Skip to main content
All CollectionsConnectionsProvider
Digital Ocean Connection
Digital Ocean Connection

Making the initial connection to Digital Ocean

Updated this week

Connecting Digital Ocean to Drata allows for the automated, continuous monitoring and evidence collection of infrastructure security controls required for compliance.

BEFORE DIVING IN

Make sure you have access to your company's Digital Ocean account.

Digital Ocean API limitation: Digital Ocean's API does not support pulling infrastructure users. When you make the connection in Drata, the Managed Accounts page will show no user accounts, even if the connection was made successfully.

  • As a result, the following monitoring tests will show no Digital Ocean users in their results:

    • MFA on Infrastructure Console

    • Employees have Unique Infrastructure Accounts

    • Infrastructure Accounts Properly Removed

HERE'S HOW

Follow these instructions to connect Digital Ocean to Drata:


1. Select Connections on the side navigation menu.

2. Select the Connect button for the Digital Ocean integration.

3. Follow the instructions in the slide-out panel carefully. Take your time and complete one step entirely before moving on to the next.

  • If you're not already logged in to DO, you will be redirected to their register / login page; otherwise, you'll be redirected to the app authorization page.

  • When making the initial connection, Drata will give you the option to connect with the currently-signed-in Individual Account OR to any of the Teams that account is a member (role of Owner, Member, or Biller) of. We recommend connecting with a team account.

  • If your company is using Spaces, we will need to go through the process of Creating Access Keys. (steps in the next section)

Creating Access Keys for Spaces

In order for Drata to access the Spaces API, you'll need to provide access keys. This can be done on the API page of your dashboard.

User-uploaded Image

Once you click 'Generate New Key', simply provide a name for your access key. This will generate a public key and a time-sensitive secret key. Both are required to allow Drata to read your spaces.

User-uploaded Image

Creating Spaces

New Space URL: https://cloud.digitalocean.com/spaces/new

Spaces can be created with two privacy options:

  • Restrict File Listing

  • Enable File Listing

User-uploaded Image

This privacy option is what the Cloud Data Storage Exposure monitor (104) reads; spaces created with the Enable File Listing option will fail this monitor.

Monitoring tests

The following monitoring tests are supported by this integration:

  • SSL/TLS on Admin Page of Infrastructure Console

  • Cloud Data Storage Exposure (if connected with Spaces access keys)

  • Daily Database Backups

  • Cloud Infrastructure Linked to Drata

Did this answer your question?