This is not explicitly Ansible related (we’ll be making a code change because of it) but is worth sharing as I know there are a lot of Digital Ocean users out there who may have not seen this report:
https://digitalocean.com/blog_posts/transparency-regarding-data-security
It turns out digital ocean has not been erasing past customer disk space before giving customers new virtual instances, which makes passing an optional “scrub” flag on deletion important – something we weren’t aware Digital Ocean was not doing on machine creation and did not have as part of our community module (like fog).
Here they are wrongly placing blame on various client libraries for not passing a flag that should have a sensible default in the API, but that’s beside the point – scratch space has not been cleaned up on machine creation in the past, and regardless of provider, your data with this particular cloud provider is not safe.
Note: we do not host any of our infrastructure on Digital Ocean and I’m seriously considering whether we keep modules in core for this. Here was a past issue: https://www.digitalocean.com/blog_posts/avoid-duplicate-ssh-host-keys