DO - Spaces

Support HackTricks and get benefits!

Basic Information

DigitalOcean Spaces are object storage services. They allow users to store and serve large amounts of data, such as images and other files, in a scalable and cost-effective way. Spaces can be accessed via the DigitalOcean control panel, or using the DigitalOcean API, and are integrated with other DigitalOcean services such as Droplets (virtual private servers) and Load Balancers.


Spaces can be public (anyone can access them from the Internet) or private (only authorised users). To access the files from a private space outside of the Control Panel, we need to generate an access key and secret. These are a pair of random tokens that serve as a username and password to grant access to your Space.
A URL of a space looks like this: Note the region as subdomain.
Even if the space is public, files inside of it can be private (you will be able to access them only with credentials).
However, even if the file is private, from the console it's possible to share a file with a link such as for a period of time:


# Unauthenticated
## Note how the region is specified in the endpoint
aws s3 ls --endpoint= --no-sign-request s3://uniqbucketname
# Authenticated
## Configure spaces keys as AWS credentials
aws configure
AWS Access Key ID [None]: <spaces_key>
AWS Secret Access Key [None]: <Secret>
Default region name [None]:
Default output format [None]:
## List all buckets in a region
aws s3 ls --endpoint=
## List files inside a bucket
aws s3 ls --endpoint= s3://uniqbucketname
## It's also possible to generate authorized access to buckets from the API
Support HackTricks and get benefits!