20665: Provides examples on how to securely handle the secrets file.

[arvados.git] / doc / install / salt-multi-host.html.textile.liquid

diff --git a/doc/install/salt-multi-host.html.textile.liquid b/doc/install/salt-multi-host.html.textile.liquid
index b0a3213d256cba5b841bb09815077f1fff217f6f..7403dacc2b87980196ab9a66eb300180fe230f42 100644 (file)
--- a/doc/install/salt-multi-host.html.textile.liquid
+++ b/doc/install/salt-multi-host.html.textile.liquid
@@ -263,7 +263,7 @@ h2(#localparams). Edit @local.params*@ files
 
 The cluster configuration parameters are included in two files: @local.params@ and @local.params.secrets@. These files can be found wherever you choose to initialize the installation files (e.g., @~/setup-arvados-xarv1@ in these examples).
 
-The @local.params.secrets@ file is intended to store security-sensitive data such as passwords, private keys, tokens, etc. Depending on the security requirements of the cluster deployment, this file may need to be handled differently from the others.
+The @local.params.secrets@ file is intended to store security-sensitive data such as passwords, private keys, tokens, etc. Depending on the security requirements of the cluster deployment, you may wish to store this file in a secrets store like AWS secrets manager or Jenkins credentials.
 
 h3. Parameters from @local.params@: