DigitalOcean Helps Customers Bolster Object Storage Security with Spaces Per-Bucket Access Keys
DigitalOcean Holdings (NYSE: DOCN) announced the general availability of Per-Bucket Access Keys for DigitalOcean Spaces, its S3-compatible object storage service. This new feature enables identity-based, bucket-level control over access permissions, enhancing data security and simplifying management.
The update allows administrators to assign read-only or read-write permissions for specific buckets to appropriate users and applications. This targeted approach strengthens organizational security by ensuring users only access necessary data. Key use cases include enhanced security controls, multi-tenant environment management, environment isolation, application-specific access, and secure file sharing.
Future enhancements planned for mid-2025 include API and CLI support for creating Per-Bucket Access Keys, and integration with S3-compatible bucket policies.
DigitalOcean Holdings (NYSE: DOCN) ha annunciato la disponibilità generale delle Chiavi di Accesso per Bucket, per DigitalOcean Spaces, il suo servizio di storage oggetti compatibile con S3. Questa nuova funzionalità consente un controllo basato sull'identità a livello di bucket sulle autorizzazioni di accesso, migliorando la sicurezza dei dati e semplificando la gestione.
L'aggiornamento consente agli amministratori di assegnare autorizzazioni di sola lettura o lettura-scrittura per specifici bucket a utenti e applicazioni appropriati. Questo approccio mirato rafforza la sicurezza organizzativa garantendo che gli utenti accedano solo ai dati necessari. I casi d'uso chiave includono controlli di sicurezza migliorati, gestione di ambienti multi-tenant, isolamento degli ambienti, accesso specifico alle applicazioni e condivisione sicura di file.
I miglioramenti futuri previsti per la metà del 2025 includono il supporto API e CLI per la creazione di Chiavi di Accesso per Bucket e integrazione con le politiche di bucket compatibili con S3.
DigitalOcean Holdings (NYSE: DOCN) anunció la disponibilidad general de las Claves de Acceso por Bucket para DigitalOcean Spaces, su servicio de almacenamiento de objetos compatible con S3. Esta nueva función permite un control de permisos de acceso a nivel de bucket basado en la identidad, mejorando la seguridad de los datos y simplificando la gestión.
La actualización permite a los administradores asignar permisos de solo lectura o lectura-escritura para buckets específicos a usuarios y aplicaciones apropiadas. Este enfoque dirigido refuerza la seguridad organizacional al asegurar que los usuarios solo accedan a los datos necesarios. Los casos de uso clave incluyen controles de seguridad mejorados, gestión de entornos multi-tenant, aislamiento de entornos, acceso específico a aplicaciones y compartición segura de archivos.
Las mejoras futuras previstas para mediados de 2025 incluyen soporte API y CLI para la creación de Claves de Acceso por Bucket, y la integración con políticas de bucket compatibles con S3.
디지털오션 홀딩스(DigitalOcean Holdings) (NYSE: DOCN)는 S3 호환 객체 저장 서비스인 디지털오션 스페이스(DigitalOcean Spaces)를 위한 버킷별 접근 키의 일반 가용성을 발표했습니다. 이 새로운 기능은 아이덴티티 기반의 버킷 수준 접근 권한 관리를 가능하게 하여 데이터 보안을 강화하고 관리의 단순화를 이룹니다.
이 업데이트는 관리자들이 특정 버킷에 대해 적합한 사용자와 애플리케이션에 읽기 전용 또는 읽기-쓰기 권한을 부여할 수 있게 해줍니다. 이러한 목표 지향적 접근은 사용자가 필요한 데이터만 접근하도록 보장함으로써 조직의 보안을 강화합니다. 주요 사용 사례로는 향상된 보안 통제, 다중 임대 환경 관리, 환경 분리, 애플리케이션별 접근 및 안전한 파일 공유가 있습니다.
2025년 중반에 계획된 미래의 향상 사항으로는 버킷별 접근 키 생성을 위한 API 및 CLI 지원과 S3 호환 버킷 정책과의 통합이 포함됩니다.
DigitalOcean Holdings (NYSE: DOCN) a annoncé la disponibilité générale des Clés d'Accès par Bucket pour DigitalOcean Spaces, son service de stockage d'objets compatible S3. Cette nouvelle fonctionnalité permet un contrôle des autorisations d'accès au niveau du bucket basé sur l'identité, renforçant la sécurité des données et simplifiant la gestion.
La mise à jour permet aux administrateurs d'assigner des autorisations en lecture seule ou en lecture-écriture pour des buckets spécifiques aux utilisateurs et applications appropriés. Cette approche ciblée renforce la sécurité organisationnelle en s'assurant que les utilisateurs n'accèdent qu'aux données nécessaires. Les cas d'utilisation clés comprennent des contrôles de sécurité améliorés, la gestion d'environnements multi-locataires, l'isolement des environnements, un accès spécifique aux applications et un partage sécurisé de fichiers.
Les améliorations futures prévues pour mi-2025 comprennent un support API et CLI pour la création de Clés d'Accès par Bucket ainsi qu'une intégration avec des politiques de bucket compatibles S3.
DigitalOcean Holdings (NYSE: DOCN) hat die allgemeine Verfügbarkeit von Per-Bucket-Zugangsarten für DigitalOcean Spaces, seinen S3-kompatiblen Objektspeicherdienst, bekannt gegeben. Diese neue Funktion ermöglicht eine identitätsbasierte Kontrolle über Zugriffsberechtigungen auf Bucket-Ebene, wodurch die Datensicherheit erhöht und das Management vereinfacht wird.
Das Update erlaubt Administratoren, bestimmten Benutzern und Anwendungen Lese- oder Lese-Schreibberechtigungen für spezifische Buckets zuzuweisen. Dieser gezielte Ansatz stärkt die Sicherheit der Organisation, indem sichergestellt wird, dass Benutzer nur auf die notwendigen Daten zugreifen. Wichtige Anwendungsfälle umfassen verbesserte Sicherheitskontrollen, Verwaltung von Multi-Tenant-Umgebungen, Umgebungsisolierung, anwendungsspezifischen Zugriff und sicheren Dateiaustausch.
Zukünftige Verbesserungen sind für Mitte 2025 geplant und umfassen API- und CLI-Unterstützung zur Erstellung von Per-Bucket-Zugangsarten sowie die Integration mit S3-kompatiblen Bucket-Richtlinien.
- Introduction of granular security controls through Per-Bucket Access Keys
- Enables expansion of object storage workloads within single accounts
- Improves multi-tenant data management capabilities
- Enhanced security through targeted access permissions
- Key features like API and CLI support delayed until mid-2025
- S3-compatible bucket policies integration not available until mid-2025
Insights
DigitalOcean's launch of Per-Bucket Access Keys represents a strategic enhancement that could significantly impact their market position in the cloud infrastructure space. This feature addresses a important gap that previously DigitalOcean's ability to attract certain enterprise customers and complex workloads.
From a competitive standpoint, this development brings DigitalOcean's security capabilities closer to par with industry giants like AWS, Google Cloud and Azure. The timing is particularly relevant as organizations increasingly prioritize granular security controls and compliance requirements. The previous limitations had likely been causing DigitalOcean to miss out on potential revenue from customers who required more sophisticated access management.
Key business implications include:
- Potential for increased adoption from larger enterprises and organizations with complex security requirements
- Enhanced ability to compete for multi-tenant application workloads
- Reduced barrier to entry for customers managing sensitive data
- Opportunity to expand within existing accounts that were previously by security constraints
The planned mid-2025 roadmap additions of API/CLI support and S3-compatible bucket policies indicate a comprehensive approach to enterprise-grade security features. This could position DigitalOcean to capture a larger share of the growing cloud storage market, particularly among mid-sized businesses that require robust security but prefer DigitalOcean's simplicity-first approach.
