Overview:
Secrets Manager is a unified solution that enables secure management and access to sensitive information such as API keys, passwords, certificates, and other confidential data. It acts like a secure vault where these secrets are stored.
Its primary purpose is to address the challenge developers face, especially those working in teams or on multiplayer games, or connecting to services, where servers might require special access that clients should not have.
The service helps prevent sensitive tokens from being shipped with the game or exposed in source control systems like Git, which could leak due to human error or malicious intent.
Features:
Key features and benefits of Unity's Secret Manager include:
- Centralized management: All secrets can be stored in a single, secure location and accessed where needed across various Unity services.
- Role-based access control: Access to secrets is managed through assigned roles, ensuring that only authorized users within your organization can manage these secrets.
- Service-scoped access: You can control which specific Unity services are permitted to access your secrets, preventing unauthorized data access.
- Secret inheritance: Secrets can be inherited from higher organizational levels (organization, project, and environment), which helps reduce duplication and promotes consistency across projects and environments.
- Secret overrides: The ability to override secrets at different levels (project and environment) allows for environment-specific values, providing flexibility for various development stages. An override takes precedence over a secret at a higher level.
How it works:
The Secrets Manager operates as an internal solution within Unity services and does not provide public APIs for direct client access. Instead, secrets are accessed securely through specific integrations, such as Cloud Code.
For an integration to retrieve a secret, access must be explicitly granted to that secret.
Secrets are organized in a hierarchy that mirrors Unity Cloud projects: organization, project, and environment levels. Secrets at lower levels inherit from higher levels.
Management operations like adding, overriding, editing, and deleting secrets are performed via the Unity Dashboard.
- When a secret is added, it is stored at the level where it was created, and lower levels inherit it.
- You cannot view a secret's value after it is created, but you can edit it to change it.
-
Deleting a secret used by a service may cause the service to malfunction or stop working. If an override is deleted, the secret reverts to the value stored at the level above it.
Resources:
The Unity Documentation portal provides extensive guidance for the Secret Manager service:
-
Tutorials:
- Store secrets using the Unity Cloud Dashboard: This is a step-by-step guide to adding and managing secrets at the organization, project, and environment levels. It also covers overriding secrets and editing/deleting secrets.
-
Reference: Consult detailed reference materials for advanced usage
Further Assistance:
If you require additional help or wish to report a bug or suggest a feature, please consider the following resources:
- Use the Help Icon in your Unity Dashboard Toolbar to access direct links to additional resources, including System Status and Unity Learn Tutorials.
- Engage with the vibrant Unity Community Discussion Forum for peer support and discussions regarding Unity development.