Guys, this is indispensable. This is a crucial feature which is a must in 2021. This must happen rather sooner than later! This actually is blocker and a reason to move away from DO...
DO? Atleast make an effort to reply back. This really is a huge security concern for any developer serious about their services. The idea is still tagged as needs review, what review is needed? Isn't security a basic necessatiy in 2021? Or you think developers are still living in 2010 era?
It seems to be the most basic of concepts and this single issue is holding me back from migrating over all my client's static assets. I can't allow one client's Spaces API key to gain access to every single Space in my account. It's absurd.
As an example, the Digital Ocean DNS plugin for Plesk requires an API key. This key that only needs to manage DNS entries, now has access to the resources of your entire team? It's kind of crazy.
Any update on restricting access keys? Slightly absurd, this is not available.. are we supposed to create a different account just to separate dev/production?
I have 10+ apps that need object storage but I can't use Spaces because of the lack of access control. If 1 app is compromised, all my Spaces would be at risk. It is not production ready object storage without proper access control.
This is absolutely necessary, in fact, without this it is impossible to work with large development teams in which a large part of them should not have access to spaces in production.
I do not understand how this has not been solved for more than two years, in DO they should realize that if this is losing thousands of potential clients that when realizing this they take a step back in the migration of their services to DO.
Trying to setup separate spaces for "test" and "prod" isolation. Having one key is super dangerous to expose access to production buckets while testing.
Guys, this is indispensable. This is a crucial feature which is a must in 2021. This must happen rather sooner than later! This actually is blocker and a reason to move away from DO...
Attachments Open full size
Hey guys, any news? :)
Attachments Open full size
DO? Atleast make an effort to reply back. This really is a huge security concern for any developer serious about their services. The idea is still tagged as needs review, what review is needed? Isn't security a basic necessatiy in 2021? Or you think developers are still living in 2010 era?
Attachments Open full size
This feature is a must have, as we want different applications ( each one using it's own space )
Attachments Open full size
It seems to be the most basic of concepts and this single issue is holding me back from migrating over all my client's static assets. I can't allow one client's Spaces API key to gain access to every single Space in my account. It's absurd.
Attachments Open full size
Almost march 2021 and there's not even a reply from the DO team. This is concerning.
Attachments Open full size
I need this feature soon
Attachments Open full size
As an example, the Digital Ocean DNS plugin for Plesk requires an API key. This key that only needs to manage DNS entries, now has access to the resources of your entire team? It's kind of crazy.
Attachments Open full size
Lack of this feature was a dealbreaker for us, as separation of environments was a must.
Attachments Open full size
This feature is very useful for me
Attachments Open full size
This is must have. What are you waiting for Digital Ocean? It cannot be that hard....
Attachments Open full size
How this is not a base feature is beyond me.
Attachments Open full size
Any update on restricting access keys? Slightly absurd, this is not available.. are we supposed to create a different account just to separate dev/production?
Attachments Open full size
In this day and age where every DPO is breathing down our necks about data security, this seems like a non-starter.
Attachments Open full size
This would be extremely useful. We need this functionality.
Attachments Open full size
I have 10+ apps that need object storage but I can't use Spaces because of the lack of access control. If 1 app is compromised, all my Spaces would be at risk. It is not production ready object storage without proper access control.
Attachments Open full size
Dissapointing to see that there's no progress in this at all.
This is super necessary.
Attachments Open full size
This is absolutely necessary, in fact, without this it is impossible to work with large development teams in which a large part of them should not have access to spaces in production.
I do not understand how this has not been solved for more than two years, in DO they should realize that if this is losing thousands of potential clients that when realizing this they take a step back in the migration of their services to DO.
Attachments Open full size
Also granular access to droplets, volumes, snapshots, etc. Related:
Fine grained API tokens
https://ideas.digitalocean.com/ideas/DO-I-966
Restrict API personal access token to a specific project
https://ideas.digitalocean.com/ideas/DO-I-7
Attachments Open full size
Any updates here?
Trying to setup separate spaces for "test" and "prod" isolation. Having one key is super dangerous to expose access to production buckets while testing.
Attachments Open full size