steady workloads.
The Cloud Savings Plans lifecycle guides you through the complete end-to-end workflow, from creation and validation to renewal. Specific use cases explain how the plans apply to your consumption, and the invoice provides information about transparent billing based on resource consumption.
Prerequisite: You must be a contract owner to create and manage the Savings Plans in your contract.
Product Overview
Quick Links
Frequently Asked Questions (FAQ)
DCD How-Tos
Learn how to use the DCD to create and view Cloud Savings Plans associated with your contract.
June 2025
What's new
December 2024
What's new
April 2025
What's new
🎉
Get Started
IONOS Cloud is a robust and flexible platform that helps users build and manage their cloud infrastructure smoothly. The platform offers user-friendly cloud solutions that can be managed via the or .
This section covers the first steps to working with the IONOS Cloud DCD and explores helpful advanced guides for fully configuring and managing various IONOS Cloud solutions.
First steps
Access the DCD to create and configure your first data center with IONOS Cloud.
October 2024
What's new
May 2025
What's new
Manage User Account in IAM Federation
Once the organization IDP is onboarded to use IAM Federation, the organization's users can link their accounts to IAM Federation and unlink them whenever needed.
Link User Account to IAM Federation
Upon linking a user account from the organization to IAM Federation, users can log in to the DCD using their organization credentials.
Retrieve all Identity Providers
To retrieve all IDPs, perform a GET request.
Endpoint
Use the following endpoint to retrieve an IDP: https://iam.ionos.com/federation/identityproviders.
Delete an Identity Provider
To delete an IDP, perform a DELETE request with the identityProviderId of the IDP.
Endpoint
Use the following endpoint to delete an IDP: https://iam.ionos.com/federation/identityproviders/{identityProviderId}.
Features and Benefits
Features
Multiple Savings Plans: Create and manage multiple Savings Plans according to your needs and growing demands.
Use Cases
This topic outlines specific use cases and describes how the plans are billed based on resource consumption when you have Cloud Savings Plans in your contract.
August 2023
What's new
FAQ
The following are a few FAQ that provide insight into the IAM Federation.
What is IAM Federation?
Identity and Access Management (IAM) Federation enables users from an external Identity Provider (IDP) to access cloud resources, including the Data Center Designer (DCD), after successful authentication and establishment of a link between their organization account and the IDP.
Pay-As-You-Go (PAYG) charges for uncovered resources: Any usage outside the scope of active Savings Plans is automatically billed at the PAYG rate.
Price protection during plan term: Once a Savings Plan is active, its pricing remains fixed for the entire duration, regardless of any changes to the pricing of the Savings Plans.
Flexible start date selection: The plans either start at 00:00 UTC on the day after the purchase is made or on another chosen day up to 30 days in advance.
Benefits
Locked in plan rates: By selecting a one or three-year term, you significantly reduce the rate for resource usage. It helps you cut the costs of essential, always-on workloads and extract maximum value from your cloud infrastructure.
Flexibility across workloads: You configure an overall amount of resources based on total usage, not specific machines or zones, so your savings move with your workloads. Defined rates automatically apply across all eligible resources. It allows you to adapt your environment as your needs change.
Effortless plan management: View and track all active Savings Plans through the Data Center Designer (DCD), and create additional Savings Plans as your resource needs grow.
Can an organization use any IDP to establish an IAM Federation connection?
Only Federated IDPs, such as SAML 2.0 or OpenID Connect (OIDC), are supported to establish a trust authentication connection with the IAM Federation.
How can a user benefit by using IAM Federation?
Once users link their organization user account with IONOS Cloud IAM Federation, they can sign in with their organization credentials to access IONOS Cloud resources, including the DCD. Additionally, users can experience seamless sign-in to the DCD with SSO. For more information, see Benefits.
Can any user link their account to IAM Federation?
No, only users with an existing account in IONOS Cloud can link their organization accounts with IAM Federation. New users without an IONOS Cloud account cannot establish an IAM Federation account linking. For more information, see Manage User Account in IAM Federation.
How can an organization establish a connection to the IAM Federation?
IONOS Cloud offers APIs that organizations can use to request domain ownership and onboard their IDP to establish a connection with the IAM Federation. For step-by-step instructions, see Configure IAM Federation.
Why a domain is required for IAM Federation?
When you set up IAM Federation, the domain you own becomes the link between your IONOS Cloud organization and the external IDP.
IONOS Cloud uses the domain from a user’s email address; for example,your.domain.com is used in the [email protected] email address to identify which IDP is available for account linking.
You must verify the domain through a TXT Domain Record record to confirm ownership before it can be associated with an IDP. For more information, see Create a TXT Domain Record.
After domain verification, existing IONOS Cloud users can link their accounts to the configured IDP. Only IDPs onboarded by your organization and matching the user’s email domain are available. Once linked, users can sign in through the external IDP instead of using native IONOS Cloud credentials.
What should an organization do after requesting domain ownership?
The organization must create a TXT Domain Record. Only upon successful creation of the TXT record can IONOS Cloud verify domain ownership. For more information, see Create a TXT Domain Record.
How can users log in to the DCD using IAM Federation?
Once the user have linked their organization account with IAM Federation, they can log in to the DCD using their organization credentials. For more information, see Log in to the Data Center Designer using IDP.
Can a user unlink their account with IAM Federation?
Event Streams for Apache Kafka service now supports Kafka version 3.9.0, effective June 27, 2025. In this context, we will mark version 3.8.0 as deprecated.
We will soon offer the possibility to patch existing clusters from Kafka version 3.8.0 to 3.9.0 via a single call to an API endpoint.
Observability products extend their availability to the new region, Lenexa, USA. With this expansion, the Logging Service is available at https://logging.us-mci.ionos.com and the Monitoring Service at https://monitoring.us-mci.ionos.com endpoint.
Logging Service is now available in the Data Center Designer (DCD). It provides centralized log collection, storage, and analysis, as well as the ability to manage logs from various sources, gain insights, and improve system monitoring. You can access it using the DCD or API for streamlined observability and enhanced troubleshooting capabilities.
VM Auto Scaling has been reclassified from the Management category to the Network Services category within the new streamlined DCD. This change reflects the increasing integration of scaling features with networking services such as load balancing and target groups. No changes have been made to existing configurations or functionality—only the placement in the DCD has changed. Accordingly, the corresponding documentation category has been updated.
For all models offered on the AI Model Hub, IONOS now offers extensive model cards illustrating not only the technical benefits of each model, but also their suitability in terms of use cases and their quality concerning sovereignty.
IONOS announces the upcoming phasing out of Mistral 7B in the AI Model Hub. This decision is part of our ongoing efforts to improve and align the product with more efficient and future-proof models.
IONOS announces the availability of signing in to the Observability Products' Grafana instance using the DCD IAM. This feature allows users to log in to Grafana using their IONOS credentials through the IAM SSO, enhancing security and simplifying access management.
IONOS announces the availability of Secondary Zone management directly within the DCD, which was previously accessible only through the API. This update empowers you to seamlessly create and manage secondary zones through the UI. Whether your primary zones are hosted externally or you are looking to extend redundancy, DCD now supports complete secondary zone configurations for enhanced load distribution, security, and flexibility or as a backup during primary zone failover.
A new tutorial for setting up a CDN Distribution is now available. This guide provides a step-by-step process to configure a Content Delivery Network (CDN) for your website using IONOS Object Storage as the origin.
The new Most Popular Product Guides section highlights the most helpful and engaging guides identified through user interaction data. This enhancement offers a centralized location of high-value content, helping you find answers more efficiently and get the most out of our products.
The VM Auto Scaling documentation has been moved from the Compute Services section to the Network Services category. This update aligns with recent DCD changes that group auto scaling features more closely with networking services. No changes have been made to functionality, this update is for documentation organization only.
This is solely for informational purpose and does not require any action from you. IONOS has renamed Virtual Server(s) to Dedicated Core Server(s). This change does not impact the functionality of the product in any manner. As a result, the documentation portal now reflects the product name changes. For more information, see Product Renaming FAQ.
IONOS MongoDB database cluster offers MongoDB Enterprise edition supporting versions 5.0 and 6.0 to suit the requirements of enterprise-level deployments. This edition provides advanced capabilities such as sharding database type, enabling the BI Connector, and more resources - CPU cores, RAM size (GB), and storage types to create database clusters. Additionally, the enterprise database clusters facilitate point-in-time recovery and offsite backup features making these clusters highly reliable.
A vCPU Server is a new virtual machine provisioned and hosted in one of IONOS's physical data centers. It behaves like a physical server and can be used as a standalone product or combined with other IONOS cloud products. To configure a vCPU Server, choose a preset (S, M, L, XL, and XXL) that suits your needs. Presets are a combination of specific vCPU-to-RAM ratios. The number of vCPUs and RAMs differs based on the selected preset. You can also tailor the vCPU-to-RAM ratios to meet your requirements—the Preset automatically changes to Custom when you edit the predefined ratio.
The documentation for Kubernetes Versions now contains the following details:
Managed Kubernetes releases Kubernetes version 1.27; hence, the Available column now mentions the release date.
Kubernetes version 1.24 has reached an end-of-life; hence, the Kubernetes end of life column has been updated accordingly.
Documentation updates
Note: The documentation portal URLs are directly affected by the below-mentioned updates. As a result, if you have bookmarked specific pages from the documentation portal, we recommend revisiting the pages and bookmarking the new URLs.
Expires (year): Select the expiration year of your credit card from the drop-down list.
Card verification code: Enter the security code on your credit card to verify the legitimacy during online transactions.
Credit card holder's address: You can provide the billing address associated with the credit card for verification purposes. Select either of the following options:
Same address as customer data: Select this option if you want to input the same address as you used in customer data.
Different address: Select this option to input a different address and provide the name of the Cardholder, Street and number, City, ZIP code, and Country.
Once done, select Until further notice, I agree that IONOS will collect all amounts due from the above credit card.
Select this option to enter the SEPA Direct Debit information. The SEPA Direct Debit processing can take up to 24 hours. You need to provide the following information for Authorisation for SEPA Direct Debit.
Customer Name/Account Holder: Enter the name of the account holder associated with the bank account.
IBAN: Enter the complete International Bank Account Number (IBAN).
(Optional) Once done, select Third-Party Direct Debit Details to authorize a third party, such as a company or service provider, to give your consent to access your bank account.
Select I agree that the amounts due may be debited from the specified account until cancelled.
Enter the Password associated with the IONOS Cloud account.
Click Sign In.
Result: The user is successfully logged in to the DCD using their IONOS Cloud credentials.
Info: The step Complete Sign In is unnecessary because you are already logged in to the DCD.
Option 2: Log in to the DCD Using your Organization Credentials
Prerequisite: The organization must have successfully requested domain ownership and onboarded their IDP. For more information, see Configure IAM Federation.
Select the option Sign in with a linked account. In this case, the user is redirected to the organization IDP page to complete the user authentication. Continue with the next step.
Remove the privilege from all Groups user belongs to
Warning: This option removes the privilege for all the members in the groups from which the privilege is revoked.
Set user privileges
Remove the user from the Group
December 9
API Gateway is now available in more regions including London, Paris, and Logroño. You can now create, manage, and deploy APIs in these regions using the API Gateway.
We are excited to announce the launch of IONOS Object Storage in our US data center location, Lenexa. This highly scalable and durable storage solution is designed to support businesses with large amounts of unstructured data. With IONOS Object Storage, users can store, manage, and analyze vast amounts of data, from images and videos to logs and backups.
Located in Lenexa, this new offering ensures low latency and high performance for US-based users. The new endpoint is exposed as us-central-1 and operates as a contract-owned IONOS Object Storage.
The IONOS AI Model Hub now supports an OpenAI-compatible embeddings endpoint, and the embedding models BGE Large EN v1.5, BGE m3, and Paraphrase Multilingual MPNet base v2.
We are pleased to announce the expansion of IONOS Cloud products and services with the addition of a new deployment location in Worcester. This new facility marks IONOS's second data center in the United Kingdom, after London, enhancing the capability to support high availability and redundant configurations across geographical locations.
The Worcester data center is classified as a Tier IV facility, which includes comprehensive isolation of critical infrastructure systems to reduce the risk of disruptions significantly and guarantees our users the highest operational security and reliability level. For additional information, refer to the Service Catalog.
You now have the option to deploy the following products in the new data center via the or using the location code gb/bhx via the :
Compute Services:
The following products do not have a distinct deployment in Worcester, but you can still use their centrally located services:
At IONOS, we are excited to announce the launch of our new and improved interface, designed with users in mind. The DCD application interface features a redesigned top navigation menu, a left navigation menu, and a DCD dashboard, providing the following advantages:
Simplified navigation: Easy access to the product categories and groupings.
Better organization: Better and logical product groupings that make browsing and discovering them and associated services easier.
Improved user experience: Whether you are a first-time visitor or a returning user, the new interface ensures a smoother, more enjoyable journey.
Consistency: A consistent look and feel across all sections and optimized for all devices. This update is part of our ongoing commitment to providing a user-friendly experience that helps you easily find the right products. As a result, you can also see that we have already updated the images in certain sections of the documentation portal, while the rest are still in progress.
Event Streams for Apache Kafka service will now support Kafka version 3.8.0 starting 30 April 2025. In this context, we will mark version 3.7.0 as deprecated.
Starting 28 May 2025, creating new Kafka instances in version 3.7.0 will no longer be possible. We will then migrate existing instances from version 3.7.0 to version 3.8.0 without requiring any action from you or service interruption.
We are excited to announce the launch of Event Streams for Apache Kafka in our Las Vegas, United States (us-las), France, Paris (fr-par), and Spain, Logroño (es-vit) data centers in addition to the existing location support in Germany, United Kingdom, and the United States. Supporting these new locations ensures we can offer a co-located Managed Kafka at any of our existing data centers. The new endpoints are kafka.us-las, kafka.fr-par, and kafka.es-vit.
At IONOS, we are excited to announce the integration of Key Management Service (KMS) for seamless activation and management of Microsoft Windows operating systems within our cloud infrastructure. While the activation process for new Windows instances will continue to occur automatically, this enhancement will facilitate the reactivation and management of existing Windows instances.
