Hello,

Having preconfigured system image, containing some sensitive data, I would like to upload it from Spaces without making it publicly available, even for a moment. I found out that it is possible from this tutorial:
https://www.digitalocean.com/community/tutorials/how-to-create-an-image-of-your-linux-environment-and-launch-it-on-digitalocean#step-3-%E2%80%94-uploading-image-to-spaces-and-custom-images
However, there are no details on how to do that in that tutorial, just mentioned that it may be done with DO API. So, I started exploring both DO API and AWS S3 API because DO Spaces API is interoperable with AWS S3 API. After having some tests done I figured out that the way to achieve my goal is using presigned links. Presigned link gives a time-limited access to private file in DO Spaces. I created such link using boto3, an AWS SDK for Python, and did some tests with it. Unfortunately, I was not able to upload a custom image from Spaces using created presigned link. Every time when I tried to use it I got a response:

Output
{"id":"bad_request","message":"Your source URL is unreachable"}

I did the same test with Spaces file permissions changed for public. It did not help at all. Then, I tried to use this link to import a custom image via URL with DO control panel form but it ended with an error as well. I got a message:

Output
The URL you have entered ends in an extension that we do not support. We only accept image files that end in gz, bz2, vmdk, vhdx, qcow, qcow2, vdi, raw, img, xz. (.zip is not supported).

I want to emphasize that the same presigned link worked perfectly when it was entered in internet browser’s address bar.

Concluding, I believe there is a bug in DO API, in the code checking file type in entered URL. It works well when URL ends with the file extension but my presigned link looked like:

https://ams3.digitaloceanspaces.com/mlb123/ci-ubuntu-20-04.gz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=3600&X-Amz-Credential=C0V33DN33N3T33NY2020%2F20201009%2Fams3%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Date=20201009T071649Z&X-Amz-Signature=aaabbbcccdddeeeaaabbbcccdddeee0000111122223333444455556666777788

However, more important thing for me is to find another way to upload custom image from Spaces without making it publicly available. Does anybody know another way to get it ?

edited by AHA
Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!