July 11, 2022 By Shawna Guilianelli
Janet Van
2 min read

Build automated flows that help you safely rotate and delete secrets with IBM Cloud Secrets Manager.

In a previous article, we shared how IBM Cloud Secrets Manager can help you to create private SSL/TLS certificates and manage them centrally in a single location, along with the rest of your application secrets. Today, we’re excited to announce that you can now add locks that can help to prevent modification to secrets that can be disruptive to your applications.

New to Secrets Manager? Check out the documentation to learn more. 

What are secret locks?

By default, the secrets that you manage in Secrets Manager can be modified at any time by an authorized user or application. But, how can you prevent a secret from being accidentally deleted or misconfigured during a rotation? With secret locks, you can build automated workflows that can help you to do the following:

  • Indicate that a secret is in use by one or more applications or services.
  • Prevent secret data from being deleted, even after it expires.
  • Safely delete older versions of a secret after the newest version is deployed.
  • Avoid inadvertent downtime in your applications.

Secret locks help you to map a secret with your client or application. If a secret has a lock attached to it, it is currently being used by your application and cannot be modified or deleted until the lock is removed. 

Ready to get started?

Start by provisioning a Secrets Manager service instance in the IBM Cloud console. Because a dedicated instance is provisioned, it can take a few minutes. While you wait, you can continue to work elsewhere on IBM Cloud, or you might consider learning about best practices for rotating and locking secrets.

If you’re working from an existing instance, go to Secrets > name > Locks to create your first lock:

Questions? Contact us

We’d love to hear from you. To send feedback, you can open a GitHub issue from a link at the bottom of any page in the documentation, open a support ticket

More from Cloud

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters