[mryan]

It certainly seems feasible with the use of VPC and Security Groups.

At the very least I think they should offer an option that only you to restrict access so only your dynos have access to the postgres port.

[thibaut_barrere]

I'd love to use it with any EC2 installation (EngineYard, stock EC2 etc).

If only they could limit access to EC2 security groups, it would be amazing.

[mryan]

That would be great.

Security Groups work across accounts, so Heroku (or whoever) could let you provide your account ID and Security Group name, then authorise access from this group.

[willlll]

Simple ec2 security groups is not enough because we also run an arbitrary code execution service (dynos)