The market impact could be substantial, as security features often serve as a critical decision point for enterprise customers. By removing this limitation, DigitalOcean has eliminated a significant obstacle to adoption, potentially opening up new revenue streams and customer segments previously unavailable to them.
New security capabilities on DigitalOcean Spaces enable identity-based access control
Prior to the introduction of Per-Bucket Access Keys, many customers chose to limit the types of applications they ran on DigitalOcean infrastructure to those without object storage requirements or with minimal access management requirements in order to better control access to their object data. Customers also opted to limit their overall number of object workloads in order to help ensure their users did not inadvertently gain access to data unrelated to their own roles.
With Per-Bucket Access Keys, administrators can assign read-only or read-write permissions for accessing specific buckets to the appropriate users and applications within their organization. This targeted approach strengthens organizational security, helping to ensure that users and applications only have access to the data they need, and it unlocks customers’ ability to run a much wider range of applications within a single DigitalOcean account.
“Managing access to data can be tricky. Overly complex security controls can make it difficult for customers to manage their cloud environments and often require additional investments in security experts,” said Keshav Attrey, Senior Product Manager for Spaces at DigitalOcean. “With Per-Bucket Access Keys, DigitalOcean now provides developers and businesses with robust and intuitive core security controls for their users and applications while helping them maintain operational simplicity.”
Real-World Use Cases
Per-Bucket Access Keys open up a range of new possibilities for businesses and developers:
- Enhanced Security: Help ensure applications and team members only have access to the data they need.
- Multi-Tenant Environments: Better safeguard customer data by isolating access for each tenant.
- Environment Isolation: Keep development, staging, and production environments separate within the same account.
- Application-Specific Access: Help reduce the impact of a compromised access key by limiting its scope to a single bucket.
- Secure File Sharing: Share content from one bucket without exposing content from any other buckets.
"Spaces Per-Bucket Access Keys has significantly enhanced our infrastructure capabilities. By offering simple and approachable settings, it enables us to enhance security within individual buckets, providing us with a sense of security by precisely controlling access where it is most critical,” said Adam Tharani, platform developer at Marketcircle. “This enhanced control provides clarity, ultimately improving our workflows and enabling us to grant more access than previously possible."
Future Enhancements
We’re continuously working to improve the user experience and capabilities of Per-Bucket Access Keys. Here’s what’s on the horizon:
- API and CLI Support: By mid-2025, customers will be able to create Per-Bucket Access Keys through the DigitalOcean API and CLI, in addition to the DigitalOcean Control Panel.
- S3-Compatible Bucket Policy Support: Integration with S3-compatible bucket policies (PutBucketPolicy) is in progress and expected to be available by mid-2025.
To learn more or get started, visit the DigitalOcean Access Keys documentation.
About DigitalOcean
DigitalOcean is the simplest scalable cloud platform that democratizes cloud and AI for growing tech companies around the world. Our mission is to simplify cloud computing and AI to allow builders to spend more time creating software that changes the world. More than 600,000 customers trust DigitalOcean to deliver the cloud, AI, and ML infrastructure they need to build and scale their organizations. To learn more about DigitalOcean, visit www.digitalocean.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250122749716/en/
DigitalOcean Media
Dan Jensen
press@digitalocean.com
Investors
Melanie Strate
investors@digitalocean.com
Source: DigitalOcean Holdings, Inc.
FAQ
What new security feature did DigitalOcean (DOCN) release for Spaces storage?
When will DigitalOcean (DOCN) add API and CLI support for Per-Bucket Access Keys?
What are the main use cases for DigitalOcean's Per-Bucket Access Keys?
How does Per-Bucket Access Keys improve security for DOCN customers?
When will DigitalOcean (DOCN) implement S3-compatible bucket policies?
