Sensitive Data

Sensitive data includes passwords, API keys, tokens, and other confidential information that requires protection from unauthorized access or exposure. Mission Control provides comprehensive protection for sensitive data throughout the entire playbook lifecycle.

Secret Parameters

Use secret type parameters to handle sensitive data in playbooks:

parameters:
  - name: database_password
    type: secret
    label: "Database Password"
    description: "Password for database connection"
    required: true

KMS Connection

info

Your Mission Control instance must have a KMS connection configured to use secret parameters.

Configure this using the --secret-keeper-connection flag:

mission-control serve --secret-keeper-connection "connection://default/my-kms-key"

or in the helm chart:

kmsConnection: "connection://default/my-kms-key"

Supported connection types:

AWS KMS
Azure Key Vault
GCP KMS

Secret Parameters​

KMS Connection​

Secret Parameters

KMS Connection