►
From YouTube: Deep Dive on Secrets Management category vision
Description
Jason and Corrina discuss the product vision for the upcoming Secrets Management category of the Release stage: https://about.gitlab.com/direction/release/secrets_management/
B
A
B
B
Here
are
secrets
like
things
that
are
used
for
deploying
they
can
be
stored
per
environment,
and
you
have
a
lot
of
flexibility
here.
It's
great
that
these
are
stored
in
get
lab
and
they
are
secured
to
store.
They
are
stored
securely
in
get
lab,
but
there's
a
tool
out
there
happy
core
vault,
which
is
an
open
source
tool
with
an
enterprise
edition,
noticing
thing
is
get
load
and
it
can
store
those
secrets
for
you
and
a
lot
and
more
and
more
companies
are
using
vault
and
they
have
a
vault
instance
already,
and
they
want
to.
B
Secrets
that
get
lab
CICE
eases
inside
of
their
vault
instead
of
gonna
get
loud,
so
they
have
one
less
place
to
worry
about
where
the
secrets
are
start.
That's
kind
of
the
element
that
we
came
into
secretly
management
with,
but
you
can
imagine
there's
more
that
we
can
do
here.
One
is
allowing
it
not
to
be
an
interface
default
so
that
secrets
that
are
associated
with
a
project
you
can
manage,
while
you're
still
in
get
lab
and
use,
get
lab
to
to.
A
B
Actually,
storing
and
get
labs
Oni
secrets
inside
of
that
vault
that's
available
out
there,
and
in
doing
so
we
make
it
live
even
more
secure,
even
though
get
lab
is
is
already
secure.
It
has
its
own
features,
just
getting
it
out
of
the
system,
just
as
that
one
more
layer
of
security
in
it
to
something.
That's
really
well
trusted
out
there
in
the
market.
B
So
we
have
some
different
ideas
here
about
what
we
want
to
do
and
I
apologize
that
I'm
just
going
to
be
quickly
scanning
through
sections
as
I
talk
about
it.
So
I
may
pause
for
a
minute
speaking,
but
well
I'm
going
to
jump
it
first
into
you
what's
next
in
Y,
so
the
verify
team,
as
it
says
here,
is
delivering
that
feature
where
secrets
for
the
CI
CD
pipeline
are
going
to
be
able
to
be
stored
in
a
vault
anymore,
whether
it's
one
that
we
provide
or
it's
one
that
the
customer
already
has.
We.
B
Which
is
kind
of
the
default
installation
package
for
gitlab
there's
going
to
be
a
vault
instance
available
and
that
unlocks
s
to
do
those
other
later
features
that
I
was
talking
about
like
having
gitlab,
be
an
interface
to
vault
and
also
having
gitlab
store
its
own
secrets
in
the
external
wall.
Okay,.
A
So
question
so
the
idea,
so
the
idea
is,
is
that
for
the
user
journey
we're
looking
at,
you
know
a
you,
can
bring
your
own
or
B.
We
we
can
provide
you.
This
is
a
default
okay
and
then
you
said
that
they
would
bring
it
in
through
their
kubernetes
cluster,
their
own
and
and
then
the
omnibus
packages
before
we
would
supply
the
default
that
correct
yeah.
B
A
B
A
B
A
B
B
Vision
for
this,
which
is
still
early
and
still
being
you
know,
to
find
a
bit
is
that
we
would
have
vault
backed
keys
here
that
you
could
choose
like.
This
is
a
key.
That's
actually
involved,
and
maybe
one
thing
that
I'm
missing
is
the
way
that
this
works
on
the
back
end
is
that
gitlab
will
have
a
key
that
it
can
use
to
when
it
talks
to
vault,
to
request
an
actual
temporary
key.
B
That
will
work
for
the
environment
that
it's
going
to
deploy
to
you
so
get
web,
never
has
a
permanent
key
that
will
last
forever,
like
the
key
that
I
have
here.
For
my
little
test
project
are
the
real
permanent
keys
that
are
the
final
version.
If
I
wanted
this
to
work
with
fault,
I
would
take
those
put
them
involved
and
then
I
would
set
up
a
key
inside
of
this
project
so
that
it
can
ask
a
ball
for
a
temporary
key,
that
it
can
then
use
to
deploy
it
to
production.
B
A
B
A
A
B
B
A
All
right
and
then
when
we
introduced
this
type
of
new
feature,
you
know
just
something
like
this:
where
we're
adding
a
new
op,
you
know
a
new
opportunity
that
has
like
to
point
like
this
Retin
saying
and
install
and
bolt:
how
do
we?
How
do
we
work
through
that
sort
of
advertisement
and
understanding
that
new
functionality
is
there
when,
like
I'm
sitting
on
this
screen,
is
there
do
you?
Do
your
tooltips
for
a
certain
time
frame
or
Rd.
B
B
A
B
The
blog
post-
and
so
maybe
we
would
say
something
here
like
it's-
also
possible
to
to
use
this
these
variables
back
by
default,
if
you're
interested
in
solving
that
we
can
do
it
directly,
kubernetes
and
so
on,
whatever
the
yeah.
But
this
is
a
feature.
