This is more or a less a must have. Signed up for Spaces and started some experiments when I soon realised that an IAM-like system wasn't possible. Dropped Spaces immediately. Will revisit if this is implemented though.

Very basic feature, please implement that!

This an absolute must. Please. Has anything been said or done on this request?

Current naive security model is useable only for hobby projects. Not useable for anything serious.

Same with others DO APIs - you want one service to be able to update its domain records, you give it access to everything on your account.

As long as DO does not deliver, I've built a workaround for people willing to host their own solution to this problem: https://github.com/djmaze/s3-auth-proxy

It's kind of ridiculous that this isn't a thing. What's the point of having different buckets if you can't control them individually? My enthusiasm for Spaces is shrinking by the day. No static site hosting (announced years ago), no API bandwidth monitoring, and now I learn that access cannot be limited to one specific space. Next thing I find out I can have only one database passwords that grant you access to all the databases on my account.

This is super critical

We are another company that would use Spaces IF there was a way to restrict access to buckets. We can not allow our client websites to access each other's data, and I would assume this to be the case for anyone who serves multiple clients.

can we accomplish the same thing with bucket policies instead?

Any update on this ?

How is this feature going?

Isolating key access to specific spaces is essential - spaces is unusable in the real world without it.

read only keys would also be nice

No reason to have multiple buckets and multiple keys if an key can access any bucket

It is really important. So far we have to create separate accounts for spaces

It boggles my mind that the only way to compartmentalize access is creating whole new sets of teams and spinning up and managing what amounts a venn diagram of unique individual spaces. 

We need to separate different projects / customers!

Unbeblievable that this is still not implemented. Unfortunately this is also a dealbraker for us. Not possible to migrate several different customer projects to DO without this feature.

Agree, very need this feature.. 

Please implement the bucket level access feature.

+1 on this feature request. 

Without keys per bucket, we can't possibly host buckets that are visible without any user/key controls.