Secret Files
Upload and manage sensitive configuration files like certificates, keys, and credentials within the encrypted vault.
Supported File Types
Any non-executable file up to 25 MB. Common examples:
| File Type | Examples |
|---|---|
| SSL/TLS Certificates | .pem, .crt, .cer, .p12, .pfx |
| Private Keys | .key, .pem |
| Keystores | .jks, .keystore, .p12 |
| Cloud Credentials | credentials.json, serviceAccountKey.json |
| SSH/GPG Keys | id_rsa, id_ed25519, .gpg, .asc |
| Config Files | .yaml, .toml, .xml, .conf |
Executables (.exe, .sh, .bat, .dll, etc.) are rejected.
Uploading a File
- Open the Vault tab and select the target environment.
- Go to the Files section and click Upload File.
- Select a file and optionally add a description.
Files are encrypted in-memory before storage — plaintext never touches disk on the server.
Per-Environment Organization
Files are organized by environment, just like variables. Switch environments in the Vault tab to see each environment’s file list.
Version History
Re-uploading a file with the same name creates a new version rather than overwriting. Open a file’s History tab to browse versions. Click Restore on any version to make it current — previous versions are retained.
Downloading Files
Click a file and then Download. The file is decrypted on the server and streamed over HTTPS.
| Role | Upload | Download | Delete |
|---|---|---|---|
| Owner | Yes | Yes | Yes |
| Editor | Yes | Yes | No |
| Viewer | No | No | No |
Viewers can see file names and metadata but cannot access contents.