DO Ideas 2

Ability to Lock and Protect Droplets from Destruction

I'd like the ability to lock a droplet from being destroyed. This would stop accidental destruction of the main droplet website when destroying test sites etc. This could either be a password unlock on certain droplets, or a lock that can only be removed on request to DigitalOcean support.

  • Will
  • Sep 11 2018
  • Attach files
  • Maksim Koryukov commented
    September 11, 2018 16:29
  • Maksim Koryukov commented
    September 11, 2018 16:29
  • Pedro Devoto commented
    September 11, 2018 16:29

    +1

  • Hannah Wolfe commented
    September 11, 2018 16:29

    I also wish I could throw all 10 votes at this! I am so afraid that having an API key stored for provisioning new droplets could accidentally be used to delete key production servers.

    I'm terrified to run any code that attempts to do delete throw-away droplets because I am afraid I'll make a mistake which means an incorrect ID gets sent and I'll wipe out something important. It's just not worth it, so I'm doing deletions manually, which is not tenable long term!

    A lock / protection feature or different "dev" and "production" DO server lists, or API keys that are tied to tags - anything that would mean I could have a key without being at risk of doing something horrible would be awesome.

  • Arnold Hendriks commented
    September 11, 2018 16:29

    If you're worried about deleting production servers whilst experimenting, you can also set up a separate team. The doctl oauth tokens are per team, so simply make sure your live environment token isn't configured when running your tests, and you can't accidentally delete anything.

  • Marco Colli commented
    September 11, 2018 16:29

    A checkbox in the droplet's settings that allows to lock it and prevent accidental destroy would be enough.

    Then when you want to destroy it, you simply uncheck the checkbox in the setting before destroying it.

    (Contacting DO support would be too much, for everyone.)

  • garry egan commented
    September 11, 2018 16:29

    God this is huge. I would dedicate all 10 votes to this if I could. As a developer, I create and destroy dozens of droplets...all the while my main droplet, with 50 sites, sites just below... one wrong move and my life will be changed forever. Sure, I can snapshot but that doesn't make me feel any better. PLEASE implement a simple LOCK feature that requires, at least, an extra level of confirmation and/or password re-enter.

  • Safeharbour commented
    September 11, 2018 16:29

    Hi, check out tag protection (though only enforced when using do though our dashboard):
    https://safeharbour.io/help/pages/tag_protection.html