Use the DC/OS Enterprise Secret Store to secure sensitive information like database passwords, API tokens, and private keys. Storing secrets in secret paths allows you to restrict which services can retrieve the value.
Authorized Marathon services can retrieve the secrets at deployment and store their values under environment variables.
You can also find information about secrets in the Permissions Reference section.
Reinitializing the Secret Store with a custom GPG keypair
Using a custom GPG pair to reinitialize the Secret Store…Read More
Creating secrets with a key-value pair or file…Read More
Configuring services and pods to use secrets
Your service definition can reference secrets as environment variables or as a file.…Read More
Sealing the Secret Store
Manually sealing the Secret Store…Read More
Unsealing the Secret Store
Understanding how to unseal the Secret Store…Read More
Understanding the Secrets API…Read More