Scalable compute services.
Simple object storage.
Run managed Kubernetes clusters.
Tools & Integrations
Automate your infrastructure.
Deploy pre-built applications.
Connect, share and learn
DevOps and development guides
Questions & Answers
Development and systems Q&A
by Justin Ellingwood
Let us select which Spaces can be accessed on different API keys. Example: A key can only access a single Space.
+1It's very important from security perspective to segregate accesses from various applications. I love DO but I cannot use this for production :( Thanks for considering this!
How is this still not a feature? Even just a basic mapping between an API key and a bucket would do loads to improve security. No need to elaborate overengineered solutions like AWS S3 ACLs.
@digitalocean, do you have any news on this?
Please do it. :D
Really need this feature as we are going with DO spaces for production use. The only workaround to this is to create a separate team account with different billing account and create new spaces with new API key there.
Guys, this is indispensable. This is a crucial feature which is a must in 2021. This must happen rather sooner than later! This actually is blocker and a reason to move away from DO...
Hey guys, any news? :)
DO? Atleast make an effort to reply back. This really is a huge security concern for any developer serious about their services. The idea is still tagged as needs review, what review is needed? Isn't security a basic necessatiy in 2021? Or you think developers are still living in 2010 era?
This feature is a must have, as we want different applications ( each one using it's own space )
It seems to be the most basic of concepts and this single issue is holding me back from migrating over all my client's static assets. I can't allow one client's Spaces API key to gain access to every single Space in my account. It's absurd.
Almost march 2021 and there's not even a reply from the DO team. This is concerning.
I need this feature soon
As an example, the Digital Ocean DNS plugin for Plesk requires an API key. This key that only needs to manage DNS entries, now has access to the resources of your entire team? It's kind of crazy.
Lack of this feature was a dealbreaker for us, as separation of environments was a must.
This feature is very useful for me
This is must have. What are you waiting for Digital Ocean? It cannot be that hard....
How this is not a base feature is beyond me.
Any update on restricting access keys? Slightly absurd, this is not available.. are we supposed to create a different account just to separate dev/production?
In this day and age where every DPO is breathing down our necks about data security, this seems like a non-starter.
You won't be notified about changes to this idea.