IONOS offers greater flexibility and simplicity for users to choose the server type as either Dedicated Core or vCPU for their Managed Kubernetes nodes. You can also choose to update the server type even after the node pool creation. This capability is supported both through the DCD and the API. To support this function, in the DCD, you see the new field Server type in the Node Template section while creating a Kubernetes node pool.
April 1 IONOS announces the upcoming phasing out of AMD Opteron servers in the Frankfurt (de/fra) data center. This decision is part of our ongoing efforts to improve the product and align it with more efficient and future-proof solutions.
Alternative options: For continued functionality, you can transition to Dedicated Core server with AMD Epyc CPU architecture or to a vCPU Server. You can manually change to one of these options from April 1, 2025, until May 13, 2025. Starting on May 13, 2025, eligible systems running AMD Opteron-based Compute Engine workloads will automatically begin transitioning to AMD Epyc processors within the Frankfurt location.
The documentation portal now has information on the security advisory for a critical vulnerability reported in Grafana 11. This vulnerability may allow attackers to execute arbitrary code on affected systems, leading to complete system compromise.
The documentation portal now has information on the security advisory for vulnerabilities reported in the Kubernetes Image Builder that enables default credentials during the image build process.
Cost Alert notification is essential for effective cloud cost management. These notifications act as alerts for spending thresholds, helping you control your budget, optimize resource usage, and make informed decisions about your cloud infrastructure. It is configurable via the DCD and the Billing API. Configuring a cost alert is solely within the authority of contract owners and users with administrator access rights. For more information, see Feature permission.
The documentation portal now has information on the security advisory for vulnerabilities reported in the Linux Common Unix Printing System (CUPS). By chaining these vulnerabilities, an attacker could cause remote code execution.
Information on the security advisory for three vulnerabilities reported by Redis is now available in the documentation portal. These vulnerabilities, reported by Redis, allow an authenticated remote user to execute arbitrary remote code and perform Denial of Service (DoS) attacks.
Reverse DNS is now available via the IONOS Data Center Designer (DCD). You can leverage its capabilities to create and efficiently manage Reverse DNS (PTR) records for IPv4 and IPv6 addresses.
Effective October 1st, we have updated our Cubes configuration templates to include more tailored options. We now offer nine template sizes, each varying by processor, memory, and storage capacities. The templates are divided into two categories: one for Basic Cubes and the other for Memory Cubes. To understand the detailed breakdown of resources for each template, see Configuration templates.
With a consistent approach to improve the user's experience with IONOS Cloud documentation, the Get Started section in the documentation portal is restructured to provide a simple, step-by-step guide that helps users onboard with setting up Data Center Designer, managing user and account settings, and explore advanced product feature configurations. All these guides are categorized under the documentation portal's new section Set Up IONOS Cloud.
The IONOS Cloud products that are currently available only on a request basis are now shown with a label on the documentation portal. Users can now scan through the page and easily identify such products and contact sales representative or IONOS Cloud Support to acess them. The products currently with this label are Event Streams for Apache Kafka, CDN, VPN Gateway, and Network File Storage.
The documentation portal now has information on medium-severity vulnerabilities reported by Intel. These vulnerabilities may allow local and authenticated attackers to access sensitive information.
May 15 We are excited to offer the Intel Sierra Forest Xeon Gen 6 processor as a new option for our Dedicated Core Server in our Compute Engine. This high-performance CPU delivers reliable and consistent computing power for even the most demanding applications. Its advanced architecture and 2.4 GHz clock speed ensure seamless execution of complex workloads, providing maximum efficiency and scalability. Sierra Forest will initially be available in the Berlin data center and gradually rolled out to other locations.
Intel Sierra Forest in Dedicated Core Server CPU Architecture
May 15 All Virtual Machines (VMs) running on Sierra Forest will require a Unified Extensible Firmware Interface (UEFI) for booting, marking a significant shift as UEFI becomes the mandatory firmware for all Sierra Forest-based VMs. This change ensures a secure and efficient boot process, providing a modern, feature-rich environment compared to the legacy BIOS. For more information about the transition process, see Transition Private Images to UEFI.
May 13 IONOS introduces a dedicated Security product grouping with the new simplified and streamlined DCD. This category combines products with related functions, such as Certificate Manager, Network Security Groups, and SSH Key Manager, into a single, organized section. With this update, the navigation path within the DCD is revised to reflect the new structure, making it easier for users to locate and access these security functions. The core functionality remains the same, and the updated navigation information can be found in each product's documentation.
May 2 Managed Kubernetes is releasing Kubernetes version 1.32. For more information about the schedule timeline, see Release Schedule. The updated schedule now also mentions the end-of-life dates for version 1.29.
May 13 The category Security has been renamed to Security Safeguards in the documentation portal to better align with its operation and function. The documentation related to IONOS Cloud security best practice guidelines, reporting of security events, and vulnerability register has been moved to this section.
The onboarding of the organization IDP must be successfully completed using the discovery endpoint. For more information, see Configure IAM Federation.
The user must already have an IONOS Cloud account.
The logged-in user's email address and the must match.
To link a user's account from the organization to IONOS Cloud DCD, follow these steps:
Warning: Upon unlinking the user account from IAM Federation, users can log in to the DCD only using their IONOS Cloud account credentials.
To unlink a user's account from the organization with IONOS Cloud DCD, follow these steps:
1. In the DCD, go to Menu > Management > IAM Federation.
2. In the Managed Linked Accounts, select Unlink under ACTIONS against the organization IDP user account that needs to be linked with IAM Federation.
Unlink the user account
Result: Your user account from the organization has been successfully unlinked from IAM Federation. From then on, you can log in to the DCD only using your IONOS Cloud account credentials.
Note: User can also unlink their account from the IDP anytime by revoking access to their account information.
Request
To make authenticated requests to the API, the following fields are mandatory in the request header:
Header Parameters
Required
Type
Description
Authorization
yes
string
The Bearer token enables requests to authenticate using a JSON Web Token (JWT). From the DCD, .
Content-Type
yes
string
Set this to application/json.
Response
200 Successful operation
Request
Note: The following request contains a sample identityProviderId. Replace it with the identityProviderId value, whose information you want to delete.
Below is the list of mandatory path parameter:
Body Parameters
Type
Description
Example
identityProviderId
string
The ID (UUID) of the IdentityProvider.
5e6323da-8a45-5732-bec1-d7c29c1dc890
To make authenticated requests to the API, the following fields are mandatory in the request header:
You have a Savings Plan defined for a single product.
Billing process:
Actual Consumption
Billing Process
Less or equal to the quantity configured in the Savings Plan
The plan's price applies to the consumption.
Greater than the quantity configured in the Savings Plan
- The plan's price applies to consumption equal to the plan's quantity.
- The PAYG price applies to remaining consumption.
- The plan's rate is applied to resources chronologically, starting with those in the oldest created .
Scenario 3: Several Savings Plans, each for different products
You have several Savings Plans, each for different products, for example, one for Cores, one for RAM.
Billing process: This scenario uses a billing methodology similar to Scenario 2, but the logic applies independently to each product's Savings Plans. The actual consumption of each product is compared with its dedicated plan's quantity.
Scenario 4: Several Savings Plans for the same product
Billing process: Savings Plans are applied to the product starting with the oldest plan. Consider two Savings Plans: Plan A (older Savings Plan) and Plan B (newer Savings Plan).
Actual Consumption
Billing Process
Less or equal to the quantity configured in Plan A
Plan A's price bills the consumption. Both plans are still billed in full.
Greater than the quantity configured in Plan A, but less than the combined quantity configured in both plans
Consumption uses Plan A completely and partially uses Plan B, maintaining full billing for both plans.
Equal to the combined quantity configured in both plans
Both plans are consumed and billed completely.
More than the combined quantity configured in both plans
Both plans are completely consumed and overusage is billed at the PAYG price.
VPN Gateway is now in the General Availability (GA) phase. It is designed to ensure secure and scalable encrypted connections between your IONOS Cloud resources and remote infrastructure using two key VPN protocols: IPSec and WireGuard.
We are excited to announce the following enhancements to VPN Gateway:
— Active-Passive High Availability (HA) mode to ensure redundancy in the event of failures.
— Availability of new tiers that can be paired with HA. Additionally, you have the option to switch between HA and non-HA configurations and upgrade your plans as needed.
— Ability to visualize all LANs connected to the respective VPN Gateway.
— Option to download VPN Gateway configuration to your local system.
November 22
The documentation portal now has information on the security advisory for a high vulnerability reported by the Kubernetes Security Response Committee. This vulnerability allows attackers to execute arbitrary commands in the vulnerable Managed Kubernetes cluster versions beyond the container boundary.
November 18
Beginning today, you will observe that the DCD portal's have been redesigned, resulting from the integration of IONOS Cloud Identity and Access Management (IAM) Single Sign-On (SSO) into the login process. You do not need to make any changes to your account.
November 11
Starting November 11, our AI Model Hub supports the OpenAI Image endpoint. In addition we launched the FLUX.1 schnell text-to-image model.
November 11
We've enhanced the firewall rules for Network Security Groups and NIC-based firewalls. In addition to the existing TCP, UDP, ICMP, and ICMPv6 protocols, we now support GRE, VRRP, AH, and ESP protocols. This expansion is available through both the Cloud API v6 and DCD platforms.
November 11
Effective immediately, you can specify custom MAC addresses when creating network interfaces (NICs) for Compute instances. This feature is accessible via Cloud API v6 and DCD. Ensure that you configure custom MAC addresses at the time of creation and that you cannot modify them during subsequent network interface updates. This capability is advantageous for environments requiring specific MAC addresses to comply with software licensing conditions.
November 8
This is to inform you that Managed Kubernetes version 1.28 will reach its end of life (EOL) on December 4, 2024. After that, you cannot create new clusters or node pools using Kubernetes version 1.28. Existing clusters or node pools running on version 1.28 will be automatically upgraded to version 1.29 during the next scheduled maintenance window after the EOL date.
November 7
Starting November 11, we will implement an update to the IONOS Cloud Identity and Access Management (IAM) Single Sign-On (SSO) login system to enhance security and usability for our users. You will notice that the new SSO will consist of two :
— The first screen requires your email address and password.
— The second screen requests a Time-based one-time password (TOTP) if you have activated 2-Factor Authentication.
November 6
IONOS releases Network Security Groups, a centralized firewall policy manager that allows you to filter and control network traffic to and from virtual network resources within a given Virtual Data Center (VDC). NSGs contain security rules that allow or deny traffic based on various criteria, such as source and destination IP addresses, ports, and protocols for its member VMs and NICs.
Note: Network Security Groups are currently accessible only via the Cloud API v6. The DCD support will be available soon.
November 5
We are excited to announce the launch of our new Database as a Service (DBaaS) interface for our Database products: , , , and . Designed with user experience in mind, the new DCD interface provides a more intuitive and an efficient management experience.
November 4
Event Streams for Apache Kafka is now in the General Availability (GA) phase. It is a managed solution that is fully integrated with the DCD, offering a variety of cluster sizes to accommodate the diverse requirements of different applications. With this service, you can build secure event-driven architectures. The product will initially be available only in the German data centers (Frankfurt & Berlin), and will be gradually rolled out to all locations.
November 4
Managed Kubernetes is releasing Kubernetes version 1.31. For more information about the schedule timeline, see .
With the Acronis Cyber Protect release on January 22, 2026, Acronis has migrated and updated most of the features previously included in Advanced Backup within the regular Acronis Cyber Protect. This change makes most features part of your standard backup plans and do not require an additional fee for the Advanced Backup pack.
January 22
The NIC Multi-Queue feature has expanded to the de/fra/1 region, making it available in all data centers. Previously available only through the API, you can now turn it on or manage it from the for Dedicated Core Servers and vCPU Servers. This distributes network traffic across multiple CPU cores for enhanced throughput and reduced latency.
January 21
The official IONOS Cloud nodes for n8n are now available, empowering developers and DevOps teams to automate infrastructure management through n8n's workflow automation platform. This release introduces five dedicated nodes for managing IONOS Cloud infrastructure, Cloud DNS, CDN, and Certificate Manager, as well as an AI Model Hub for integrating RAG capabilities and OpenAI-compatible endpoints directly into your n8n workflows.
January 19
The Observability products, the , and the are now available in two new regions in the USA: Las Vegasus/las and Newarkus/ewr.
January 15
The is now in the General Availability (GA) phase, available to all IONOS Cloud users. Previously available on a request basis, CDN is now available directly through the and . This service delivers high-performance content with built-in security features, including a Web Application Firewall (WAF) and Layer 7 DDoS protection, utilizing edge locations across major global regions.
January 12
DBaaS supports PostgreSQL 16, which delivers significant performance enhancements, featuring faster query execution through improved parallelism, accelerated bulk data loading, and more efficient logical replication. Fine-grained role and privilege management, such as restricting CREATEROLE privileges, enhances security and ensures safer, more controlled role management.
and
January 12
The Usage Reporter gathers two usage numbers for every logging pipeline and one usage number for all your monitoring pipelines you have and sends them to the Mimir data source in your Grafana Dashboard. These metrics will provide cost awareness, capacity planning, and automated alerting without the need to open support tickets.
January 9
Information on the security advisory for CVE-2025-14847, disclosed by MongoDB, is now available in the documentation portal. The advisory describes a vulnerability that involves improper validation of length fields in Zlib-compressed protocol headers, which could result in exposure of uninitialized heap memory to unauthenticated clients.
January 8
The NIC Multi-Queue feature is now available in all supported data centers, with the exception of de/fra/1. This expansion enhances network performance for and by distributing traffic across multiple processing cores, thereby increasing throughput and reducing latency. The feature is disabled by default and must be on each VM using the . This release extends availability beyond the initial deployment in Frankfurt de/fra/2, Germany.
Documentation updates
January 23
New tutorial demonstrating automated deployment of IONOS Cloud CDN distribution with Terraform, covering DNS zone management, TLS certificate provisioning, and CDN distribution configuration.
IONOS DBaaS for MariaDB is now available across all IONOS Cloud locations. You can choose any location of your preference from the DCD when you your MariaDB cluster or perform the same actions through the . For a list of region-specific API endpoints, see .
April 25
IONOS Object Storage has increased the length of all newly generated Access Keys and Secret Keys to prepare for the upcoming new functionalities on the offering. Access Keys will now be 92 characters long, and Secret Keys will be 64 characters long.
April 22
Managed Kubernetes now supports Regional Control Planes, allowing users to deploy and manage Kubernetes clusters to new geographic regions with ease. You can benefit from optimized performance and reduced latency between the control plane and the nodes of the node pools within the same region.
For more information, see .
April 10
Starting in May, our Backup Service servers will use an additional IP subnet: 85.215.126.0/24. We recommend you update the configured firewall rules in advance so that the firewall does not restrict backup agent access and allows the backup agents to communicate effectively. For more information, see .
April 5
Information on security advisory for CVE-2024-3094 is available on the documentation portal. The vulnerability enables remote system breaches via SSH, and immediate action is required to resolve it.
Documentation updates
April 2
We are thrilled to announce the release of our revamped documentation portal landing page. The enhancement includes significant improvements to the design outlook and website navigation to streamline the user experience and to make accessing information more accessible and more efficient.
Card-based Design: Visually appealing card layouts provide users with concise information and an easier way to engage with the documentation portal.
April 2
To reinforce consistency in the product category and product names across IONOS website and documentation portal, the following changes are made effectively:
The product categories are renamed, added, and removed.
Note: The product renaming does not have any impact on its services and functionality. Incorporation of the updated product names across our documentation pages is an ongoing development, and we will be rolling out this update in phases.
Create a Data Center
IONOS Cloud offers two different data center creation modes to match your infrastructure needs. Select the approach that best fits your workflow:
DCXpress mode: Provides a streamlined, guided workflow for rapid configuration of IaaS workloads. This mode walks you through the configuration of Virtual Machines, storage, and networking components step-by-step, making it ideal for quickly provisioning standard infrastructure setups.
Canvas mode: Offers enhanced flexibility and control for designing and managing sophisticated infrastructure architectures. This mode is recommended when working with advanced configurations or complex, multi-component environments.
Begin creating your data center
You can create your data center using either DCXpress mode or Canvas mode, accessible from the left navigation panel or the DCD home page.
Note: Your mode selection becomes your default for future data center creation, but you can change it anytime from the drop-down list.
Prerequisites:
Make sure you have the corresponding permissions to create and manage data centers. By default, contract administrators and owners can create a data center.
Only users with Create Data Center privilege can create a data center. For more information, see
Which creation mode do I choose?
Select the mode that best fits your workflow and experience level:
Account Management
An IONOS Cloud account represents your individual accounts associated with IONOS. Based on the user's roles, an account can be further categorized as the contract owner's account, administrator's account, or user account.
You can add cloud resources and manage the resources and your data on the cloud via your account. Each account is given a unique ID called the Contract ID during creation.
Features
Centralized customer profile management: It provides a unified view of your data, including contact information and organization details, keeping it consistent and up-to-date.
Secure payment and billing integration: It enables you to manage your payment methods with automated invoicing for timely payments, enhancing financial transparency while reducing the risk of billing discrepancies.
Advanced account security controls: Features such as and support pin configuration protect sensitive data and minimize unauthorized access. They help organizations meet compliance standards and safeguard user trust.
Personalized account settings and preferences: Set the default settings for your .
Access Permissions
To access your account, select Menu and click your initials on the top navigation menu of the DCD. You will see your user name, email address, contract number, and the following features in the drop-down menu:
Note: The features are subject to access levels based on the user's role.
March 25 The Cost & Usage view has been revamped with a fresh and intuitive design. It provides:
A comprehensive summary of your account's cost for the past six months, including the current month.
A monthly report with detailed insights into all costs associated with using Virtual Data Centers (VDCs) and consuming other products and services.
March 25
You can now manage TLS certificates for Kubernetes and OpenShift workloads using the IONOS Cloud DNS Webhook with . It enables you to secure your applications with valid TLS certificates that are automatically renewed before they expire. For more information, see the tutorial.
March 13
IONOS offers a redesigned user interface for the Certificate Manager via the Data Center Designer (DCD). Using this interface, you can seamlessly upload and manage TLS Certificates to integrate key products such as the and .
It also offers additional capabilities such as automatic certificate renewal through integration with Automated Certificate Management Environment (ACME) Providers and , allowing you to generate and renew TLS certificates automatically, thus simplifying security management and ensuring that your applications remain secure with minimal manual intervention.
March 6
Network Security Groups are now available via the Data Center Designer (DCD) graphical user interface. To secure your network, you can create rules based on your use case and leverage the capabilities of either the DCD or the API.
Documentation updates
March 25
A new tutorial on managing TLS certificates using the IONOS Cloud DNS Webhook for cert-manager is now available. This tutorial covers the installation, configuration, and automation of certificate management for your Kubernetes cluster workloads. By following the steps, you can secure your applications with valid TLS certificates that are automatically renewed before they expire.
March 24
The guides you through connecting a WireGuard peer between an IONOS Virtual Data Center (VDC) and an on-premises gateway, offering clear guidance and a smooth setup. As an enhancement to the user interface, the VPN Gateway Manager in the DCD also lists all tutorials, enabling you to configure your use case effectively.
March 18
The guides you through creating an IPSec tunnel between IONOS Cloud Virtual Data Centers (VDCs), offering clear guidance for a smooth setup.
Account Security
To protect your IONOS Cloud account from unauthorized access, each account comes with the following security features:
You can provide the password for your IONOS Cloud account during registration. Use the feature to enforce secure password practices by defining rules for password creation and modification that apply to all users within the contract.
To change the password, follow these steps:
In the DCD, go to Menu > Your Profile > Password & Security.
In the Change Password view, enter your Current Password, New Password and then Repeat New Password.
Select Change Password.
Result: The password is changed and becomes effective with the next login.
If you forget your password, then you can reset it. For more information, see .
Set up 2-Factor Authentication
You can set up 2-Factor Authentication in addition to your login credentials. This authentication method requires an app-generated security code. Once 2-Factor Authentication has been activated, you can only access your account by entering the authentication code you receive from the Authenticator App. This method can be extended to hide specific data centers and snapshots from users, even if they belong to an authorized group. This feature is only available in DCD.
Prerequisites:
Based on your device, install any Authenticator App of your choice.
The Authenticator App must be able to access your camera, and the time on the mobile device needs to be set automatically.
You can turn on 2-Factor Authentication for your accounts.
Note: An administrator or a contract owner can enforce 2-Factor Authentication for subuser accounts but cannot enable it for those accounts. Only account users can enable 2-Factor Authentication for their accounts. Once you enable it, the DCD application will prompt you for 2-Factor Authentication during your next login.
To activate 2FA for your account, follow these steps:
Result: The 2-Factor Authentication is enforced to your login workflow and becomes mandatory from your next login if you enable 2-Factor Authentication. You must provide a verification code each time you log in to the DCD.
## Set Support PIN
To ensure that the support calls are made by authorized users, you are asked for the support PIN to verify the account. You can set your support PIN in the DCD and change it at any time.
To set or change your support PIN, follow these steps:
In the DCD, go to Menu > Your Profile > Password & Security.
In the Set Support PIN section, enter your support PIN in the PIN field to confirm your identity.
Select Set Support PIN.
Result: The support PIN is now saved. You can use it to verify your account with .
IONOS releases the AI Model Hub platform, which features foundational models and vector databases as a service. Using these services, you can also implement retrieval augmented generation use cases.
We have added documentation support to help you use our new AI Model Hub. The key topics include:
July 29
The Data Center Designer (DCD) now features a new dedicated Network menu aimed at consolidating all network-related products for easier access and streamlining product management within the DCD. The products now grouped under this menu include Connectivity, Load Balancing, Edge Networking, and Security products. The IP Management, Cross Connect, Target Groups, Cloud DNS, and SSL Certificate Manager products listed earlier under the Management menu have been moved to the Network menu.
July 29
IONOS releases Network File Storage, a managed service that offers shared file storage for multiple virtual machines and containerized workloads via the NFS protocol. The product is currently available on a request basis, will initially be available only in the German data centers (Frankfurt & Berlin), and will be gradually rolled out to all locations.
It is currently available on a request basis. To access this product, please contact your sales representative or .
July 29
This release introduces additional capabilities, enabling you to connect all Virtual Data Centers (VDCs) in the Frankfurt region via private LANs. We recommend upgrading your existing Cross Connect to the latest version. For more information, see .
July 8
Managed Kubernetes is releasing Kubernetes version 1.30. For more information about the schedule timeline, see .
July 4
Information on the security advisory for CVE-2024-6387, announced by OpenSSH, is now available on the documentation portal. This advisory addresses a signal handler race condition in OpenSSH that affects sshd in its default configuration.
July 3
AMD Opteron CPUs will be phased out for Kubernetes node pools and new Opteron-based VMs. We recommend updating your Terraform and Crossplane configurations to reflect the new CPU type to avoid errors.
Documentation updates
July 31
We have updated the Backup Service documentation. The key topics include:
Step-by-step instructions for configuring backup encryption in
July 30
The Network Services product category now includes a new Certificate Manager section. This update relocates the Manage SSL Certificates documentation from the Managed Application Load Balancer product to the new section. Additional documentation on certificate management will be added shortly.
July 18
We have added documentation support to help you configure Veeam Backup & Replication with the new eu-central-3 Object Storage region. The key topics include:
Identity & Access Management
Identity and Access Management (IAM) is a framework of policies and technologies used to ensure that the right users (or entities) have the appropriate access to IONOS Cloud resources. It helps you to control your resources securely and authenticate and authorize access users to use resources and your IONOS Cloud account.
Identity management
When you create an account with IONOS Cloud, you become the contract owner and can access your account using your username and password. To begin with, you login with a sign-in identity and will have access to all the services and resources associated with the account. Ensure that your contract owner credentials are safe.
Next, from your contract owner account, you can set up other users and assign them roles and resources they need. For example, an administrators can have additional permissions whereas or sub-users can have limited permissions.
Access management
Once you create sub-users, they can log in to the IONOS Cloud account using their credentials. The credentials are validated before authorizing access to the resources and privileges associated with the respective user account.
By managing identities and their access privileges, IAM helps protect sensitive data and systems, reducing the risk of unauthorized access. You can control who can access specific resources and ensure compliance with security standards and regulations for your organization.
Access permissions
To access Identity & Access Management features, select Menu > Management on the top navigation menu of the DCD. You will see the following features in the drop-down menu:
Note: The features are subject to access levels based on the user's role.
LightOnOCR-2-1B is a new 1B-parameter end-to-end vision-language model by LightOn, now available in the AI Model Hub. It converts documents (PDFs, scans, images) into clean, Markdown-formatted text, handling complex layouts including tables, multi-column documents, and scientific notation.
February 20
The IONOS Cloud Logging Service has been upgraded to , bringing performance improvements and enhanced capabilities for log ingestion and querying.
February 19
Microsoft SQL Server 2025 (Standard and Enterprise) is now available as public images for , , and .
Standard Edition Enhancements:
February 12
IONOS Cloud and SUSE have successfully established a validated architectural framework to bring SUSE Rancher Prime to the IONOS Cloud sovereign European infrastructure. This partnership empowers enterprise users to centralize the management of their Kubernetes clusters while ensuring their orchestration layer remains compliant with strict data residency requirements. By deploying this solution, organizations gain the flexibility to run mission-critical containerized workloads on a high-performance cloud stack specifically engineered for digital autonomy. This self-managed integration follows a Bring Your Own Subscription (BYOS) model, allowing users to leverage their existing SUSE agreements directly within the IONOS Cloud ecosystem.
Documentation updates
February 27
The VDC Networking documentation has been restructured to improve clarity and usability. The revamped guide now includes step-by-step instructions for common networking tasks. It features an intuitive organization that helps you find relevant information quickly and implement networking solutions efficiently. New and updated sections include the following:
Retrieve all Domains
To retrieve all domains, perform a GET request.
Endpoint
Use the following endpoint to retrieve an IDP: https://iam.ionos.com/federation/domains.
Request
To make authenticated requests to the API, the following fields are mandatory in the request header:
Response
200 Successful operation
Delete Domain
To delete a domain, perform a DELETE request with the domainId of the domain.
Endpoint
Use the following endpoint to delete a domain: https://iam.ionos.com/federation/domains/{domainId}.
Request
Note: The following request contains a sample domainId. Replace it with the domainId value to delete the respective domain.
Below is the list of mandatory path parameter:
To make authenticated requests to the API, the following fields are mandatory in the request header:
Response
202 Successful operation
Overview
The IONOS Cloud Savings Plans are a pricing model that offers significantly optimized resource rates for a specific quantity of cloud resource usage, measured per hour, over a one or three-year term, compared to Pay-As-You-Go (PAYG) prices. It provides a substantially reduced price for consistent resource usage and is a key feature for cloud cost optimization.
Prerequisites:
You must be a contract owner to create Savings Plans.
Your contracts must be in the “Billable” status to purchase Savings Plans. If a contract holds any other status, the Data Center Designer (DCD) does not display the option to purchase Savings Plans.
Note: The current resource allocation limits in your contract determine the amount of resources you can configure in your Savings Plans.
Cloud Savings Plans lifecycle
The following shows the Savings Plans lifecycle. Log in to the DCD to Savings Plans for your contract.
1
Validate your details
Ensure you fulfill the following:
You are a contract owner.
Understanding the scope of the Savings Plans: Savings Plans operate on the billing layer to automatically apply your plan rates. They do not operate on the resource layer, which means they do not reserve physical capacity. Therefore, your lower rate is guaranteed for any eligible usage; however, the availability of specific resources is determined by data center capacity when you create them.
Management
Manage user access and security policies with features in Identity and Access Management.
Usage provides insights into resource usage, cost incurred, and cost alerts for your account.
Features
Identity and Access Management (IAM)
: Facilitates adding new users, assigning roles, and managing access permissions.
: Enforces rules for password strength, expiration, and complexity to ensure secure authentication.
: Manages authentication tokens, ensuring secure access control across systems.
Usage
: Monitors and reports on resource consumption.
: A pricing model offering lower hourly resource rates compared to the Pay-As-You-Go (PAYG) rates.
: Sends notifications when usage exceeds predefined cost thresholds.
Quick Links
Token Manager
This tutorial guides you through generating and managing authentication tokens in the Data Center Designer (DCD).
Note: The API/SDK Authentication Token Manager can be used by any user but is mandatory for 2FA enabled and forced accounts.
December 2023
What's new
Request Domain Ownership
Prerequisite: Only contract administrators, owners, and users with accessAndManageIamResources privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see .
