Have a look at our new Handbook: "Transitioning from Monolith to Microservices"!  Discover →

    4 Nov 2022 · Semaphore News

    Enhancing Security of Secrets: Project Whitelists and Admin-only Edit Permissions

    2 min read

    At Semaphore, we recognize how important it is for organizations to run their CI/CD pipeline in a safe and secure environment. Security is our top priority at Semaphore, and we continue to support developers to build with confidence.

    Today, we’re introducing improved secrets management to Semaphore. With this update, you can restrict access to secrets only to organization admins and define which projects can use a secret.

    Let’s take a closer look at what’s new.

    What are secrets, in the first place?

    In Semaphore, secrets are organization-level objects that contain environment variables and files. They allow you to store sensitive data such as API keys, passwords, certificates, SSH keys and access it in your CI/CD pipelines.

    Secrets can be set up and accessed throughout the whole organization. That means, once you set up a secret, you can then use it in any project and any job in this organization.

    With the latest update, you can now restrict access to secrets management to users with the Admin role in Semaphore. You can also whitelist the projects that have access to a particular secret.

    How does the enhanced secrets management work?

    To set up and manage secrets, navigate to Organization > Settings > Secrets

    Then, choose the secret that you want to edit and click “Edit”. Then scroll down to the part “Security” and whitelist the projects that can have access to this secret.

    For a better overview of how this feature works, please watch this 1-minute video.

    How is this feature helpful?

    With this feature enabled, access to secrets is only limited to users with the Admin role in Semaphore. Moreover, Admins can restrict which projects exactly can use this or that secret.

    This is a major enhancement in the way secrets are managed in Semaphore. It makes using Semaphore and secrets in particular more secure. And top-notch security is what we strive for.

    Currently, limiting access to secrets is in private beta and only available to Enterprise customers. If you’d like to try it out for your organization, please feel free to reach out to us at support@semaphoreci.com. We’ll be happy to help.

    Happy building!

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Writen by:
    Olga Bedrina is a Product Marketing Manager at Semaphore. She's excited about traveling, new technologies, and continuous learning.