General information about the Secrets Manager product

Last update: March 03 2026

Secret Manager is a single secure service for storing secrets - sensitive data such as logins, application and database passwords, SSH keys, API keys and other sensitive data from Selectel services or external services.

Secrets can be handled in the control panel, via the Secrets Manager API or Terraform.

The product supports: user types and roles, projects.

Records of secrets transactions are kept in audit logs.

Secrets

All sensitive data that you have added to the Secrets Manager is stored in a single repository. Only authorized users have access to the storage.

Secrets are stored in encrypted form (AES 256-GCM). TLS encryption is used in the transmission of extracted data - this provides protection against eavesdropping and data modification.

Sensitive data that is added to the secret manager can be configured to be accessed automatically from applications instead of being stored in the source code.

Multiple versions of a single secret can be stored.

Cost

The service is provided free of charge.