To request the ownership of a domain, perform a POST request.
Retrieve an Identity Provider
To retrieve an IDP, perform a GET request with the identityProviderId of the IDP.
Endpoint
Use the following endpoint to retrieve an IDP: https://iam.ionos.com/federation/identityproviders/{identityProviderId}.
Create Cloud Savings Plans
You can create multiple Savings Plans under your contract. Ensure you meet all the before getting started.
Follow these steps to create a plan:
1. In the DCD, go to Management > Cloud Savings Plans.
2. Select Create savings plan and enter the following details:
Plan name: Enter a name for your Savings Plan.
Usage
With Usage, you can track your resource usage, cost incurred, and cost alerts for your account.
Access Permissions
To access Usage features, select Menu > Management on the top navigation menu of the DCD. You will see the following features in the drop-down menu:
Cost & Usage
The Cost & Usage view provides a more detailed and intuitive view of cloud costs and consumption statistics. The view gives you the ability to explore the usage of all services with the currently applicable list prices, excluding any discounts and VAT. It provides a clear breakdown of service usage and pricing, allowing for better visibility into your consumption patterns. It compares estimated costs and usage across various product categories, which are subdivided into specific line items. The page outlines the services or features used, the total units consumed, and the corresponding costs incurred.
The granular level of detail ensures you clearly understand where your resources are being utilized and how they contribute to overall spending. You can view relevant data that helps make informed decisions about your cloud resources.
Prerequisites: You must be one of the following to access the Cost & Usage view:
Cost Alert
Overview
The Cost Alert Notification feature helps you to monitor and manage the cloud infrastructure costs. This feature allows you to set up alerts that notify you when your spending reaches predefined thresholds. Once the set threshold is exceeded, you will receive a notification via email, providing immediate awareness of cost overruns. The Cost Alert Notification feature is available for contract owners and administrators.
This documentation covers how to create, edit, and delete the cost alert notification.
Retrieve Domain
To retrieve a domain, perform a GET request.
Endpoint
Use the following endpoint to retrieve a domain: https://iam.ionos.com/federation/domains/{domainId}.
Website Navigation: Find the specific product documentation easily with a familiar navigational structure that rearranges the products in the Product User Guides in an alphabetical sequence.
Some of the product names in our documentation portal are renamed and reorganized into product categories in a way that it improves easy discoverability of documentation.
IAM Federation: Enables users to use their orgnization credentials to log in to the DCD and access resources without the need for additonal authentication and authorization.
Resource Overview: Provides a comprehensive view of all resources and their limits.
You know exactly what you need and want it running quickly
You need to plan, visualize, and refine your infrastructure layout
Can modify later?
Not with Xpress mode, but you can add more elements using the Workspace after provisioning.
Yes
Provisioning
Maintain an active browser session during data center provisioning. The browser tab must remain open, and you must stay online until provisioning completes. A notification also prompts you to maintain your connection during this process.
Provisioning occurs asynchronously in the background. You can close the browser or navigate away from the page without interrupting the provisioning process.
{
"id": "7d4a3d9d-033d-5794-99e6-d5cfa9516fc4",
"type": "collection",
"href": "/domains",
"items":[
{
"id": "f181c212-34f1-5843-9bbb-fc2531c7d928",
"type": "domain",
"href": "/domains/f181c212-34f1-5843-9bbb-fc2531c7d928",
"metadata": {
"createdDate": "2020-12-10T13:37:50+01:00",
"createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate": "2020-12-11T13:37:50+01:00",
"lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN": "ionos:<product>:<location>:<contract>:<resource-path>",
"account": 123456
},
"properties": {
"domain": "yourcompany.com",
"status": "REQUESTED",
"message": "The token provided should be added to the TXT Domain Record, then request to verify the ownership. Important: This is the only time the token will be visible to you, so please take note of it now."
}
}
]
}
Manage your company information, address, and contact details. Contract owner only
Payment Details
Get a detailed view of your payment details.
Account Security
Set a new password, 2-factor authentication, or configure a support pin.
DCD Default Settings
View your default DCD setttings.
Transparency about usage patterns and costs across product categories by displaying the total units consumed, cost per unit, and total cost incurred.
As a result, the Cost & Usage documentation has been revamped to align with the new view and is now categorized as a separate topic in the documentation portal.
Scan the QR code using the Authenticator app on your smartphone.
Enter the Security Token.
Select Done to exit the 2-Factor Authentication window.
An administrator or a contract owner can enforce 2-Factor Authentication for subuser accounts but cannot enable it for those accounts. Only account users can enable 2-Factor Authentication for their accounts.
To activate 2FA for another user account, follow these steps:
In the DCD, go to Menu > Management > Users & Groups.
Select the required user in the User Manager window.
In the Meta Data tab, select the Force 2-Factor Auth option.
Set user privileges; limit or extend access to chosen roles.
Password Policy
Create and manage password policy to secure user accounts.
Token Manager
Create, manage, and delete an authentication token using the API/SDK Authentication Token Manager.
IAM Federation
Onboard the organization Identity Provider (IDP) to log in to the DCD using their organization credentials.
Header Parameters
Required
Type
Description
Authorization
yes
string
The Bearer token enables requests to authenticate using a JSON Web Token (JWT). From the DCD, .
Content-Type
yes
string
Set this to application/json.
Body Parameters
Type
Description
Example
domainId
string
The ID (UUID) of the domain.
f181c212-34f1-5843-9bbb-fc2531c7d928
Your contract is in the “Billable” status.
You have entered a valid address and payment details.
2
Create Cloud Savings Plans
1. In the Data Center Designer (DCD), choose the start date, applicable products, the number of resources, and a duration of either one year or three years for your Savings Plans. For more information, see Create Cloud Savings Plans.
When you choose Savings Plans:
You become eligible for the corresponding Savings Plans rates on applicable products.
Billing for the plan continues for the full term at the agreed-upon amount, regardless of your actual resource usage. For more information, see .
Note: You cannot modify the Savings Plans after they are activated. If your needs grow, you can purchase additional plans at any time. Any resource usage exceeding your plan's coverage will be billed at the standard PAYG rate.
2. Confirm the details before you agree to the terms and conditions.
3. Upon purchase, you will receive a confirmation email at your registered address detailing your successful enrollment in the Savings Plan.
3
Activate Cloud Savings Plans
Your Savings Plans activate on the specified start date, upon purchase. The Savings Plans rates will be automatically applied to your eligible product usage, beginning at 00:00 UTC on the effective date. No manual configuration is necessary.
4
Monitor usage and billing
The rate of your Savings Plans is applied automatically to your eligible product usage, up to the amount you have chosen. It prioritizes the application of Savings Plans rates based on the Virtual Machine (VM) creation time, from oldest to newest.
Any usage that exceeds your chosen resources is billed at the standard PAYG rate, ensuring flexibility while maintaining savings on predictable workloads.
Your details all usage from the billing period. It clearly distinguishes between usage covered by your Savings Plans and any extra usage charged at the standard PAYG rate.
Track your resource usage costs using reports and set up to track budget thresholds. Together, these tools enable you to monitor spending in real-time and manage your cloud costs effectively. By reviewing alerts and usage reports, you can better use your Savings Plans and identify opportunities to optimize resource usage.
5
Cloud Savings Plans expiry
You receive a notification 30 days before your Savings Plans expire. You can create new plans before the expiry of your old Savings Plans. If there are eligible Savings Plans, your usage automatically reverts to PAYG pricing the day after expiration. While no service interruption occurs, you may not be able to access the previous plan rates during transition to the PAYG pricing.
To continue your Savings Plans benefits, log in to the DCD and purchase new plans to start immediately after your current term ends. It ensures continuous cost optimization without disruption.
In the DCD, you can now generate the authentication token to securely access IONOS Cloud APIs and SDKs by using the API/SDK Authentication Token Manager. Along with improved user security, the Token Manager offers a seamless user experience to generate tokens in a simplified way and use the token several times to access the APIs and SDKs. You can generate up to 100 authentication tokens and use any of these token values for authorizing access to APIs and SDKs.
To create a secure authentication token for authorizing to use APIs and SDKs, follow these steps:
In the DCD, go to Menu > Management > Token Manager.
Token Manager option in the drop-down
In the API/SDK Authentication Token Manager, select Generate Token.
Copy the Token ID and Close the token-generated window.
Warning: You must save the token value for future uses. You will not be able to see the token value again due to security reasons.
Note: You can download the token value as a text file for future uses by selecting the Download option next to the Token Value.
Generate authentication token
Result: An authentication token is generated and listed in the API/SDK Authentication Token Manager screen.
Authentication token generated in the API/SDK Authentication Token Manager screen
Authentication token attributes
Each token has a Time To Live (TTL), which is the duration for which a token is valid before it expires and becomes inactive. Select a TTL value from the drop-down list. The following are the possible values:
1 Hour
4 Hours
1 Day
7 Days
30 Days
60 Days
90 Days
180 Days
365 Days
Each token consists of:
ID: This is the ID of the token which you can use in the . For example, to by ID.
Creation Date: The date and time stamp of the token.
The generated token is listed in the API/SDK Authentication Token Manager screen.
The Token Value is displayed only once upon generation, and you must save this value for future use.
The token is valid based on the defined TTL field at the time of token generation.
Delete an authentication token
Note: The deletion of a token in the Authentication Token Manager will result in the deactivation of the token even when it has not expired. It becomes invalid immediately.
To delete an authentication token, follow these steps:
In the DCD, go to Menu > Management > Token Manager.
In the API/SDK Authentication Token Manager, select the authentication token to delete and select the Delete option.
Select Delete to confirm.
Deletion of an authentication token
Result: The authentication token is successfully deleted and removed from the tokens list in the API/SDK Authentication Token Manager.
December 20
IONOS now supports RHEL 8 images as part of our ongoing commitment to offering RHEL support to our users. As a result, RHEL 8 images are now compatible with the IONOS public cloud architecture.
IONOS is a certified partner of Red Hat and is authorized to provide and run Red Hat Enterprise Linux inside the IONOS public cloud infrastructure. This applies to public RHEL 9 images supplied by IONOS.
Managed Kubernetes now supports Private Node Pools, providing enhanced security, isolation, and flexibility to manage your Kubernetes workloads. You can create Private Node Pools within your Managed Kubernetes clusters to ensure your critical workloads remain secure and protected.
IONOS has renamed Managed Backup to Backup Service to standardize the product terminology. Earlier, Managed Backup was also referred to as Backup as a Service or Backup by Acronis across different platforms. The new unified name ensures consistency in our communications and branding. This change does not impact the product's functionality, and the service remains unchanged. The documentation portal now reflects the product name changes. For more information, see FAQ.
IONOS offers a revamped DCD interface for IONOS Object Storage in the General Availability (GA) phase. It is an enhanced version of the old DCD interface, providing improved user experience and performance, intuitive design, contextual help, and faster responsiveness. The user interface navigation label is renamed to IONOS Object Storage in the DCD.
IONOS Object Storage offers the Bucket Policy, view object versions and metadata, and Object Lock features in the General Availability (GA) phase. Using Bucket Policy, overarching access policies for a bucket can be set to control data access and usage. With Object Lock, data can be secured by implementing retention policies or legal holds; and with object versions and metadata, object retrieval is easier for large volumes of unstructured data. These new features overall improve the access and data management in the Object Storage.
IONOS offers the new Container Registry Vulnerability Scanning feature in General Availability (GA) phase. Software development is constantly evolving, and security is our top priority. The Container Registry Vulnerability Scanning feature is specifically designed to enhance the security of your containerized applications by proactively identifying potential vulnerabilities present in your artifacts. Scans occur each time an artifact is pushed to the registry and when new vulnerability definitions are published. It quickly detects any security weaknesses in container dependencies and libraries, allowing you to react immediately to prevent exploitation. For more information about reviewing the vulnerability scan results, see View Vulnerability Scan Results.
This feature will be available when creating new container registries, and you can also enable it for existing registries. For more information, see .
IONOS offers the New Container Registry Web Console, an enhanced version of the existing Container Registry Web Console, providing improved user experience and performance, intuitive design, faster responsiveness and additional features than the existing Container Registry Web Console. For more information, see DCD How-Tos.
IONOS is a certified partner of Red Hat and are authorized to provide and run Red Hat Enterprise Linux inside the IONOS public cloud infrastructure. This is applicable to both public RHEL images supplied by IONOS and user-uploaded private RHEL images.
The subtopics in the Block Storage section have been updated. It now contains a new Images & Snapshots section with the appropriate subtopics—IONOS Public Images and Private Images. For more information, see Images & Snapshots.
The subtopics in the Block Storage section have been updated. It now contains a new Images & Snapshots section with the appropriate subtopics—Public Images and Private Images. For more information, see Images & Snapshots.
Use the following endpoint to request for domain ownership: https://iam.ionos.com/federation/domains.
Request
Below is the list of mandatory body parameters:
Body Parameters
Type
Description
Example
domain
string
Represents the domain to map the user email domains to the IDPs.
yourcompany.com
To make authenticated requests to the API, the following fields are mandatory in the request header:
Response
202 Successful operation
Note:
The token value provided in the API response must be saved, as this will be the only time it is displayed. This token value must be added to the TXT Domain Record and proceed with the domain ownership verification.
If you are using IONOS Cloud DNS, you can add the TXT Domain Record by following the steps in .
If your organization uses any other domain provider, contact your provider to locate the DNS settings and add the TXT record value.
Note: The following request contains a sample identityProviderId. Replace it with the identityProviderId value, whose information you want to retrieve.
Below is the list of mandatory path parameter:
Body Parameters
Type
Description
Example
identityProviderId
string
The ID (UUID) of the IDP.
5e6323da-8a45-5732-bec1-d7c29c1dc890
To make authenticated requests to the API, the following fields are mandatory in the request header:
Response
200 Successful operation
{"id":"5e6323da-8a45-5732-bec1-d7c29c1dc890",
Start date:(optional) You can choose a start date:
If you select a date, the Savings Plans will begin at 00:00 UTC on that day.
If you do not select a date, the Savings Plans begin at 00:00 UTC on the following day.
Product selection: You can apply your customised Savings Plans to any of the listed products:
Compute Engine - Dedicated Core Servers
Managed Kubernetes - Dedicated Core Node Pools
Resources: To create your plans, select the checkbox for each resource you want to cover: Cores and/or RAM. For each selection, define the amount the plan will cover. A separate plan will be created for each resource. Upon selecting the checkboxes, you can modify the number of resources using either the slider or the up-and-down arrow controls in the text box next to the slider.
Plan term: Select either a one-year or three-year term for your Savings Plans based on your need.
Price per unit: The optimized rate applied to each resource unit under the Savings Plans is displayed.
Info: A summary of your plan will appear in the Summary section on the right side of the window. Active Savings Plans automatically bill any covered usage at the plan's rate throughout the term, providing cost predictability and savings. You can:
View the cost per 30-day billing period by selecting 30 days. For example, a resource's monthly cost is calculated by multiplying its unit price by the total hours used.
Select Total to view the total accumulated cost for the duration of the plan.
Payment option: Usage under the Savings Plans is billed monthly.
Click Cloud Savings Plan purchase conditions to read the terms and conditions.
Select the I confirm I've read and agree to checkbox when you agree with the terms and conditions.
Note: Plan creation is possible only upon selecting the checkbox.
Create Savings Plans
3. Select Create to create your customized Savings Plans.
Result: Your plan is created and listed in the Cloud Savings Plans overview with the STATUS set to Starting soon. You will also receive a confirmation email to your registered email address. The two confirmation boxes indicate that two separate plans are being created: one for RAM and other one for the number of CPU cores.
Savings Plans created successfully
Next Steps
After creating the Savings Plans, you can edit only the plan's name and view all plans associated with your contract, but you cannot delete an existing plan.
Note: The features are subject to access levels based on the user's role.
Menu item
Contract Owner
Administrator
User
+
+
+
+
+
Quick Links
Contract Type
Contract Users
Accessible?
Regular contracts
Contract administrators
Contract owners
✅
✅
Reseller contracts
Contract owners
✅
The cost calculation depends on the aggregated usage of all resources consumed during the selected period. Because usage data is updated periodically (at least once a day) depending on the product, the usage for the current period may be offset by up to 24 hours. Thus, the report ensures you have the required information for monitoring consumptions and accommodating the update intervals of various services to give you a cost report for services and product usage in your cloud environment. For more information on pricing, see IONOS Cloud Prices.
Note:
Billing is based on product usage, with charges computed according to the listed prices. Hence, it should be viewed as an estimate and may not match the final invoice details.
This page does not reflect special pricing or discounts, meaning the figures shown may not align with any custom agreements or promotional rates in place.
In addition to the Cost & Usage view on the DCD, you can retrieve detailed invoice data and a granular resource-allocated usage distribution through the IONOS Cloud Billing API. It provides a powerful and flexible way to access comprehensive billing information, enabling you to track and analyze your usage at a granular level programmatically. By leveraging the Billing API, you can integrate billing data into your internal systems, automate reporting processes, and gain deeper insights into resource consumption across various services. We recommend you explore and utilize this API to streamline your billing workflows and enhance cost management capabilities.
The Cost & Usage view, in combination with the Cost Alert feature, provides an enhanced way for you to proactively manage your cloud expenditures. When setting up a cost alert you will receive a notification as soon as the cost of your contract reaches the predefined threshold, allowing you to analyze your usage. The integration offers greater control and visibility over usage patterns and associated costs, helping avoid unexpected charges.
Access Cost & Usage
To view the services and products cost and usage for your account, follow these steps:
1. In the DCD, go to Menu > Management > Cost & Usage.
2. Select a Period from the drop-down list to generate a detailed report for the specified time frame. By default, the current month and its breakdown are displayed. Additionally, you have the option to generate a report for the past six months, starting from the current month.
Select Period
Result: The report displays the following information:
Period: The current period is displayed by default. You may notice that the cost computation for the period starts from the beginning of the month. However, if you choose: — Current month: The report is generated from the first of the month until the date of report generation. — Previous months: The report is generated from the first of the month until the end of the month. You can generate the report only for the last six months of the contract.
Current total amount for this period: Displays the total cost incurred for the respective month due to the services and product usage.
Product categories: The product categories on the left frame display the total cost for using individual products or services from the respective product category. Click on it for a . Products or services that do not have a product mapping are listed in Others.
Price category: Displays the total price associated with the products or services consumed in the respective product category. It is a summary of the product or service usage that helps identify the total cost of this category, meaning costs are grouped per consumed product, independent of whether a single instance or multiple services caused the usage. In some cases, like for Virtual Data Centers (VDCs), the total cost is by each VDC. The price category shows one of the following based on the usage: — —: No service or product was used from the respective product category during the chosen period. — 0.00: The free quota covered the services or products that were used. — Total cost: Services or products from the respective product category were used. Click on it for a .
Cost and Usage view
Detailed breakdown
The table displays the following information:
Item: Displays the product item description including the description of the calculation unit of the product item. Example: 1h per GB RAM. If aggregate costs are displayed, like in VDCs, click on it to view a detailed service or product consumption breakdown.
Price per unit: Displays the cost per unit for the service or product used.
Usage: Displays the number of units consumed. It indicates the number of units consumed by each product item.
Total: Displays the total cost incurred for the amount of units of the respective product item. It is calculated as price per unit * amount of usage.
Mechanism
The Cost Alert Notification is a real-time notification. IONOS Cloud runs billing calculations periodically due to the data aggregation of billing events. It does not run the invoice calculation permanently. Therefore, an offset to the configured amount may be expected. The first time the invoice amount calculated is above or equal to the threshold value, an e-mail will be sent to the e-mail address defined in the configuration. This notification is sent only once and not repeated with every following invoice calculation.
The Cost Alert Notification will be based on the net amount of the contract invoice (excl. VAT).
Furthermore, the Cost Alert Notification feature does not execute any other operation - especially no changes to any service.
API endpoint
The Cost Alert Notification feature is part of the Billing API. It can be managed using the /{contractId}/ usage-alert endpoints. Further documentation can be found in the respective Billing API documentation.
To access the Billing API, you must authenticate requests using your basic authentication credentials or a Bearer token (required for Multi-Factor Authentication accounts). The Bearer token must be retrieved through the Token Manager in the DCD.
DCD How-Tos
The Cost Alert Notification feature is part of the Account Settings at the top right of the menu bar.
Create a cost alert
To create a cost alert for your account, follow these steps:
In the DCD, go to Menu > Management > Cost alert.
In the Cost alert window choose Create cost alert.
Create Cost alert
Enter the amount you need and your email address in the window.
Choose Create cost alert.
Cost alert created
Result: The cost alert is successfully created.
Edit a cost alert
You can edit the cost alert after creating it.
In the Menu go to Management > Cost alert.
In the Cost alert window choose Edit.
Edit Cost alert
Edit the amount and the email in the corresponding fields.
Click Save to save changes.
Regularly check your email for updates regarding your spending. Based on the alerts you receive, make adjustments as necessary.
Delete a cost alert
In the Menu go to Management > Cost alert.
In the Cost alert window choose Delete.
Delete Cost alert
Result: You will receive a notification that the cost alert was successfully deleted.
Cost alert deleted
Feature permission
The configuration of a cost alert can be managed by contract owners and users in the role of administrators only. Other contract members with the user role cannot access the feature. Within the IONOS Cloud multi-tenant model, access to the feature is also restricted to users in the role of administrators. It is only accessible to the contract owner of the respective multi-tenant contract.
Request
Note: The following request contains a sample domainId. Replace it with the domainId value, whose information you want to retrieve.
Below is the list of mandatory path parameter:
Body Parameters
Type
Description
Example
domainId
string
The ID (UUID) of the domain.
f181c212-34f1-5843-9bbb-fc2531c7d928
To make authenticated requests to the API, the following fields are mandatory in the request header:
With the new Xpress mode, you can rapidly deploy workloads through a guided configuration workflow for virtual machines, storage, and networking. This streamlined approach is ideal for provisioning standard infrastructure components. The new instance creation mode can be used to create , , and .
December 9
The CDN uses high-performance Points of Presence (PoPs) located across major global regions. This expansion adds edge locations in the United Kingdom, additional PoPs in Spain, and wider coverage in the United States (US East and US Mid). To request access to the CDN, contact your sales representative or .
December 9
Kafka version 3.8.0 of the Event Streams for Apache Kafka service is now deprecated.
Effective January 21, 2026, you will no longer be able to create new instances using version 3.8.0. After this date, we will automatically migrate all existing version 3.8.0 instances to version 3.9.0. This migration requires no action from you and will be non-disruptive to your service.
December 8
The powerful Cloud Graphics Processing Unit (GPU) VMs are designed for high-performance computing workloads such as AI model training, machine learning inference, and 3D rendering featuring NVIDIA H200 GPUs with Peripheral Component Interconnect Express (PCIe) passthrough architecture for optimal performance. They are available in four pre-configured templates (S, M, L, XL). These VMs are currently available in the Frankfurtde/fra/2 data center and can be managed exclusively through the .
December 8
New AMD EPYC Turin processors are now available for in Compute Engine. Built on the latest "Zen 5" architecture, this high-performance CPU delivers exceptional, consistent performance for your most demanding workloads. It is initially available in the Frankfurtde/fra/2 data center. Note that all Virtual Machines (VMs) deployed on this CPU must use UEFI boot.
December 4
Cross Connect, previously available in the General Availability (GA) in Frankfurt and London, has now been expanded to Berlin de/txl. It remains in the
Documentation updates
December 31
The API Gateway is scheduled for deprecation and is End-of-Life on December 31, 2025. After this date, it is no longer available.
MongoDB and
December 16
The documentation offers clear guidance to select the right and accurately size deployments before production. It highlights the following:
A comprehensive sizing framework with
🚀
December 1
A dedicated Tutorials portal is now available, delivering step-by-step guides for all essential workflows and product categories. This centralized resource consolidates all learning content, ensuring seamless navigation and faster discovery. To access the new portal, the following changes have been implemented across this Guides portal:
🔈
December 1
You can now share more detailed feedback on our documentation using the new Send Feedback option, in addition to the existing emoji-based reactions. It helps us to understand your needs better and continuously refine our documentation.
Password Policy
The Password Policy feature in IONOS Cloud helps organizations enforce password security by defining a set of rules that must be followed when creating and updating passwords. This feature is crucial for safeguarding accounts and ensuring adherence to security standards. Always ensure that your policies are in line with industry best practices to safeguard your data effectively.
Note: Only contract owners can define the password policy applicable to the sub-users in the contract.
Features
Customizable Rules: The password rule can be customized to your needs such as recommendations to have complex passwords to improve the security of user accounts. You can define criteria on the length of the password, whether or not to include lowercase and uppercase letters, numbers, and special characters in the password and the minimum quantity of each of these character types.
Ease of Use: Using the or the , contract owners can manage password policies easily.
Flexibility: Create, retrieve, update, or delete a password policy as needed. It is recommended to keep your policies reasonable to promote user compliance. On deleting a password policy, the IONOS Cloud standard applies for password management.
Info: The IONOS Cloud standard password policy requires a minimum of five characters and recommends including a combination of uppercase and lowercase letters, at least one number, and special characters if needed.
API endpoint
The Password Policy Manager feature is part of the Identity Management API and can be managed using the /{passwordPolicyId}/ endpoint. Further documentation can be found in the respective .
Note: All Create, Read, Update, and Delete (CRUD) operations that can be performed using the Password Policy Manager in the can also be accomplished via the API.
To access this API, you must authenticate requests using your Bearer token, which enables requests to authenticate using a JSON Web Token (JWT). From the DCD, .
Password Policy Manager in the DCD
Using the , you can create, update, or delete a password policy as needed.
Create a password policy
To create a password policy, follow these steps:
1. In the DCD, go to Menu > Management > Password Policy.
2. Click Create password policy in the Password Policy Manager.
3. Enter the following details to configure a password policy:
Description: Add a detailed description that explains the password policy. The length of the description must not exceed 1024 characters.
Password length: Enter or use arrow keys to select the maximum password length. You cannot set a password policy that is less than 5 characters in length. For example, if the defined length is 9, the password must be a minimum of nine characters in length.
Must contain uppercase letters [A—Z]: Select the checkbox if the password policy must contain any uppercase letters from A—Z
Note:
— There are no maximum limits defined for the password length, number of lowercase, uppercase, numerics, and special characters. The quantity specified in the password policy refers to the minimum allowed values.
— When the checkbox for a specific character type to be allowed is selected, then their Minimum quantity allowed value cannot be zero.
4. Click Save password policy.
Result: The password policy is successfully created.
Note:
— The created password policy is enforced only on new users setting up the password. Existing user accounts continue to work on the password policy previously used.
— You can create only one password policy for your contract.
Update a password policy
To update an existing password policy, follow these steps:
1. In the DCD, go to Menu > Management > Password Policy.
2. Click Edit to update the description or password policy details such as the length of the password or characters allowed in the password policy.
3. Click Save to reflect the changes made to the password policy.
Result: The password policy is successfully updated and these changes apply to new users setting up the password. Existing user accounts continue to work on the password policy previously used.
Delete a password policy
If you no longer need a password policy, you can delete it permanently. To delete an existing password policy, follow these steps:
1. In the DCD, go to Menu > Management > Password Policy.
2. Click Delete and confirm the deletion again by selecting Delete and use IONOS Standard.
Info: The IONOS Cloud standard password policy requires a minimum of five characters and recommends including a combination of uppercase and lowercase letters, at least one number, and special characters if needed.
Result: The password policy is successfully deleted and the IONOS Cloud standard applies for password management.
Retrieve Link
To retrieve a link of the account associated with the IAM Federation in the form of an ID, perform a GET request.
Endpoint
Use the following endpoint to retrieve a link: https://iam.ionos.com/federation/links/{linkId}.
Request
Note: The following request contains a sample linkId. Replace them with the linkId value, whose information you want to retrieve.
Below is the list of mandatory path parameter:
To make authenticated requests to the API, the following fields are mandatory in the request header:
Response
200 Successful operation
Verify Domain Ownership
Prerequisite:
Only contract administrators, owners, and users with accessAndManageIamResources privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see Set User Privileges for Identity and Access Management.
The token value obtained from the API must be added to the TXT Domain Record before verifying the domain ownership.
To validate the token is part of the domain which has been already requested for domain ownership, perform a PUT request with the domainId of the domain.
Endpoint
Use the following endpoint to create or update an IDP: https://iam.ionos.com/federation/domains/{domainId}/verify.
Request
Note: The following request contains a sample domainId. Replace them with the domainId value whose domain ownership must be verified.
Below is the list of mandatory path parameter:
To make authenticated requests to the API, the following fields are mandatory in the request header:
Response
201 Successful operation
Retrieve all Links
To retrieve all links of the accounts associated with the IAM Federation in the form of an ID, perform a GET request.
Endpoint
Use the following endpoint to retrieve all links: https://iam.ionos.com/federation/links.
Request
To make authenticated requests to the API, the following fields are mandatory in the request header:
Response
200 Successful operation
Log in to the Data Center Designer
1. Open a web browser and navigate to .
2. On the top right corner of the login screen, select your preferred language. The DCD supports German (DE), English (EN), Spanish (ES), and French (FR) languages.
3. Enter the Email Address with which you signed-up for an IONOS Cloud account and click Next.
Note:
Data Center Designer
The Data Center Designer (DCD) is a unique tool for creating and managing . Its graphical user interface (GUI) makes data center configuration intuitive and straightforward. You can drag and drop virtual elements from the Palette to set up and configure data center infrastructure components in the Workspace. For more information, see .
Similar to a physical data center, you can use the DCD to connect various virtual elements to create a complete hosting infrastructure. For more information, see .
The same visual design approach is used to make any adjustments later. You can log in to the DCD and scale your infrastructure capacity. Alternatively, you can set defaults and create new resources when needed.
You can set up your data center infrastructure by using a drag-and-drop visual interface.
August 2024
What's new
Create Identity Provider
Prerequisite: Only contract administrators, owners, and users with accessAndManageIamResources privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see .
To create a new Identity Provider (IDP), perform a POST request.
Configure a Data Center
Upon creating a data center, you can manually configure the IONOS Cloud infrastructure for each server using the in the DCD. It comprises all the building blocks and the necessary resources required to configure, operate, and manage your products and services. You can also configure and manage multiple VDCs and configure settings for each server automatically.
Prerequisites:
— Make sure you have the corresponding permissions to create and manage data centers. By default, contract administrators and owners can configure a data center.
FAQ
The following provides detailed information about the Cloud Savings Plans.
General
What are Cloud Savings Plans?
Configure IAM Federation
As an organization, to begin using Identity Provider (IDP) to log in to the DCD, follow these steps:
1
Request Domain Ownership
1. Using the , the organization must request domain ownership. This domain ownership establishes a connection between the organization and its IDP. For more information, see
{
"id":"5e6323da-8a45-5732-bec1-d7c29c1dc890",
"type":"domain",
"href":"/domain/5e6323da-8a45-5732-bec1-d7c29c1dc890",
"metadata":{
"createdDate":"2020-12-10T13:37:50+01:00",
"createdBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate":"2020-12-11T13:37:50+01:00",
"lastModifiedBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN":"ionos:<product>:<location>:<contract>:<resource-path>"
},
"properties":{
"token":"9019680770992564882066368772815872312262977566198195",
"domain":"yourcompany.com",
"status":"REQUESTED",
"message":"The token provided should be added to the TXT Domain Record, then request to verify the ownership. Important: This is the only time the token will be visible to you, so please take note of it now."
}
}
{
"id":"f181c212-34f1-5843-9bbb-fc2531c7d928",
"type":"domain",
"href":"/domains/f181c212-34f1-5843-9bbb-fc2531c7d928",
"metadata":{
"createdDate":"2020-12-10T13:37:50+01:00",
"createdBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate":"2020-12-11T13:37:50+01:00",
"lastModifiedBy":"ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId":"87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN":"ionos:<product>:<location>:<contract>:<resource-path>",
"account":123456
},
"properties":{
"domain":"yourcompany.com",
"status":"REQUESTED",
"message":"The token provided should be added to the TXT Domain Record, then request to verify the ownership. Important: This is the only time the token will be visible to you, so please take note of it now."
}
}
The IONOS Cloud Savings Plans model provides a lower hourly rate on compute resources in exchange for a planned term of one or three years. It is designed to offer substantial savings for customers with consistent, predictable workloads.
How do Savings Plans help me save money?
Choosing a plan for a set usage and term provides a substantially lower hourly rate rate on your eligible cloud usage compared to Pay-As-You-Go (PAYG) prices. Regular PAYG rates apply to any usage exceeding your plan.
What terms are available?
You can choose either a one-year or a three-year term, based on your needs.
How do I get billed?
For detailed information about various billing use case scenarios, see Use Cases. The invoice also reflects resource distribution applying the oldest Virtual Machines (VMs) first rule, and the incurred cost for resource usage. For more information, see Invoice.
Are the Savings Plans similar to a Reserved Instance (RI)?
They are similar in that both offer optimized prices for usage.
Reserved Instances
Savings Plans
- It often requires you to select specific instance types, regions, and operating systems.
- Usually includes a capacity reservation.
- Offers broader flexibility.
- Applies to usage across various CPU models, sizes, regions, and operating systems.
- Continues to apply even if your workload changes.
- Applies only at the financial level and does not provide capacity reservation.
How can I determine if Savings Plans is better for me than PAYG?
Choosing between Savings Plans and PAYG depends on your workload patterns and financial goals. For stable and predictable usage, Savings Plans offer better value. For flexible, short-term, or variable usage, PAYG provides more adaptability. The table below outlines the criteria for evaluating and selecting the most suitable plan based on your workload and usage patterns.
Cloud Savings Plans
PAYG
Your workloads are stable and consistently running.
Your workloads are sporadic or subject to sudden spikes.
You aim to reduce costs through long-term plans.
You operate short-term or temporary workloads. You are in an exploratory, development, or testing phase.
You have a fixed workload.
Your workloads vary frequently.
You want to benefit from loyalty-based plan rates and long-term investment returns.
You need maximum flexibility, including for multi-cloud environments.
Why should I opt for the Savings Plans, and what value do they add?
Resource-based commitment: Savings Plans are based on a commitment to a total amount of resource usage rather than to specific VM families. Example: 50 cores and 200 GB of RAM.
Flexible resource allocation: The resource-based model enables workloads to migrate across VM types and families without compromising the benefits of the Savings Plan's pricing. This flexibility ensures that savings follow the workload, regardless of instance configuration.
Change VMs anytime: You can upgrade, downgrade, or change the CPU family of your VMs at any time. The Savings Plans are automatically applied to the new VM configuration, provided it is within your resource limits.
Availability across regions: The Savings Plans apply across all eligible usage in supported IONOS Cloud data centers and regions. You do not need to restrict workloads to a specific location to benefit from the pricing of the Savings Plans.
Kubernetes integration: Savings Plans extend to IONOS Cloud's Managed Kubernetes environments. Resources consumed by nodes are eligible for coverage under Savings Plans. You can scale or resize node pools, and the savings adjust accordingly.
Capped coverage: The preferential pricing applies only up to the selected amount of resources. For example, if you select 50 cores but use 60, the Savings Plan's rate covers the first 50, and the remaining 10 are billed at the standard PAYG rates.
Chronological application: IONOS Cloud applies the Savings Plan benefits in a chronological order, starting with the oldest eligible VM. The rates are applied until the selected amount is reached.
Purchase and Management
How can I get started with the Savings Plans?
1. Fulfill the prerequisites: Make sure you meet all prerequisites before proceeding.
2. Review the use cases: Explore the Use Cases to understand different scenarios. This will help you choose the plan that best fits your needs based on your past resource usage.
3. Understand the Cloud Savings Plan's lifecycle: Go through the lifecycle to learn how the Savings Plans work from creation to completion.
No, we currently only accept monthly recurring payments for your Savings Plans.
Can I change or cancel Savings Plans after I have purchased them?
Savings Plans cannot be modified or canceled once purchased. They commit you to a specific level of usage for the selected term. If you need additional resources, you will need to purchase additional Savings Plans. Therefore, you must carefully analyze your usage and choose your plans accordingly.
What happens if I do not use the full quantity defined in my Savings Plans?
Accurate usage forecasting is key to getting the most value from your plan. The full amount of resources in your plan is billed on a recurring basis, whether or not your actual usage reaches that level. Any unused resources do not roll over to the next billing period.
Monitoring and Optimization
How can I track my Savings Plan's utilization and savings?
You can monitor your resource usage costs using the invoice, Cost & Usage, in combination with Cost Alert, which allows you to manage your cloud expenditures proactively. With these alerts and reports, you can leverage your plans and identify potential areas for optimization.
Do the Savings Plans apply to all cloud products in my contract?
The Savings Plans apply to the following products:
Compute Engine - Dedicated Core Servers
Managed Kubernetes - Dedicated Core Node Pools
Invoice
How are Savings Plans represented in my invoice?
Resource consumption billed at PAYG rates appears under its respective VDC.
Resource consumption covered by a Savings Plan is moved from its VDC and grouped under the plan's name.
Minimum quantity: Enter or use arrow keys to specify the allowed count of uppercase characters in the password. For example, if 4 is the quantity chosen, the password must contain a minimum of four uppercase characters.
Must contain lowercase letters [a—z]: Select the checkbox if the password policy must contain any lowercase letters from a—z.
Minimum quantity: Enter or use arrow keys to specify the allowed count of lowercase characters in the password. For example, if 4 is the quantity chosen, the password must contain a minimum of four lowercase characters.
Must contain numerics [0-9]: Select the checkbox if the password policy must contain numbers from 0 to 9.
Minimum quantity: Specify the minimum allowed count of numerics in the password.
Must contain special characters [@, #, $, %, etc.]: Select the checkbox if the password policy must contain special characters. Any character apart from a—z,A—Z, and 0 to 9 is referred to as a special character.
Minimum quantity: Specify the minimum allowed count of special characters in the password.
The existing DCD version supports Canvas mode, which is recommended for designing and managing advanced or complex infrastructure architectures with greater flexibility and control.
Regardless of which creation mode you choose, all instance management operations are performed in the Canvas mode. This includes instances originally created using Xpress mode, ensuring a unified management experience across your infrastructure.
Early Access (EA)
in all other regions.
, recommended configurations, best practices,
, and the
.
Outlines when MongoDB Enterprise should use sharding and offers practical criteria to support scaling decisions.
The Tutorials hyperlink in the Table of Contents (TOC) on the left navigation bar now leads directly to the Tutorials Portal.
The Tutorials card is now listed under the Quick Links section on the product pages.
As part of an ongoing effort to improve clarity and organization, the Tutorials section within the AI Model Hub documentation has been renamed to How-Tos. The content provides the same concise, step-by-step guides on tasks and usage patterns for interacting with the AI Model Hub.
Changes are visible in the following product sections:
You can find this option on the top right corner of the Documentation portal, next to the Sign up. Upon selecting, you are directed to the Feedback form.
Using the feedback form, you can report documentation issues, suggest improvements, and highlight documentation you found relevant (positive)—all in a structured way. The feedback is available in both English (EN) and German (DE).
We encourage you to use this form and play an active role in helping us continuously enhance the quality, accuracy, and usability of our documentation.
If your organization is onboarded to IAM Federation and you have linked your user account, you are directed to your organization's Identity Provider (IDP) to log in to the DCD. Skip the next steps and continue with the instructions in
Enter the six-digit Time-based one-time password (TOTP) from your authenticator app to continue the login process.
Disabled
You will not see the additional screen if you have not enabled 2FA. You can navigate to the next step. However, we highly encourage enabling 2FA to enhance security.
Authenticate with a Time-based one-time password (TOTP) for enhanced security
5. Click Sign In.
Result: You are successfully logged in to the DCD application.
DCD application
Once logged in, you will see three primary areas of the DCD application:
The top navigation menu enables you to create and manage the data center, and view and manage your user account. Additionally, you can view notifications, visit the help section, learn more about DCD, and contact IONOS Cloud Support when needed.
The top navigation menu
Options
Description
1. IONOS Cloud logo
Click the logo to navigate back to the dashboard from any screen within the DCD.
2. icon
Click the icon to expand or hide the left navigation bar, causing the DCD interface to adjust its width accordingly.
3.
Create, view, and manage users and groups; define password policies; and create and manage tokens.
4. Notification icon
View any active notifications.
5. Help icon
View online help documentation, learn more about the DCD, and contact when needed.
6.
View and manage your contract, payment details, general account settings, and password and security-related details.
The left navigation menu
The left navigation menu consists Virtual Data Centers (VDCs) and product categories, which you can use to access all the IONOS Cloud services. You can also create new VDCs or manage existing VDCs, access documentation, explore what's new in DCD, and additional details about the DCD.
Options
Description
Virtual Data Centers
View the list of data centers and their details or create a new data center.
Leverage AI functionalities with open source generative models.
Manage containerized applications.
Host and manage your databases with IONOS Cloud database services.
Manage IONOS Cloud Storage and Backup services.
Observe system behavior through logging, activity tracking, and gather insights using metrics.
The DCD dashboard
The DCD dashboard shows a concise overview of your VDCs in My Virtual Data Centers, and Resource Allocation shows the current usage of resources across your infrastructure. You will also see options to contact IONOS Cloud Support, What's new in the DCD, and IONOS Cloud Status details.
To provide feedback about the DCD dashboard, select Feedback about this page. You can submit your rating, provide reasons, and share what you liked or could improve.
Provides access to the IONOS Cloud products and features.
2.
You can arrange element icons in this space via drag-and-drop.
3.
Movable element icons that can be combined in the Workspace.
4.
The icon represents a component of the VDC.
5.
Right-click an element to display additional options.
6.
View and configure properties of the selected element.
DCD elements
The square elements serve as building blocks for your VDC. Each element represents an IONOS Cloud product or service. Some elements are compatible, while others are not. For example, a Server icon can be combined with the Storage (HDD or SSD) icon. In practice, this would represent the physical act of connecting a hard drive to a server machine. For more information, see Set Up Storage.
Individual element icons
Once joined, the elements create a new combined element in the Workspace
Palette and workspace
The palette is a dynamic sidebar that contains VDC elements. You can click and drag each element from the palette into your workspace and position it as per your requirements.
All cloud products and services are compatible with each other. You may create a Server and add Storage to it. A LAN Network will interconnect your Servers.
Some elements may connect automatically via drag-and-drop. The DCD will then join the two if able. Otherwise, it will open configuration space for approval.
Right-click an element and select Delete from the drop-down menu. You can also select the element directly and hit Delete/Backspace from your keyboard.
Context menu
The context menu offers different options depending on the element. To see the context menu, right-click on any element. For example, right-click a Cube or a Server to update it.
Context menu
Inspector pane
When an element is selected, the Inspector pane will appear on the right side of your screen. You can configure the element properties. For example, for a Server element, you can define its Name and Availability Zone, Preset, vCPUs and RAM.
This pane allows you to finalize the creation of your data center. Once your VDC is set up, select PROVISION CHANGES. This makes your infrastructure available for use.
Inspector pane
Core functionality
Using the DCD, you can both control and manage the following services provided by IONOS Cloud:
Data Centers: Create, configure, and delete entire data centers. Cross-connect between VDCs and tailor user access across your organization.
Block Storage: Upload, edit, and delete your private images or use images provided by IONOS Cloud. Create or save snapshots for future instances.
: Reserve and manage static public . Create and manage private and public LANs, including firewall setups.
Basic Features: Save and manage ; connect via ; launch instances via ; record networking via flow logs and monitor your instance use with monitoring software.
Compatibility
As a web application, the DCD works effectively on the following browsers:
Google Chrome™: Version 30+
Mozilla® Firefox®: Version 28+
Apple® Safari®: Version 5+
Opera™: Version 12+
Microsoft® Internet Explorer®: Version 11 & Edge
We recommend using Google Chrome™ and Mozilla® Firefox®.
Next steps
Now that you are familiar with the DCD, you can start configuring your VDC.
IONOS Object Storage has extended support for the Replication feature through the DCD. You can now replicate data from user-owned buckets to contract-owned buckets in the eu-central-3 region. Previously, this functionality was only available via the API.
This release introduces the Access Logging feature in Managed Application Load Balancer (ALB). It enhances monitoring and analyzing ALB traffic with detailed logging capabilities.
This release introduces the Access Logging feature in Managed Network Load Balancer (NLB). It enhances monitoring and analyzing NLB traffic with detailed logging capabilities.
These enhancements provide comprehensive instructions for setting up gRPC that enables users to define service methods and messages in a language-agnostic way, making it easy to create APIs that work seamlessly across different platforms and setting up WebSocket support, a communication protocol that provides full-duplex communication channels over a single TCP connection.
This release introduces Monitoring Service. IONOS Cloud introduces the Monitoring Service, which provides a centralized and scalable solution for monitoring and analyzing your application and infrastructure metrics. Hence, Monitoring as a Service is now considered a legacy. We recommend switching to the Monitoring Service for better support and capabilities. For more information, see FAQs.
The Private Container Registry now supports IP Access Control Lists (IP ACLs), offering enhanced security and granular access control. This feature allows you to specify IP subnets permitted to access your registry, limiting access to trusted sources within your network. IP ACLs are easy to configure via the API with the apiSubnetAllowList parameter. Once configured, access attempts from outside the allowed subnets are immediately blocked, ensuring real-time protection without disrupting authorized users.
The new Password Policy Manager feature is now available for contract owners, enabling the creation of a customizable password policy that strengthens security within their contracts. Using the DCD or the IAM Identity Password Policies API, contract owners can manage password policy.
Kubernetes Version 1.27 has now reached its End of Life (EOL). From now on, you cannot provision any more clusters or node pools for version 1.27. Existing clusters or node pools running on version 1.27 will be automatically upgraded to version 1.28 during the next scheduled maintenance window after August 14, 2024.
You can now set up accessing Object Storage over a private LAN by configuring a Managed Network Load Balancer (NLB) with the public IP addresses of the required Object Storage endpoint as the Target IP address and configuring the Private IP as the Listener IP of the forwarding rule.
This is to inform you that Managed Kubernetes version 1.27 will reach its end of life (EOL) on August 14, 2024. After that, you cannot create new clusters or node pools using Kubernetes version 1.27. Existing clusters or node pools running on version 1.27 will be automatically upgraded to version 1.28 during the next scheduled maintenance window after the EOL date.
The Certificate Manager now supports the auto-renew of SSL certificates via the API. With this function, the certificate manager automatically renews the certificate before it expires. The renewed certificate is also available in the DCD to use them. This feature is currently supported only via the API and available on a request basis. To access this feature, please contact your sales representative or IONOS Cloud Support.
IONOS releases NFS Volumes support for Kubernetes. This feature allows the integration of IONOS Network File Storage (NFS) with Kubernetes clusters, mounting NFS volumes as PVCs in the cluster. Network File Storage is initially available only in the German data centers (Frankfurt and Berlin), and will be gradually rolled out to all locations.
It is currently available on a request basis. To access this product, please contact your sales representative or IONOS Cloud Support.
IONOS introduces Event Streams for Apache Kafka, a managed solution that is fully integrated with the DCD, offering a variety of cluster sizes to accommodate the diverse requirements of different applications. With this service, you can build secure event-driven architectures. The product will initially be available only in the German data centers (Frankfurt & Berlin), and will be gradually rolled out to all locations.
It is currently available on a request basis. To access this product, please contact your sales representative or IONOS Cloud Support.
The self-restoration of MariaDB clusters from a backup is possible via the DCD. It minimizes downtime and data loss in unanticipated scenarios. For more information, see Use Cases.
IONOS offers a robust VPN Gateway feature designed to ensure secure and scalable encrypted connections between your IONOS cloud resources and remote infrastructure. This solution supports two key VPN protocols: IPSec and WireGuard, providing you with flexibility and advanced security options to meet your networking needs.
It is currently available on a request basis. To access this product, please contact your sales representative or IONOS Cloud Support.
IONOS DBaaS provides support for In-Memory DB instances and offers resources such as CPU cores and RAM size (GB) to create In-Memory DB instances. Additionally, the instance facilitates backup via snapshots and the option to recover data, making them highly reliable. It also facilitates cloud-based In-Memory DB instance patching and scalability.
IONOS releases CDN, a content delivery network service with multiple edge servers geographically well situated within the user's proximity to deliver content swiftly and securely with enhanced features such as Web Application Firewall (WAF) and DDoS Layer 7 protection. It is currently available on a request basis. To access this product, please contact your sales representative or IONOS Cloud Support.
The API Gateway offers a suite of functionalities to help you efficiently create, manage, and monitor your APIs. It provides essential features for managing and optimizing interactions between clients and backend services, ensuring secure and efficient API operations. Currently, it is only available in Berlin but will soon be rolled out to more locations.
— Only group users with Edit access to the data center resource can configure the data center. Users of a group added to a data center with only Visible to Groups access can only view the data center. For more information, see Add group to a resource.
— A data center must be created. To do so, follow the steps in Create a Data Center.
Drag the Dedicated Core server element from the palette into the workspace.
Enter the following details in the Settings tab of the Inspector pane:
Name: Enter a unique name for your server.
Availability Zone: Select a zone from the drop-down list to host the on the chosen zone.
CPU Architecture: Select either AMD or Intel cores.
Cores: Select the number of CPU cores.
RAM: Select any size starting from 0.25 GB to the maximum limit allotted to you. The size can be increased or reduced in steps of 0.25 GB. The maximum limit varies based on your and the . For more information about creating a full-fledged server, see .
Network Security Groups: Select one or more network security groups from the drop-down list to associate them with the Dedicated Core server. You can choose from any of the default or custom groups.
Drag a Dedicated Core server element from the palette onto the workspace and configure its properties on the right
Result: The Dedicated Core Server is now created and can be updated based on your requirements.
## Add storage to the Dedicated Core Server
Drag a Storage element from the palette onto a Dedicated Core server in the workspace.
To configure your Storage element, enter the following details in the Inspector pane:
Combining a Storage element with the Dedicated Core server in the workspace joins two elements
Name: Enter a storage name unique to the VDC.
Availability Zone: Select a zone from the drop-down list to host the storage element associated with the server.
Size in GB: Choose the required storage capacity.
Performance: Select a value from the drop-down list based on the requirement. You can either select Premium or Standard, and the performance of your storage element varies accordingly.
Image: Select an image from the drop-down list. You can select one of IONOS Cloud images or choose your own.
Password: Enter a password for the chosen image on the server—a root or an administrator password.
Backup Unit: Select a backup unit from the drop-down list. Click Create Backup Unit to instantly create a new backup unit if unavailable.
Result: The storage will now be added to your Dedicated Core Server.
## Connect to the internet
1. Create a Network Interface Card (NIC) by clicking the + icon on the Dedicated Core server in the workspace and attach it to the Internet element. Alternatively, you can right-click the Dedicated Core server > Actions > Add NIC and then attach it to the Internet element.
2. To configure your NIC element, enter the following details in the Network tab of the Inspector pane:
Name: Enter a NIC name unique to this VDC.
MAC: Media Access Control Address field is populated automatically upon provisioning and cannot be changed.
LAN: The name of the LAN connected to internet is displayed. To select another LAN, click the drop-down list and select to move NIC to the LAN. A LAN that connects to the internet becomes a public LAN.
Firewall: It is Disabled by default. Select a value from the drop-down list to configure your firewall settings. For more information, see .
Network Security Groups: Select one or more network security groups from the drop-down list to associate them with the Dedicated Core server. You can choose from any of the default or custom groups.
IPv4 Configuration:
Primary IP: The primary IP address is automatically assigned by the IONOS Cloud DHCP server. You can, however, enter an IP address for manual assignment by selecting one of the reserved IP addresses from the drop-down list. Private IP addresses (according to RFC 1918) must be entered manually.
DHCP: It is often necessary to run a DHCP server in your virtual data center (e.g., PXE boot for fast rollout of VMs). If you use your own DHCP server, clear this check box so that the IONOS Cloud DHCP server does not reassign your IPs.
Add IP: Select the IP address from the drop-down list.
Note: IONOS Cloud performs the verification and approval process after you manually trigger it using the Verify Domain Ownership API. Upon successful domain ownership validation, IONOS Cloud will proceed with the IAM Federation configuration for your organization. The duration of this process ranges from a few seconds to up to a week, depending on your domain provider.
2
Onboard Identity Provider
Prerequisites:
The domain ownership must be successfully verified and approved by IONOS Cloud.
IONOS Cloud accepts SAML 2.0 or OpenID Connect (OIDC) identity providers. Hence, your IDP must be either of these two types.
1. Onboard the organization IDP. To do so, using the API.
2. Depending on the IDP type, you must provide the following details to IONOS Cloud:
Info: You can find these details in the discovery endpoint. For more information, see .
client_id: Your OIDC client ID.
client_secret: The client secret key.
Secret (SAML 2.0):X.509
3
Configuration from IONOS Cloud
Upon receipt of the discovery endpoint from the organization, IONOS Cloud performs the following actions:
Verifies the domain ownership.
Verifies the discovery endpoint.
Creates the IDP using the configuration in the discovery endpoint.
Links the IDP to the domain to be used by the user accounts in that domain.
Note:
In the Access settings for OIDC, use the following information:
Valid redirect URIs:https://iam.ionos.com/realms/cloud/broker/identityProviderId/endpoint, where the IdentityProviderID
Result: The organization IDP is successfully onboarded to IONOS Cloud.
Discovery endpoint
From the OIDC discovery endpoint, the following details are considered to configure the IAM Federation by IONOS Cloud:
issuer: The URL of the OIDC issuer.
authorization_endpoint: The URL of the authorization endpoint.
token_endpoint: The URL of the token endpoint.
userinfo_endpoint: The URL of the user info endpoint.
jwks_uri: The URL of the JSON Web Key Set (JWKS).
client_id: The client ID of the OIDC client.
client_secret: The client secret of the OIDC client.
For more information on the OIDC discovery endpoint, refer to the .
From the SAML 2.0 discovery endpoint, the following details are considered to configure the IAM Federation by IONOS Cloud:
entityId: The entity ID of the SAML 2.0 IdP.
singleSignOnService: The URL of the Single Sign-On (SSO) service.
At your organization IDP, allow IONOS Cloud to link with the following discovery endpoints:
Managed Kubernetes is releasing Kubernetes version 1.33. For more information about the schedule timeline, see .
August 19
We have commissioned an additional data center that extends the Frankfurt, Germany metro region, enhancing high availability, redundancy, and operational security through network connectivity with our existing de/fra location. The data center is designed to deliver scalability, robust data security, and high performance by leveraging state-of-the-art hardware components. For more information, refer to the .
August 12
IONOS Cloud now supports the GPT-OSS 120B model, a high-performance, multilingual, reasoning model in the AI Model Hub. This advanced AI model excels in text generation, complex reasoning, and natural language processing across multiple domains, offering fast inference through an efficient expert routing architecture.
August 1
IONOS Cloud supports Mistral Small 24B model, a high-performance multilingual and multimodal AI, in the AI Model Hub. This model processes both text and image inputs, delivers fast and reliable chat completions, and leverages advanced capabilities like streaming and tool calling, all optimized for a broad range of European languages.
Documentation updates
August 22
A new tutorial for deploying on IONOS Cloud Virtual Machines (VMs), using either a pre-configured Plesk QCOW image or the installer, is now available. This guide provides step-by-step instructions for setting up your IONOS Cloud instance for Plesk installation using one of these methods.
August 1
The Images & Snapshots documentation has been relocated from the product section and placed directly under the category Storage & Backup. This update aligns with the recent and is intended to enhance documentation visibility and organization. No changes have been made to product functionality.
Users & Groups
The Users & Groups feature provides core Identity and Access Management (IAM) capabilities within the IONOS Cloud environment. It is designed to support Role-Based Access control (RBAC) by enabling fine-grained management of user identities, group associations, and resource-level permissions.
This tutorial guides you through creating and managing Users, Groups, and Resources in the via the User Manager. You can create new users, add them to user groups, and assign privileges to each group. Privileges either limit or increase your access based on the user role. The User Manager lets you control user access to specific areas of your VDC.
A user is an individual who can log in to IONOS Cloud. Each user can have different roles based on the privileges assigned. The assigned privileges determine the tasks the user is allowed to perform. For example, administrators can assign roles, manage access tokens, enforce MFA, and track user activity across services. For more information about creating users, see .
