Understanding the Secret Store

The DC/OS Enterprise Secret Store is a place to secure sensitive information like database passwords, API tokens, and private keys. Storing secrets in secret paths allows you to restrict which services can retrieve the value.

Authorized Marathon services can retrieve the secrets at deployment and store their values under environment variables. In addition, the Secrets API allows you to seal and unseal the Secret Store.

Find more information about secrets in the Permissions Reference section.