Log in / Sign up
Object Storage (Spaces)
Rik van der Heijden
and 18 more...
Terms of Service
Access key per space
Please prioritise having individual keys for individual spaces. It's pretty useless with multiple products or clients. I can't use it for backup for instance, because every other project will be able to access these backups if compromised.
September 15, 2021
This is a mayor security and privacy issue. One keypair shouldn't have unlimited access to everything. It's just plain stupid, and you know it :).
We need to be able to have isolated buckets for each environment (dev/stage/prod), or have isolated buckets for each customer.
December 9, 2021
This can also help with a variety of automation workflows, and having scoped keys can help reduce the risk / exposure should the keys get compromised.
For example having a dedicated key (scoped to a space) to uploading release artefacts from GitHub action workflows, another key that's read-only to download those artefacts on droplets etc...
Hope to see improvements in this area to aid such workflows.
November 8, 2021
As this issue was raised long ago from a support page:
, it's disheartening to see a lack of focus and attention given to this critical feature.
In order to comply with GDPR, it is imperative to limit access to authorized users only. If one access key leaks for whatever reason, it means that all spaces are compromised.
After nearly 4 years, I'd like to hear a definitive answer on this from DigitalOcean so that we can all move on with our lives.
October 27, 2021
This is important, even creating projects for each client but unable to separate access to spaces bucket to each client as they will have all bucket access
October 19, 2021
Terms of Service