Web origins:https://iam.ionos.com, which is used to map the web origins from the authentication redirect.
x509cert:
The
X.509
certificate of the SAML 2.0 identity provider.
signatureAlgorithm: The signature algorithm used by the SAML 2.0 identity provider.
sloBinding: The binding used for single logout.
sloUrl: The URL of the single logout service.
Note: Use metadata XML files to share configuration details since there are no standardized URL-based discovery mechanisms like in the OIDC Discovery Endpoint.
For more information on the SAML 2.0 discovery endpoint, refer to the SAML 2.0 Documentation.
You can now deploy the following products in the new data center using one of the following methods. Existing deployments in Frankfurt remain unaffected:
Selecting Germany / Frankfurt am Main (de/fra/2) from the drop-down list in the DCD.
A new VDC in the Data Center Designer (DCD) is manageable by contract owners. To assign resource management capabilities to other members in VDC, you can add users and groups and grant them appropriate privileges to work with the data center resources.
Prerequisites: Make sure you have the appropriate privileges. Only contract administrators and owners can manage users within a VDC.
A group is a logical collections of users used to streamline permission assignments. Groups enable scalable access control by allowing roles to be applied collectively rather than individually. This is especially effective in large or dynamic teams.
Benefits of user group assignment
When assigning a user to a group, whether you are a contract owner or an administrator, you can:
within DCD and .
Assign , so users of the group can access and manage products.
Manage the resources that members of the group can access. Example: , , , or IP blocks.
Note: Administrators do not need to be managed in groups, as they automatically have access to all resources associated with the contract.
It encompasses all resources accessible to users or groups. Access permissions can be granted or restricted at the group or individual user level. The DCD also facilitates efficient resource management and visibility into the resources accessible to specific users or groups. Users, such as administrators or contract owners, with create permissions can create resources, which become editable or sharable to non-administrator users in a group only when the resource is associated with the group. For more information about resource sharing, see Enable or disable access for a resource.
Together, these components form the foundation for secure multi-user access control, secured access, and operational efficiency in IONOS Cloud.
Create a user
In the DCD, go to Menu > Management > Users & Groups.
Select Create in the Users tab.
Enter the user's First Name, Last Name, Email, and Password.
Note: — The email address of the new user must be unique.
— The password must adhere to the contract's password policy. For more information, see Manage Password Policy.
Select Create to confirm.
Creating a new user in VDC
Result: A user is successfully created and listed in the Users list.
Create a group
The creation of groups is useful when you need to assign specific duties to the members of a group. You can create a group and add members to this group. You can then assign privileges to the entire group.
In the Groups tab, select Create.
Enter a Group Name.
Select Create to confirm.
Result: The group is now created and visible in the Groups list. You can now assign permissions, users, and resources to your group.
User groups can be created directly from the Groups tab in the User Manager
Assign privileges to a group
In the Groups tab, select a group from the Groups list.
In the Privileges tab, select checkboxes next to the privilege name.
Note: You do not need to save your selections. This action automatically grants or removes privileges.
Result: The group has the required privileges now.
Assigning privileges to the group
Note: To remove the privileges for a group, clear the checkbox next to the privilege name.
Add users to a group
Users are added to your new group on an individual basis. Once you have created a new member, you must assign them to the group.
In the Groups tab, select the required group.
In the Members tab, add users from the Add User drop-down list.
Choose a user from the drop-down list and add them to the highlighted group as a member
Result: The users are now assigned to the group. These users have privileges and access rights to the resources corresponding to their group.
Remove a user from the group
Users can be removed from your group on an individual basis.
Select the Members tab.
Click Remove User.
Remove a user from the group
Result: This user is now removed from the group.
Assign resources to a group
In the Groups tab, select the required group.
Select the Resources of Group tab.
Click Grant Access and select the resource to be assigned to the group from the drop-down list.
Select a resource from the Resources of a Group tab to assign to a group of users
Result: The group now has the newly assigned resources. You have enabled read access for the selected resource.
Enable or disable access for a resource
Group resource sharing is crucial for managing access and permissions within IONOS Cloud. The primary purpose of assigning a resource to a group in IONOS Cloud is to manage and restrict actions that users (non-administrators) can perform on those resources. Specifically, the actions controlled by group membership are as follows:
Access
Description
View
Adding the resource to the list enables users in the specific group to see the resources.
Edit
Allows users in the group to manage the resource.
Share
Share the resource between the groups of your contract and only those to which you belong. The users belonging to the group with which you share the resource gain view permissions.
Note:
Users created using the IONOS Cloud API /um/usersendpoint have limited permissions.
Resources created by the contract owner are, by default, not visible to users.
Users cannot see or interact with resources created under the contract owner without being part of a shared group.
Administrators or contract owners can enable resource access to users by selecting the appropriate checkboxes:
Edit: Select the checkbox to allow users in the respective group to edit or manage the resources.
Share: Select the checkbox to share the resource between the groups of your contract, and only those to which you belong. The users of the group gain view permissions.
To restrict access, select the required resource and clear either the Edit or Share checkboxes or directly click Revoke Access to revoke both permissions.
Enable or disable access for the resources of a group
Add group to a resource
In the Resources tab, select a resource from the list.
In the Visible to Groups tab, click Add Group.
Select a group from the drop-down list.
Select the resource you wish to make available to a user group. The group members can now exercise their chosen privileges.
Result: This group can now access the allocated resource.
Prerequisite: Only contract administrators, owners, and users with accessAndManageIamResources privilege can create and manage Identity Providers (IDPs) through the API. You can also set user privileges in the DCD. For more information, see Set User Privileges for Identity and Access Management.
To update an existing IDP, perform a PUT request with the identityProviderId of the IDP.
Note: If an IDP for a given identityProviderId does not exist, an IDP is created (ensured) instead.
Endpoint
Use the following endpoint to create or update an IDP: https://iam.ionos.com/federation/identityproviders/{identityProviderId}.
Request
Note: The following request contains a sample identityProviderId. Replace it with the identityProviderId value whose information you want to update.
Below is the list of mandatory path parameter:
Below is the list of mandatory body parameters:
Response
200 Successful operation: IDP is successfully updated.
201 Successful operation: IDP is successfully ensured.
Following is an example of when an IDP is successfully updated or ensured for the given IDP details.
Use the Xpress Mode
You can create a Virtual Machine (VM) using the Xpress mode in the left navigation panel or from the DCD home page.
Click **Create in Xpress** to create and configure the data center through a guided setup.
Select a creation mode
4
Select the Virtual Data Center (VDC)
Select the VDC where you want to configure an instance. You can either create the instance in a new VDC or add it to an existing VDC.
Create an instance in a new VDC: Start with a new VDC:
Name: Enter a name for the new VDC.
Description (optional): Add information that describes the VDC.
Location: Select a geographic data center location where you want to create your instance considering latency to your end-users and data residency requirements. The data center defined as your default data center in is selected automatically.
Add instance to existing VDC: Select an existing VDC from the drop-down list to expand existing infrastructure or group related resources.
Note: Contract users must have Edit permission on the selected VDC before adding instances.
5
Configure a Virtual Machine (VM)
Select the right server type that matches your workload requirements:
Instance name: Change the instance name if needed and choose the type of VM most suitable for your workload:
Cubes: Pre-defined templates with fixed vCPU and memory ratios. Cubes provide optimized pricing for balanced workloads, enable cost optimization, and simplify sizing decisions. For more information, see Cubes.
vCPU Servers: VMs with vCPUs and memory configurations optimized for general workloads. Choose from presets or create custom vCPU and memory combinations to match your application requirements. Best suited for standard applications, development environments, and general-purpose computing. For more information, see .
Dedicated Core Servers: Customizable dedicated cores and RAM for performance-critical applications, such as high-compute workloads or databases. For more information, see .
Configure a VM
Add Storage to your chosen VM
1. Name: Specify a name for your storage volume.
2. Storage type: Select storage type based on your performance needs:
HDD: Cost-effective drives for basic workloads.
SSD Standard: Balanced performance for general workloads.
SSD Premium: High-performance for Input or Output (I/O)-intensive applications.
For more information about the Block Storage elements, see Storage Performance.
3. Size: Specify the storage size in GB (minimum 1 GB and the maximum limit is based on the individual contract limits). You can use the slider, enter a value directly in the text box, or use the arrows to adjust the size.
Note:
The specified size may automatically adjust to meet the minimum size requirement of the selected image or snapshot.
If you plan to use this storage with the Backup Service by selecting Enable backup, you must specify a size that is at least 5 GB larger than the required minimum.
4. Images are of different types: By IONOS (public), Own images (private), or Snapshots.
Configure storage
Public images refer to the pre-configured operating system images provided by IONOS Cloud.
1. Select an image type. You can choose Windows or from the following Linux distributions: Alma Linux, Ubuntu, Debian, Rocky Linux, Red Hat Linux, or SUSE Linux. For more information, see IONOS Public Images.
Note:SUSE Linux is only available in German data center locations.
2. Image Version: Select an image version from the drop-down list. The image versions differ based on the chosen operating system image type.
3. Password: Enter a password to access your provisioned machine. The password configured is set as the "administrator (Windows)" or "root (Linux)" password for the Virtual Machine (VM). This password provides essential access to the VM, even if network connectivity is unavailable. The password must contain 8-50 characters alphanumeric characters and it is mandatory to create a VM. You can change the password from within the operating system after provisioning, but not through the IONOS Cloud interface.
Note: Save this password securely. IONOS Cloud never retains passwords after VM generation.
Select the image that you have uploaded to the specific data center in IONOS Cloud. A private image is a custom OS image, either from a non-IONOS Cloud source or pre-configured with your own software.
If you have not uploaded any images yet, we recommend uploading your custom images through the File Transfer Protocol (FTP). For more information, see .
Select a custom snapshot from the drop-down list to create a new instance from a previously created snapshot. Only snapshots created in the same region as your data center configuration will display in the list. Snapshots from other regions are not listed. For more information, see [Snapshots](../../storage-&-backup/images-snapshots/snapshots/snapshots.md).
5. Add another data volume:(Optional) Click Add another data volume to add an additional volume when you want to store data on a volume separate from your boot device. In the Add another data volume view, specify a name, select the type, and specify the size. Click Save to confirm.
Associate additional volume
Enable backup to secure your data
Note: This option is available for instances created from IONOS public images. It is not available for instances that are using private images, or own images, or snapshots. However, for these instances, you can install the backup agent manually after creation. For more information, see Install Acronis Backup Agent on Windows Server and Install Acronis Backup Agent on Linux.
The Xpress mode automatically creates a backup unit and adds the instance to the newly created backup unit. After provisioning, you can access and manage the backup unit from the Backup Service Console. Enable this feature for production environments that require disaster recovery or for any VM with critical or irreplaceable data.
Enable backup for your VM
Note: Backup supports Public LAN type as it requires internet connectivity to access backup storage.
Note: This option is available for Linux-based VMs only and is not applicable to Windows-based VMs.
**SSH Keys** provide secure access to Linux VMs using public key authentication. To set up SSH key authentication, first generate an SSH key pair if you do not have one, then paste your public key into the provided field, and connect to your VM using your private key.
1. Select the SSH key tab and click Add SSH key.
2. In the Add SSH Key view, you can paste your generated public key or press and drag the file containing the SSH key.
3. Click Add key.
Configure SSH keys
**Cloud-init** is an industry-standard method for VM initialization, best-suited for automated deployments, infrastructure-as-code, and configuration management. It enables you to automate user creation and SSH key injection, install packages, execute scripts on first boot, and configure network settings.
1. Select the Cloud init script tab and click Add cloud-init Script.
2. In the Add Cloud-init Script view, you can paste your key or press and drag the file containing the cloud-init script.
3. Click Add script.
Network Interface
You can configure how your VMs connect to the internet. For more information, see VDC Networking.
1. LAN type: Select a network connection:
Public: Select this option if you want the VMs to be directly accessible from the internet. Ensure that you configure a firewall for security reasons.
Private: Select this option if you want the VMs to be accessible from the internal network but not accessible from the internet. It ensures maximum protection without public exposure.
Note: The Private LAN option is available only when Enable backup is not selected, because backup requires Public LAN type for internet access to backup storage.
2. IP Address: This option is availble only for Public LAN types:
Dynamic (DHCP) IP: Select this option if you want automatically assigned IP addresses for your VMs. Note that the IP addresses may change each time the VM is restarted.
Fixed IP: Select this option if you want fixed IP addresses allocated for your VMs. Note that this selection incurs additional costs per instance. For more information, see IP Addresses.
3. Firewall: Enable or deactivate the firewall rules.
Disabled or Enabled: The firewall is deactivated by default. To activate firewall rules for the selected network interface, toggle the status to Enabled. When enabled, the default rules are applied. You can modify or delete these preset rules or add custom rules as necessary to meet your application's security requirements.
Add another firewall rule: Click Add another firewall rule to define rules that allow specific traffic.
In the Add another firewall rule view, enter the necessary details and select Add rule.
You can also Edit or Delete the rules after their configuration by selecting the respective options from the ACTIONS column. For more information, see .
Configure network interface
Confirm creation
1. Before clicking Create, review the Summary section on the right side of the screen:
Configuration summary: Review your configured settings. Select Virtual Data Center, VM configuration, Volume, or Network to navigate directly to the respective section and make changes, if necessary.
Multi-instance deployment: Create up to the maximum number of data center instances allowed by your contract limits, all with identical configurations. This feature accelerates deployment by provisioning redundant instances in a single batch, which is ideal for rapidly setting up high-availability environments within the same VDC and LAN.
Estimated costs: Verify the total cost of your selected resources calculated on an hourly or monthly (30-day) basis. This calculation does not include usage-dependent costs such as backup or traffic, as these charges are based on your individual consumption.
2. Select Create to confirm.
Create to save the configuration and provision the data center
Result: The data center and all configured resources are automatically provisioned. It is mandatory that the browser tab or the page remains open, and you must stay online until provisioning completes. VMs will start automatically unless you specify otherwise. For more information about adding additional elements, see Next steps (Post-provisioning).
Option 2: From the DCD home page
Alternatively, you can also create a data center using the following option:
1. In the DCD, go to the My Virtual Data Centers section, and select Xpress from the Create mode drop-down list.
To add more elements after provisioning, switch to the Canvas mode. Press and drag resources from the Palette on the left into the Workspace to design your infrastructure, configure each resource, and click Provision to deploy your changes. For details, see Configure a Data Center.