That's
actually
really
popular
and
you've
got
a
lot
of
customers
who
are
really
interested
in
adding
this.
So.
A
Okay
question
so
adding
that
piece
like
thinking
about
that
as
the
potential
visual
for
that
and
the
functionality
is
there
any
other
things
that
we
would
put
in
the
future
want
to
put
in
that
variables
area
that
might
clutter
the
space
or
add
more
complexity
of
that
area
that
you
could
think
of?
Well.
B
I
think
that
we
could
probably
use
a
bit
of
thinking
about
this
in
general.
We've
recently
added
this
mass
column,
and
sometimes
it
doesn't
make
sense
for
it
to
be
here
based
on
the
context,
so
I
guess
the
answer.
Your
question
directly
I
don't
see
off
the
top
of
my
head
and
order
of
magnitude
of
complexity
being
added
based
on
this
new
type.
If
it
ever
even
potentially
be
a
type
of
variable,
it
could
be
one
called
fault
back.
That
might
be
a
simplified
way
to
do
it,
but.
B
Here,
which
could
potentially
be
improved,
so
there
are
definitely
improvements
in
simplifications
that
we
can
do
to
this
interface.
That's
it
sort
of
ended
up
is
like
an
excel
sheet,
I
think,
but
it
is
serviceable
for
now
and
I.
Don't
think
that
immediately
adding
wealth
is
going
to
push
it
over
the
edge.
In
my
personal
opinion,
okay.
A
A
B
A
B
B
Target
audience
is
going
to
be
primarily
so
developers
are
going
to
be
interacting
with
that
interface
that
we
just
saw
and
that's
their
an
important
view
there,
of
course,
but
the
primary
user.
This
is
going
to
be
security
teams
who
are
rolling
out
some
policies
at
their
organization.
That's
about.
If
you
have
a
secret
key,
it
needs
to
be
stored
involved,
and
so
they
will
be
thinking
a
bit
about
this
in
terms
of
kind
of
broad
usage
across
the
product.
B
A
B
A
B
B
B
B
A
B
A
B
A
B
On
Amazon,
so
if
there's,
they
offer
both
software
keys,
key
management
and
a
hardware
based
key
management,
so
those
are
other
potential
backends
that
we
could
support.
The
nice
thing
about
vault
is
that
it
can
be
installed
anywhere.
So
it's
kind
of
the
multi
cloud
solution
that
say
use
whether
you're
with
Google
or
whatever,
but
some
companies
will
be
all
in
for
Amazon
and
you
want
to
use
their
their
solution
or
Google.
So
we
will
probably
want
to
build
things
in
a
way
that
vault
could
be
replaced
and
instead
of
backing.
A
B
A
B
Other
interesting
element
in
the
competitive
landscape
is
that
vault
offers
an
enterprise
product
as
well,
and
it
does
more
things
so,
just
like
there's
a
free
version
of
gitlab
out
there
that
somebody
could
have
bundled
with
their
product
there's
also
an
enterprise
version
out
there.
The
vault
enterprise
version
has
a
few
things
that
are
that
are
noted
here.
That
may
be
interesting
to
different
customers.
B
The
ones
who
are
using
this
are
probably
going
to
be
the
kinds
of
customers
we
were
talking
about
earlier,
where
they
come
with
their
own
vault,
and
they
just
want
the
point
gitlab
at
it,
and
it
will
have
these
features,
but
some
of
them
may
require
us
to
do
something
different
to
take
advantage
of
some
of
them.
I
think
will
probably
come
for
free,
like
if
they're,
using
the
hardware
security
modules
to
back
their
vault
instance,
then
I
think
just
us
storing
our
stuff
in
there
probably
just
takes
advantage
of
that,
but
namespaces.
B
Different
ones
of
these
features
may
be
more
important
to
some
users,
and
we
will
be
talking
to
them
and
ask
you
know
if
you're,
using
both
enterprise,
you
know
what
what
why
did
you
buy
both
enterprise?
What
were
the
features
that
made
it
different
from
the
meaning
to
think
about?
How
do
we
make
sure
that
we're
not
you
know
missing.
B
B
B
These
first
features
out
it's
a
sign
of
a
new
category
is
a
lot
of
the
features
will
be
like
a
lot
of
these
sections.
We,
like
the
top
user
issue,
is
deliver
the
MVC,
the
top
customer
success.
She
was
deliver
the
MVC
and
so
on,
but
we
have
had
some
customer
conversations
around
internal
customer
conversations
and
these
so
far
have
been
around
moving
our
own
secrets
into
into
a
vault.
So
there's
some
interesting
issues
here
that
are
about
how
we
can
do
that
and
how
we
can
get
those
things
over.
B
A
B
A
B
A
B
A
A
A
A
B
Was
that
issue
that
we
were
hearing
customers
wanting
to
use
CI
CD
with,
and
so
it
had
this
brainwave
about?
You
know
story
get
labs
own
secrets
and
we
realized
that
there's
actually
a
broader
strategy
here,
an
entire
category
that
we
can
start
to
develop.
The
other
part
of
this
that
we
haven't
touched
on
too
much
is
the
use
case
of
having
just
get
that
be
the
provider
of
vault
so
that
we're
providing
a
secret
management
solution
for
a
company.
So
imagine
you're
a
small
company
and
you're,
not
using
vault.
B
A
B
Section
here
maybe
other
operations,
and
that
says-
and
you
click
on
this-
and
it
takes
you
to
just
a
page
where
you're
managing
secrets
for
your
project
that
may
be
used
by
C
ICD
may
be
used
by
your
running.
Application
may
be
get
labs.
Own
secrets
are
there,
but
it's
just
sort
of
like
a
place
to
manage
secrets
and
it's
accessible
from
11.
It's
a
secret!
That's
why
that's
the
way
that
we're
providing
a
secret
management
solution
right.
A
B
B
Potentially
debatable
I
started
myself
a
little
bit
and
I
was
talking
about
it
earlier
and
I
realized
that
most
companies
gonna
be
using
LDAP
or
something
like
that.
What
a
grant
that
is
the
answer
and
the
so
maybe
maybe
we
don't
need
that.
That's
something
that
we
should
actually
evaluate
and
see
some
other
bit
well.
A
A
B
B
Due
date,
so
called
to12,
HL
4,
4
7,
the
dynamic
secrets.
Mvc
is
the
one
where
we're
essentially
going
to
be
delivering.
You
know
that
management
screening
that
I
was
talking
about
this
one
I
probably
need
to
change
the
title
on
a
bit
to
make
it
more
clear.
These
used
to
be
sequenced
in
the
other
order.
B
B
A
B
It
will
be
there
largely
doing
their
demos
out.
Committee
needs
these
days
anyway,
so
they
can
build
authority
used
our
own
automation
to
install
vault
into
the
kubernetes
cluster
and
or
they
can
even
do
that
as
part
of
the
demo,
which
could
potentially
be
pretty
cool
yeah.
It's
really
important
to
be
thinking
about
those
things
early,
you
know
the
thing
to
be
thinking
about
now
is
how
we're
going
to
be
measuring
adoption
of
these
features,
how
we're
going
to
be
managing
customer
feedback-
and
you
know
who.
B
A
A
A
B
We
do
we
can
make
different
measures,
though,
that
can
do
a
decent
job
like
we
can
measure
the
number
of
instances
that
are
or
groups
or
projects,
depending
on
how
we
do
the
vault
innovation
that
are
integrated
with
a
vault,
and
we
can
measure.
Is
it
one
that
we
installed
or
is
it
the
customers?
One
and.
B
Figure
out
who's
using
what,
instead
of
without
talking
to
actual
customers
and
just
like
sitting
down
with
them
and
watching,
is
it
but
but
we
can't
get
pretty
decent
context
in
terms
of
how
many
people
are
engaging
in
different
kinds
of
behaviors
that
might
be
associated
with
different
personas.
All.
A
Right
and
then
also
and
as
far
as
capabilities
to
understand
when
things
go
south
right.
So
if
there's
a
use
case
that
we
didn't
think
about
and
that
there's
I
mean
obviously
somebody
runs
into
it.
They'll
probably
open
up
an
issue,
but
not
everybody
sits
down
and
writes
an
issue,
sometimes
so
I'm
just
curious.
If
there's
a
if
there's
a
way
that
we
can
capture
when
they're
trying
to
leverage
it
or
use
it
where
they're
getting
stuck.
B
B
B
Be
in
these
really
large
installations,
like
you
know
gigantic
companies
with
tens
of
thousands
of
users,
and
then
we
can
be
pretty
confident.
That's
gonna
work
for
you
know
somebody
who's
got
a
a
few
projects
and
sets
up
the
vault
and
we
install
it
for
them.
It's
it
I
think
we
can
be
pretty
confident
there.
The
actual
technology
of
doing
this
exchanges
is
relatively
straightforward.
It's
not
I
think
it's
less
complex
than
Cooper
knees.
B
If
someone
made
may
get
me
for
making
I
do
think
that
in
this
level
of
integration,
especially
as
we're
starting
and
we're
building
it
up,
it's
not
going
to
be
over
complex
to
start.
It
should,
for
the
most
part,
just
work
as
long
as
github
can
reach
vault
in
vault
has
the
identity
of
get
lab
handshake.
A
B
No
I,
don't
think
I
think
that's
a
great
place
to
start
I.
Think
browsing
through
the
you
know
the
issues
and
in
thinking
about
it
more
deeply.
You'll
come
up
with
more
questions.
I
thought
about
it,
a
decent
amount
that
I,
obviously
you're,
going
to
have
more
time
to
dig
in
and
and
find
things
that
don't
make
sense.
If.
A
You
know
just
one
last
thing,
so
it's
kind
of
going
back
to
that
user
journey,
X
that
you
to
experience
that
user
journey
when
we
work
with
our
UX
or
product
design.
Folks,
do
they
actually
map
a
user
journey
or
anything
like
that
or
like
like
that,
like
hey,
here's,
here's
how
you
enter
like
I
know
that
they
do
like
wireframes
and
things
like
that.
But,
like
today,
do
they
walk
through
the
user
journey
at
all
some.