Sourcegraph Cloud

Sourcegraph Cloud is a single-tenant cloud solution. Cloud instances are private, dedicated instances provisioned and managed by Sourcegraph. Sourcegraph Cloud was formerly known as managed instances.

Sourcegraph provisions each instance in an isolated and secure cloud environment. Access is restricted to only your organization through your SSO provider of choice. Enterprise VPN is available upon request.

Start a Sourcegraph Cloud trial

Get Sourcegraph on your code.

A single-tenant instance managed by Sourcegraph.

Sign up for a 15 day trial for your team.

Get free trial now

Use the button above to sign up for a free 15-day trial of Sourcegraph Cloud. Please contact us if you have specific VPN requirements or you require a large deployment with >500 users, >1,000 repos, or monorepos >5 GB.

Trial limitations

We currently have a limited capacity of single-tenant cloud instances and are prioritizing organizations with more than 100 developers. When you request a trial, you will receive an email indicating the status of your request.

If your organization has fewer than 100 developers, we recommend trying Sourcegraph self-hosted.

If you're eligible for a cloud instance, you will receive a link to the instance URL once it's provisioned. This normally takes less than one hour during business hours. From there, we recommend using the onboarding checklist to set up your instance quickly.

Trials last 15 days. When the end of the trial approaches, Sourcegraph's Customer Support team will check in with you to either help you set up a Cloud subscription or end your trial.

Cloud subscription

As part of this service you will receive a number of benefits from our team, including:

Initial setup, configuration, and cost estimation

Access to all Sourcegraph features

All Sourcegraph features are avilable on Sourcegraph Cloud instances out-of-the-box, including but not limited to:

Access restrictions

  • Granting your team application-level admin access to the instance.
  • Configuring any IP-restrictions (e.g. VPN) and/or SSO restrictions to the instance.

Monthly upgrades and maintenance

  • Automatic monthly upgrades and maintenance.
  • Regular reassessment of resource utilization based on your organization's unique usage to determine if costs can be reduced without impact to service. Additionally, you will automatically benefit from any committed use cloud provider discounts we receive.

Custom domains

Sourcegraph Cloud provides all customer instances a domain. This domain is fully managed by Sourcegraph, including DNS and HTTPS. However, to provide better branding and a more seamless experience for your users, you may bring your own company domain, for example

In order to use your own domain, you need to perform an one-time setup by adding DNS records at your authoritative DNS. These DNS records are neccessary to ensure that your users can access your Sourcegraph instance via the custom domain, and also to ensure we can provide managed TLS certificates for your instance. See a list of DNS records to be created by your organization below as an example. Additionally, your custom domain's CAA records should permit our upstream certificate authorities to issue certificates for your domain, follow the instructions below to verify your CAA records.

Please reach out to your Sourcegraph account team to request a custom domain to be configured for your Sourcegraph Cloud instance.

DNS records to be created by your organization

Below is a list of the DNS records that are required to be created by your organization. This is for illustrative purposes only, and the actual records will be provided by your Sourcegraph account team. We use as an example custom domain.

  • CNAME record for pointing to
  • TXT record for with value $token
  • CNAME record for pointing to$

Verify CAA records

To verify that your CAA records are set correctly, you can use the following command:

dig caa +short
dig caa +short

If the output is empty, you don't have to do anything. If the output is not empty, and it does not contain and, you need to add them to your CAA records to the apex domain or your desired subdomain, e.g.,


  • You can only have a single custom domain per Sourcegraph Cloud instance.
  • You can only use the custom domain to access your Sourcegraph Cloud instance.

Multiple region availability

Sourcegraph Cloud instances are deployed in one of Google Cloud Platform data center locations:

  • North America (USA) - us-central1
  • Europe (UK or Germany) - europe-west2 or europe-west3
  • Asia (Japan) - asia-northeast1
  • Australia - australia-southeast1

If you have specific requirements for the region, please reach out to your Sourcegraph account team.

More details about the locations and data storage can be found in our handbook

Private Connectivity

Sourcegraph Cloud can connect to resources that are publically accessible or protected by IP-based firewall rules out-of-the-box. Sourcegraph can provide static IP addresses for customers to add to their firewall allowlist. Please let your account team know.

Private Connectivity enables customers to privately connect Private Resources to the Sourcegraph Cloud instance. Private Resources refer to services that are not publicly accessible, such as self-hosted GitHub Enterprise servers, self-hosted GitLab instances, self-hosted Nexus instance, or Jira Data Center deployed in a private network that are only accessible through VPN. Learn more about Private Connectvity support below:

For unsupported private connectivity methods, Sourcegraph offers connectivity via customer-managed alternate public load balancers:

Health monitoring, support, and SLAs

Backup and restore


Backup and restore capability is provided via automated snapshots.

  • Frequency: Snapshots are produced daily.
  • Retention period: Snapshots are kept for 90 days.

