Skip to main content
All CollectionsConnectionsInfrastructure
Digital Ocean Connection Details
Digital Ocean Connection Details

This article walks through the details of configuring Digital Ocean to connect to Drata.

Updated over a week ago


HERE'S WHY

Connecting Digital Ocean to Drata allows for the automated, continuous monitoring and evidence collection of infrastructure security controls required for compliance.

BEFORE DIVING IN

Make sure you have access to your company's Digital Ocean account.

Limitations

  • Digital Ocean's API does not support pulling infrastructure users. When you make the connection in Drata, the Managed Accounts page will show no user accounts, even if the connection was made successfully.

    • As a result, the following monitoring tests will show now Digital Ocean users in their results:

      • MFA on Infrastructure Console

      • Employees have Unique Infrastructure Accounts

      • Infrastructure Accounts Properly Removed

  • The following monitoring tests are supported by this integration:

    • SSL/TLS on Admin Page of Infrastructure Console

    • Cloud Data Storage Exposure (if connected with Spaces access keys)

    • Daily Database Backups

    • Cloud Infrastructure Linked to Drata

Connecting to Digital Ocean in Drata

  • On the Drata connections page, choose Digital Ocean as your infrastructure provider. If you're not already logged in to DO, you will be redirected to their register / login page; otherwise, you'll be redirected to the app authorization page.

  • When making the initial connection, Drata will give you the option to connect with the currently-signed-in Individual Account OR to any of the Teams that account is a member (role of Owner, Member, or Biller) of. We recommend connecting with a team account.

  • If your company is using Spaces, we will need to go through the process of Creating Access Keys. (steps in the next section)

Creating Access Keys for Spaces

In order for Drata to access the Spaces API, you'll need to provide access keys. This can be done on the API page of your dashboard.

User-uploaded Image

Once you click 'Generate New Key', simply provide a name for your access key. This will generate a public key and a time-sensitive secret key. Both are required to allow Drata to read your spaces.

User-uploaded Image

Creating Spaces

Spaces can be created with two privacy options:

  • Restrict File Listing

  • Enable File Listing

User-uploaded Image

This privacy option is what the Cloud Data Storage Exposure monitor (104) reads; spaces created with the Enable File Listing option will fail this monitor.

Did this answer your question?