A secret Cloud Assembly property is a reusable, encrypted value that project users may add to their cloud template designs.

Secure access keys and credentials are typical examples of secret properties. Once created and saved, a secret property value can never be unencrypted or read.

Creating a secret property

  1. Log in to Cloud Assembly with project administrator role privileges.
  2. Go to Infrastructure > Administration > Secrets, and click New Secret.
  3. Select the project.
  4. Enter a unique property name for the secret, without spaces or special characters.

    The name is the visible identifier for the secret.

  5. Enter the secret value.

    When typing, the value is obscured by default, which protects it if the screen is shared.

    If needed, you can click the eye symbol to reveal and verify a value. After it is saved though, a secret value becomes encrypted in the database and can never be re-exposed.

  6. Optionally, enter a longer description of the secret property.
  7. Click Create.
Create a secret

Adding a secret property to a cloud template

Project users may add a secret property as a binding in cloud template code.

Note that starting to type the '${secret. characters reveals a selection list of secrets that have been created for the project.

type: Cloud.Machine
  name: ourvm
  image: mint20
  flavor: small
    authentication: publicPrivateKey
    sshKey: '${secret.ourPublicKey}'
    username: root

To add a secret property to a Terraform configuration, see Using a secret Cloud Assembly property in a Terraform configuration.