DigitalOcean

Report this

What is the reason for this report?
Question

How to disable email notifications when deploying droplets via IaC (Terraform)

Posted on October 26, 2024
Terraform
Droplets
Mrugesh Mohapatra

By Mrugesh Mohapatra

I am trying to deploy a fairly good number of droplets (dozens at a time) via IaC (Terraform) and I see that I am getting root user credentials in emails.

How do I disable this completely? I do not need it.

Your new Droplet is all set to go! You can access it using the following credentials:

Droplet Name: xxxxxxxxxx
IP Address: xxx.xxx.xxx.xxx
Username: root
Password: xxxxxxx

For security reasons, you will be required to change this Droplet’s root password when you login. You should choose a strong password that will be easy for you to remember, but hard for a computer to guess. You might try creating an alpha-numerical phrase from a memorable sentence (e.g. “I won my first spelling bee at age 7,” might become “Iwm#1sbaa7”). Random strings of common words, such as “Mousetrap Sandwich Hospital Anecdote,” tend to work well, too.

As an added security measure, we also strongly recommend adding an SSH key to your account. You can do that here: [REDACTED]

Once added, you can select your SSH key and use it when creating future Droplets. This eliminates the need for root passwords altogether, and makes your Droplets much less vulnerable to attack.

Happy Coding,
Team DigitalOcean


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Bobby Iliev
Bobby Iliev
October 27, 2024

Accepted Answer

Hi there,

To disable these email notifications with root credentials when deploying DigitalOcean Droplets via Terraform, you can use SSH keys instead of passwords for authentication.

Basically, by setting an SSH key for each Droplet, DigitalOcean will no longer send these initial setup emails with root credentials, as no password will be generated.

Here’s how to do it:

  1. Use the ssh_keys parameter to reference an SSH key. You can retrieve an existing SSH key by using the digitalocean_ssh_key data source.

    data "digitalocean_ssh_key" "example" {
  name = "example" # Replace with the actual name of your SSH key
}

resource "digitalocean_droplet" "web" {
  name   = "example-droplet"
  region = "nyc3"
  size   = "s-1vcpu-1gb"
  image  = "ubuntu-20-04-x64"
  
  ssh_keys = [data.digitalocean_ssh_key.example.id] # Adds the SSH key to the Droplet
}

  2. With this configuration your Droplet is created with the specified SSH key, bypassing password-based login, which stops the automatic email containing root login credentials.

You can find more about SSH keys with DigitalOcean’s Terraform Provider here in the documentation.

Let me know if you have any questions!

- Bobby

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.