Manage Secrets

You can manage Secrets just as you would any other configuration.

tip

Codiac has read-only access to your existing Secrets and Secret stores. It cannot create, edit, or remove Secret values or the Secret store itself. See your cloud service provider for instructions on creating and managing Secrets and Secret stores.

info

Secrets are only stored in your running node, where they are protected with encryption at rest.

Prerequisites

Basic Codiac Prerequisites
A Secret Store set up with your cloud service provider and added to your Codiac account.
A Secret saved in your external Secret Store.

Add

Use codiac config set with the #REF| syntax to add or edit a Secret:

codiac config set #REF|PROVIDER_VALUES

Replace PROVIDER_VALUES with the values required by your cloud service provider:

AWS: #REF|awsKeyVault|SECRET_STORE_NAME|aws|AWS_ACCOUNT_ID|REGION|SECRET_NAME
Azure: #REF|azKeyVault|SECRET_STORE_NAME|SECRET_NAME

For example, the command to apply a Secret named locker-combo from an AWS Key Vault named our-dev-secrets in us-west-1 is:

codiac config set #REF|awsKeyVault|our-dev-secrets|aws|123456789|us-west-1|locker-combo

The command to apply a Secret named locker-combo from an Azure Key Vault named our-dev-secrets is:

codiac config set #REF|azKeyVault|our-dev-secrets|locker-combo

Prerequisites​

Add​

Prerequisites

Add