Training, feedback, and engagement

As with any Sourcegraph enterprise customer, you will also receive support from us with:

  • Installing code host and code review integrations
  • Monitoring and aggregating user feedback
  • Understanding usage statistics of your deployment
  • Internal rollout programs including:
    • Holding company-wide or team-by-team training sessions (contact us for details)
    • Helping the maintainers of your internal engineer onboarding add a session on Sourcegraph
    • Holding ongoing brown bag lunches to introduce new feature releases
    • Advice and templates on how to introduce Sourcegraph to your engineering organization

Managed SMTP

All Sourcegraph Cloud instances are provisioned with a Sourcegraph-managed SMTP server through a third-party provider for transactional email delivery. Email capabilities power features like:

  • Code Monitoring notifications
  • Inviting other users to a Sourcegraph instance, or to an organization/team on a Sourcegraph instance
  • Important updates to user accounts (for example, creation of API keys)
  • For builtin authentication, password resets and email verification

By default, emails will be sent from an email address. To test email delivery, refer to sending a test email.

To opt out of managed SMTP, please let your Sourcegraph Account team know when requesting a trial. You can also opt out by overriding the managed email.address and email.smtp configuration with your own in site configuration. If you have specific requests for managed SMTP, please reach out regarding special requirements.

To learn more about how the Sourcegraph team operates managed SMTP internally, refer to our handbook.


Cody is an AI coding assistant that lives in your editor that can find, explain, and write code. Cody uses a combination of Large Language Models (LLMs), Sourcegraph search, and Sourcegraph code intelligence to provide answers that eliminate toil and keep human programmers in flow. You can think of Cody as your programmer buddy who has read through all the code in open source, all the questions on StackOverflow, and all your organization's private code, and is always there to answer questions you might have or suggest ways of doing something based on prior knowledge. Learn more from Cody documentation about how Cody can help you.

On Cloud, Cody can be enabled by contacting your Sourcegraph account team. Once Cody has been enabled by us, you can follow the instruction below to try it out.

Step 1: Configure the VS Code extension

Now that Cody is turned on on your Sourcegraph Cloud instance, any user can configure and use the Cody VS Code extension. This does not require admin privilege.

  1. If you currently have a previous version of Cody installed, uninstall it and reload VS Code before proceeding to the next steps.
  2. Search for “Sourcegraph Cody” in your VS Code extension marketplace, and install it.
  1. Reload VS Code, and open the Cody extension. Review and accept the terms.

  2. Now you'll need to point the Cody extension to your Sourcegraph instance. On your instance, go to settings / access token (https://<your-instance><your-username>/settings/tokens). Generate an access token, copy it, and set it in the Cody extension.

  1. In the Cody VS Code extension, set your instance URL and the access token

You're all set!

Step 2: Try Cody!

A few things you can ask Cody:

  • "What are popular go libraries for building CLIs?"
  • Open your workspace, and ask "Do we have a React date picker component in this repository?"
  • Right click on a function, and ask Cody to explain it



  • A dedicated project manager who serves as the point of contact for the rollout process.
  • A mutual non-disclosure agreement and any additional approvals or special status required to allow Sourcegraph to manage infrastructure access tokens (listed below).
  • Acceptance of our Terms of Service for private instances or an enterprise contract.



  • The Sourcegraph instance can only be accessible via a public IP. Running it in a private network and pairing it with your private network via site-to-site VPN or VPC Peering is not yet supported.
  • Code hosts or user authentication providers running in a private network are not yet supported. They have to be publically available or they must allow incoming traffic from Sourcegraph-owned static IP addresses. We do not have proper support for other connectivity methods, e.g. site-to-site VPN, VPC peering, tunneling.
  • Instances currently run only on Google Cloud Platform in the chosen regions. Other regions and cloud providers (such as AWS or Azure) are not yet supported.
  • Some configuration options are managed by Sourcegrpah and cannot be override by customers, e.g. feature flags, experimental features.


Your managed instance will be accessible over HTTPS/TLS, provide storage volumes that are encrypted at rest, and have access restricted to only your team through your enterprise VPN and/or internal SSO (single sign-on provider) of choice.

For all managed instances, we will provide security capabilities from Cloudflare such as WAF and rate-limiting to protect your instance from malicious traffic.

Your instance will be hosted in isolated Google Cloud infrastructure. See our employee handbook to learn more about the cloud architecture we use. Both your team and limited Sourcegraph personnel will have application-level administrator access to the instance.

Only essential Sourcegraph personnel will have access to the instance, server, code, and any other sensitive materials, such as tokens or keys. The employees or contractors with access are bound by the same terms as Sourcegraph itself. Learn more in our security policies for Sourcegraph Cloud or contact us with any questions or concerns. You may also request a copy of our SOC 2 Report on our security portal.

Sourcegraph management access

Sourcegraph management access is the ability for Sourcergaph employees to grant time-bound and audit-trailed UI access to Cloud instances in the events of instance maintenance, issue troubleshooting, and customer assistance. Customer consent is guaranteed prior to human accesses.

All Sourcegraph Cloud instances have Sourcegraph management access enabled by default, and customers may request to disable by contacting your Sourcegraph contact.

Audit Logs

Our Cloud instances provide audit logs to help you monitor and investigate actions taken by users and the system. These logs are available to download by request and are also sent to a centralized logging service for 30 day retention (configurable for greater periods by request).

Accommodating special requirements

We may be able to support special requests (network access policies, infrastructure requirements, custom version control systems, etc.) with additional time, support, and fees. Contact us to discuss any special requirements you may have.