Pricing: Building A Better Cloudsmith

May 18 2022/Cloudsmith/9 min read
Cloudsmith's new 2022 pricing
We dive into the details of why we're changing the pricing at Cloudsmith, what it means for you, and how we can help.

TL;DR: Pricing has increased across all paid plans (OSS not affected by changes); however, significant features have been moved down (or added). We did it to build a better Cloudsmith. You may find a better fit at a lower or higher tier, so view your organization's subscription page to see the vital differences.

Hello Cloudsmith Community. 👋

Buckle up. This is a long post but a necessary one!

You’ve probably heard that we changed the pricing plans late last week. And we wanted to dig into the why behind the changes, give you our reasoning for doing so, and let you know why it represents incredible value across all plans. So let’s talk about it...

This pricing change is the first that we’ve made since June 2019, before the global pandemic, and only the second in the company's history; would you believe we have been talking about the shape and structure of our pricing every month since then?

Over the last three years, we have watched our community grow; we constantly listened to you, our illustrious customers, and our swathe of advisors, stakeholders, and partners. All of whom held strong opinions on how we should charge and what should be charged.

We don’t make changes without deep thought and consultation, and the decisions for things like this are never easy. The bottom-line driver for the change is building, delivering, and supporting more value than ever before. It’s a reinvestment for growth.

So, let’s revisit why we’re doing this in more detail, and then we can arrive at what it means for everyone, both for us and you. Ultimately, though, it’s to build a better Cloudsmith.

Why are we making these changes?

To enable security at the core of the software supply chain

We are a part of your software supply chain and, in some cases, the driving factor, so as a vital link in worldwide distribution from source to the point of delivery, security is at the core of our concerns (as it should be, yours!) Building a high-quality and secure product isn’t easy or cheap, but it’s an essential part of our investment in the ecosystem.

In addition to implementing deep security at Cloudsmith and ensuring that we meet standards such as ISO27001 and SOC2, we also want to ensure that any customer using Cloudsmith can quickly and simply implement secure artifact management best practices and processes, something that we coined as Continuous Packaging.

To evolve Cloudsmith into something even better than before

We want to build the world’s best Artifact Management solution in the Cloud for you. A lot has changed around artifact management since 2019 - improved solutions for automation, wider adoption of DevOps, more focus on security, and a dramatic rise in software supply chain attacks. The post-pandemic world is also a very different economy, and together with the evolution of the ecosystem, companies worldwide (including Cloudsmith) need to adapt.

We believe Cloudsmith is well-positioned to help organizations adapt to the changing landscape by enabling them to solve problems of scale and complexity through cloud-based artifact management. We provide end-to-end visibility and control of software assets, data, and dependencies, from source to delivery.

We believe strongly in listening to our customers as we build a product that solves their needs. In addition to driving our product roadmap, your feedback also contributed to the new plans we’ve rolled out. We want to ensure customers can find a plan that meets their needs now and as their organizations grow and require more complex compliance and security.

Our services will continue to evolve to ensure we can meet the needs of our customers in the future, and we will solve problems of trust at scale with a single global source of truth for all software, underpinned by the best-in-class Artifact Management in the Cloud; exactly as designed based on your feedback wants and needs.

Like security, scaling isn’t easy, and we need to balance supporting customers and building more value into the service. The pricing increase will enable us to re-invest more back into the product while still maintaining our capability to help you as you grow with Cloudsmith. In short, more and better value across your organization faster than before.

What is changing?

The pricing changes, in summary

Pricing has increased across all paid plans; however, significant features have been moved down (or added) to enable secure artifact management across all plans. To best understand the impact on your organization, please view your subscription page in the application to see the vital differences. The changes make it easier and cheaper for you to lean into Cloudsmith and reap the benefits of global distribution at scale, with more control and visibility built-in.

Providing universally secure Artifact Management at the core

We care deeply about security. We see Cloudsmith becoming a vital part of our customer's security toolkit every day. We want to enable any team using Cloudsmith to implement best practices in terms of security. We’ve moved Single Sign-On via SAML, Audit Logs, Sigstore Cosign, and Service Accounts from Ultra-only features down to Team (and beyond). We’ve also introduced the ability to quarantine packages, with automation being introduced later.

Supporting your ability to Automate Everything via Service Accounts

Service accounts are finally here! One of the most requested features, we’ve rolled these out for all paid plans. Service accounts will allow you to create bot users without associating them with a Human, which will enable us to deliver the promise to help you automate everything (one of our core philosophies). When hooking up your favorite CI tool, like CircleCI, you can use a restricted-access service account to help you automate efficiently.

Introducing scalable usage-based storage and bandwidth

One of the exciting things about artifact management and end-to-end software supply chain is that it is constantly changing. The flow of artifacts from your private CI processes or the pull from open source means that the “catalog” of available artifacts is continuously in flux.

Every time there’s a change, we process those changes. Our team is continually monitoring the stability and security of the Cloudsmith platform. As you scale, we scale. So when we charge for storage and bandwidth, we do so because it’s managed storage and bandwidth.

That doesn’t mean it has to cost the earth, and we listened to your feedback regarding both the tiered scaling of storage/bandwidth pricing and the limits imposed.

The new Cloudsmith plans include the following changes:

  • Substantially increased the “free” storage and bandwidth you get per tier. Before, each tier had a flat 30GB of storage and 60GB of bandwidth. Now Team provides 50GB of storage and 100GB of bandwidth; for Velocity, it is 200GB of storage and 400GB of bandwidth, and so on.
  • Removed the hard limit cap for Team and Velocity, which previously would have forced you to move up tiers to unlock more. In other words, there’s no boundary to which you can scale storage and bandwidth.

Active limits for users and entitlement tokens

We’re introducing usage-based limitations to plans for active users and active entitlement tokens for the first time. These are currently for monitoring purposes and won’t be actively enforced until a later date (more on that later). First, let’s define what we mean by “active.”

An “active user” is defined as a user in your organization who interacts with the service, either via the UI or by using their API key, within the current billing period. For example, you may have 30 users invited to an organization, but in the past 30 days, only five have logged in, and only 1 uses their API key, then there would be six active users.

An “active token” (entitlement token) is a token in your repositories that interacts with the service, usually by downloading assets, within the current billing period. For example, if you have 200 customers, but in the past 30 days, only 100 used their token to download software, then there would be 100 active tokens.

These changes are intended to be usage-based later, to facilitate organizational growth without moving up plans (and ensure we’re delivering values at the proper levels, either for internal developers/deployers or external distributors).

The “When are the changes happening?” section later describes the “when” for rollout.

Not sure what plan is right for you?

Your plan will vary depending on your organization's needs, your belief in Cloudsmith, and your desire for specific features or outcomes. You may be best staying on the same plan (and, in some cases, better off), or you may wish to either downgrade or upgrade. The first step is to compare your existing plan with the new plans via your organization's subscription page to see the differences.

Your organization is open-source only.

Great! As you know, we love open-source software. If this is your organization, you won’t need to take any action. OSS repositories will continue to access most of the Team plan features as before (excluding SAML and Upstream Proxying). We realize that the active users limit makes this awkward, but they’re not enforced yet and won't be for OSS organizations. We’re likely to move you to a unique OSS plan (or something similar) later that takes care of this. The bottom line is that we support you and will find a home for you at Cloudsmith, no matter what, and you won't need to make any changes.

Your organization is on a Legacy (pre-Team/Velocity/Ultra) plan.

If your organization is on a plan type that predates our Team, Velocity, and Ultra plans, you’ve been supporting Cloudsmith for a long time - and we appreciate that!

There are three key considerations to determine the best plan for your organization:

  • What are the features your organization needs?
  • How many users or customers do you have?
  • How much storage and bandwidth do you usually need?

Based on those inputs, you may find that downgrading to the Core (free) plan or upgrading to the Team plan suits your needs better. Regardless of your pick, you’ll likely see significant additions to the features. If you need help deciding or want to discuss your options, ask us, and we’ll be happy to help!

Your organization is on the Team plan.

The Cloudsmith Team plan increased in cost - but in addition to an increased quota for built-in storage and bandwidth, it also had significant features added to it, including SSO with SAML, service accounts, audit logs, and quarantine.

We believe these new features bring the best essential artifact management and security to the Team plan. However, if your organization does not require these features, or if you’re an individual or small company, you can now consider the Core (free) plan too.

Your organization is on the Velocity plan.

The Cloudsmith Velocity plan increased in cost - but in addition to a significantly increased quota for built-in storage and bandwidth, with an unlimited overage allowed, it’s become the sweet spot for organizations that need advanced insights, control, security, and team management, that aren’t quite yet at a point of requiring Enterprise-grade compliance features.

Suppose your organization does not benefit from the increased storage and bandwidth and doesn’t need the advanced insights, controls, and user/token capacity. In that case, you may want to consider downgrading to the Team plan instead.

Your organization is on the Ultra plan.

The Cloudsmith Ultra plan is best for teams tackling significant problems of scale that need Enterprise-grade compliance, performance, and support. If you are already an Ultra customer, that’s likely because this description matches your needs. Otherwise, if you need a customized quote, you can contact us (see below) to get one that fits your needs.

Beyond Enterprise-grade artifact management, you can access volume-based discounts, an excellent option for customers with high storage and bandwidth needs to control their costs better. We also offer Enterprise-tier support as an add-on, with several benefits, including a first response SLA, rolling support hours, emergency escalation, a dedicated technical account manager, and more.

When are the changes happening?

These changes will affect accounts on their first billing cycle renewal after July 1, 2022. So for those on annual subscriptions, it may be at a much later date. Please check the billing management page for your organization for more details.

We hope that gives adequate time to prepare for the changes, but as with everything related to billing and costing, please reach out if you’d like to discuss the timeline in more detail or need additional help dealing with them.

As for enforcement of the “active” limits (such as active users, active tokens, etc.), these won’t be enforced until at least October of 2022, and we promise to:

(a) listen to feedback on these changes before finalization of limits and;
(b) notify you in advance before activating enforcement of the limits, and;
(c) ensure there are dashboards and notifications in place for monitoring first.


We've spent a lot of time and effort crafting plans that enable our customers to get the best out of the Cloudsmith platform. We've listened to feedback and looked at the data, and we hope we've found the right mix of features, limits, and value for each of the tiers.

We hope this post answers all the questions you have, but if you are still unsure what plan is right for you, you can reach us directly via email or book time with us here for a no-obligation chat. We would be happy to discuss your use case and see how we can ensure Cloudsmith can meet your needs.

Lastly, we want you to join us on the journey as customers, partners, and collaborators; please see the personal message about pricing from the founders of Cloudsmith (Alan and Lee), which charts that path from inception until today. We really appreciate your support, and thank you for taking this journey with us.

Get our next blog straight to your inbox