SnapShooters DigitalOcean Data Processing

Last updated: May 14th, 2020

The document aims to provide customers with an overview of how SnapShooter uses the Digitalocean API to take and manage snapshots. It will clarify what we do and don't do.

Authentication

We use DigitalOcean OAuth API to authenticate a Digitalocean account with SnapShooter. Details on the API are available here.

We store Auth tokens against your account. As you can have multiple DigitalOcean accounts connected, we can have multiple sets of credentials stored.

We encrypt the token secret and refresh tokens. Digitalocean tokens have a 30-day life before expiring, and we rotate them automaily before they expire.

We store the following details about your DigitalOcean account.

  • Token (encrypted)
  • Refresh Token (encrypted)
  • The email address associated with that account

While debugging connection issues with DigitalOcean, we call the Accounts endpoint (https://developers.digitalocean.com/documentation/v2/#account) to retrieve the status message. The API returns a code of active, warning or locked as well as a personal readable message. We do not store this information in a database.

Droplet API

We use the Digitalocean droplet endpoints to retrieve a list of all the droplets in your account. We refresh this list every 24h or when you log in or when you manually request an account rescan. We do hold necessary data on droplets we are not actively backing up.

We store the following data on droplets.

  • ID (used to uniquely identity when requesting data)
  • Name
  • Size
  • Location/Region
  • Public IP Address
  • Backups activated (if the customer has DigitalOcean weekly backups on or off)

We store all of the following data so we can present users with a list of there droplets in their SnapShooter accounts as well as if backup activation is enabled to help debug an issue.

Volume API

We use the Digitalocean droplet endpoints to retrieve a list of all the volumes in your account. We refresh this list every 24h or when you log in or when you manually request an account rescan. We do hold necessary data on Volumes we are not actively backing up.

We store the following data on droplets.

  • ID (used to uniquely identity when requesting data)
  • Name
  • Size
  • Location/Region

We store all of the following data so we can present users with a list of there volumes in their SnapShooter accounts.

Creating SnapShot Processes

Droplets

https://developers.digitalocean.com/documentation/v2/#snapshot-a-droplet

We use the Droplet SnapShot endpoint to request DigitalOcean to take a Snapshot of your Droplet. We store the Action ID this returns to us in our database, we use this in the future to retrieve the status of the backup. DigitalOcean droplet snapshots take time to process.

We store the following data

  • Action ID (used to check state)

Actions

https://developers.digitalocean.com/documentation/v2/#retrieve-an-existing-action

We use the retrieve an existing action endpoint with the Action as mentioned above ID to check the status of a snapshot. The endpoint returns the current state of a backup. We use smart retrying to check this endpoint until we see the state of the action change to complete.

Transfers

https://developers.digitalocean.com/documentation/v2/#transfer-an-image

Some customers wish for their snapshots to be copied to a second region; we use the transfer image endpoint. In the same way as Droplet backups, we record an Action Id and pool the Action API to check when completed.

Listing

https://developers.digitalocean.com/documentation/v2/#list-snapshots-for-a-droplet

When a Droplet Snapshot finishes, we check the Droplet for the Snapshot. We do not record or store data about snapshots SnapShooter did not take.

We store the following data

  • Id
  • Size
  • Name
  • Region
  • Completed At Time

Volumes

https://developers.digitalocean.com/documentation/v2/#create-snapshot-from-a-volume

DigitalOcean volume snapshots are an instant point in time images. We store the following data

  • Id
  • Name
  • Region
  • Created at time
  • size

Listing

https://developers.digitalocean.com/documentation/v2/#list-snapshots-for-a-volume

We use the listing volume snapshots endpoint to retrieve a list of SnapShots.

We use this list to check our records match what is expected, and we do not record or store snapshots not taken by SnapShooter.

Deleting SnapShot

https://developers.digitalocean.com/documentation/v2/#delete-a-snapshot

Once a SnapShot is destroyed, we record that the image has been removed, we also verify this by making a list snapshots request.

Audit

We keep an audit log of all requests made to DigitalOcean through our API client, and we keep the request URL and HTTP method (POST, GET, DELETE). We store the response headers only, and we omitted the body of the response. The reason we keep this is to help to debug issues with DigitalOcean Support.

DigitalOcean Support

From time to time we have to communicate with DigitalOcean support about issues in the API, SnapShooter has an excellent working relationship with DigitalOcean, and during a support ticket the ids of droplets, volumes, actions and snapshots along with there their state are exchanged directly with DigitalOcean support. We also share records from our Audit log with HTTP requests and responses and times.

Access Limits

While DigitalOcean does not provide a way to limit the access on an OAuth token we do not use your tokens to make any other API requests against your account other than the ones on this page.