The DC/OS Enterprise Secret Store is a place to secure sensitive information like database passwords, API tokens, and private keys. Storing secrets in secret paths allows you to restrict which services can retrieve the value.
Authorized Marathon services can retrieve the secrets at deployment and store their values under environment variables. In addition, the Secrets API allows you to seal and unseal the Secret Store.
Find more information about secrets in the Permissions Reference section.
Creating secrets
ENTERPRISE
Creating secrets with a key-value pair or file
Configuring services and pods
ENTERPRISE
Configuring services and pods to use secrets
Sealing the Secret Store
ENTERPRISE
Manually sealing the Secret Store
Unsealing the Secret Store
ENTERPRISE
Understanding how to unseal the Secret Store
Secrets API
ENTERPRISE
Understanding the Secrets API