R2 per-bucket token

When will R2 per-bucket token be available? It may be on the roadmap or being discussed, but do we have an approximate timeline?

Exactly what I’d like to know as well. I don’t understand how R2 reached GA without this feature. Test/dev/staging servers have access to prod data…


@vlovich Are you able to share an ETA here please?

(And if you’re reading, would really appreciate an answer to Vitali, how does serving directly from R2 via https work right now under the hoo... | Hacker News. Thanks!).

1 Like

I’m looking forward to this feature as well. It’s the only thing stopping me from moving from AWS S3 to Cloudflare R2.

Hello. We’re eager for this feature too. I need to grant access to a specific bucket to a third party and would like to not potentially compromise privacy.

Any updates here? It’s sort of a show-stopper that we can’t have per-bucket tokens for R2. I’m wondering how are people using it in the first place.

How is this not a thing already!

We’ve had this available for a little bit now :slight_smile:


@Walshy Very nice, thanks for the heads up. Indeed, I can now see the ability to specify the buckets per token. Also, the tokens can now be managed only through the R2 token management UI and not the account-level user token UI, which removes the previous inconsistencies.

However, there’s still a pretty major bug left. If you make a token with an expiration or add expiration to an existing token (be it 1 day or 5 years), it’s not possible to then remove this expiration. If you change the expiration to Forever and save, the change does not stick.

This is a pretty substantial bug, and I hope engineering can take a look at fixing it soon.

P.S. I opened a CF support ticket for this https://support.cloudflare.com/hc/en-us/requests/2962205.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.