Skip to content

Secrets Groups

Added in version 1.2.0

A Secrets Group provides a way to collect and assign a purpose to one or more Secrets. The Secrets Group can then be attached to any object that needs to reference and make use of these Secrets, such as a Git repository needing a username/token to authenticate to a private GitHub repository, or a device using a group of Secrets to drive its NAPALM integration.

When creating or editing a Secrets Group, you can assign any number of defined Secrets to this group, assigning each secret an access type and a secret type that are unique within the context of this group. Some examples of how a Secrets Group might be populated for use by a given feature:

Feature Access Type Secrets Type(s)
Git private repository HTTP(S) Token, possibly also Username
Device NAPALM integration Generic Username, Password, possibly an enable Secret

A Secrets Group is not limited to containing secrets of a single access type either - for example, a plugin that supports both NETCONF and gNMI protocols to interact with a device could be able to make use of a Secrets Group containing distinct secrets for each protocol.