Access key per space | Voters

DigitalOcean

Create

Home

Storage

Access key per space

Michael

Please prioritise having individual keys for individual spaces. It's pretty useless with multiple products or clients. I can't use it for backup for instance, because every other project will be able to access these backups if compromised.

September 15, 2021

Pär Sandgren

This is a mayor security and privacy issue. One keypair shouldn't have unlimited access to everything. It's just plain stupid, and you know it :).

We need to be able to have isolated buckets for each environment (dev/stage/prod), or have isolated buckets for each customer.

Kas

+1 
This can also help with a variety of automation workflows, and having scoped keys can help reduce the risk / exposure should the keys get compromised. 
For example having a dedicated key (scoped to a space) to uploading release artefacts from GitHub action workflows, another key that's read-only to download those artefacts on droplets etc...
Hope to see improvements in this area to aid such workflows. 
Thanks!

Tom O'Brien

As this issue was raised long ago from a support page: https://www.digitalocean.com/community/questions/spaces-different-keys-per-bucket , it's disheartening to see a lack of focus and attention given to this critical feature.
In order to comply with GDPR, it is imperative to limit access to authorized users only. If one access key leaks for whatever reason, it means that all spaces are compromised. 
After nearly 4 years, I'd like to hear a definitive answer on this from DigitalOcean so that we can all move on with our lives.

Indra Prastha

This is important, even creating projects for each client but unable to separate access to spaces bucket to each client as they will have all bucket access