20665: Provides examples on how to securely handle the secrets file.

[arvados.git] / doc / install / salt-single-host.html.textile.liquid

diff --git a/doc/install/salt-single-host.html.textile.liquid b/doc/install/salt-single-host.html.textile.liquid
index ec97be4858043ed9b9766e75409c388c65e86062..82a1137bc95e3b5dd68e0c78385454496f9d46fd 100644 (file)
--- a/doc/install/salt-single-host.html.textile.liquid
+++ b/doc/install/salt-single-host.html.textile.liquid
@@ -108,7 +108,7 @@ h2(#localparams). Edit @local.params*@ files
 
 The cluster configuration parameters are included in two files: @local.params@ and @local.params.secrets@. These files can be found wherever you choose to initialize the installation files (e.g., @~/setup-arvados-xarv1@ in these examples).
 
-The @local.params.secrets@ file is intended to store security-sensitive data such as passwords, private keys, tokens, etc. Depending on the security requirements of the cluster deployment, this file may need to be handled differently from the others.
+The @local.params.secrets@ file is intended to store security-sensitive data such as passwords, private keys, tokens, etc. Depending on the security requirements of the cluster deployment, you may wish to store this file in a secrets store like AWS secrets manager or Jenkins credentials.
 
 h3. Parameters from @local.params@: