Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
© 2022 Yandex.Cloud LLC
Yandex DataSphere
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Project management
      • Creating a project
      • Installing dependencies
      • Managing computing resources
      • Setting up consumption limits for a project
      • Setting up consumption limits for a folder
      • Resizing project storage
      • Changing a name or description
      • Deleting a notebook or project
    • Sharing a notebook
      • Publishing a notebook
      • Exporting a project
    • Working with a notebook
      • Running sample code in a notebook
      • Versioning. Working with checkpoints
      • Clearing the interpreter state
      • Working with Git
    • Managing Docker images
      • Docker image for a project
      • Docker image in a cell
    • Connecting to data sources
      • Connecting to a ClickHouse database
      • Connecting to a PostgreSQL database
      • Connecting to S3 storage
    • Setting up integration with Data Proc
    • Working with confidential data
      • Creating a secret
      • Referencing a secret
      • Editing a secret
      • Copying a secret
      • Destroying a secret
    • Launching distributed training
    • Deploying models
      • Creating a node from a Python code cell
      • Configuring the node environment
      • Queries to nodes
  • Concepts
    • Overview
    • Project
    • List of pre-installed software
    • Available commands
    • #pragma service commands
    • Computing resource configurations
    • Integration with version and data control systems
    • Saving a state
    • Integration with Data Proc
    • Background operations
    • Datasets
    • Private data storage
    • Deploying models
    • Using TensorBoard in Yandex DataSphere
    • Distributed training
    • Cost management
    • Quotas and limits
  • Early access
    • Overview
    • Special background operations
  • Practical guidelines
    • All tutorials
    • Getting started with Yandex DataSphere
    • Voice biometrics
    • Evaluating the quality of STT models
    • Marking up audio files
    • Classification of images in video frames
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • AppTokenService
      • FolderBudgetService
      • NodeService
      • ProjectDataService
      • ProjectService
      • OperationService
    • REST
      • Overview
      • AppToken
        • Overview
        • validate
      • FolderBudget
        • Overview
        • get
        • set
      • Node
        • Overview
        • execute
      • Project
        • Overview
        • create
        • delete
        • execute
        • get
        • getCellOutputs
        • getNotebookMetadata
        • getStateVariables
        • getUnitBalance
        • list
        • open
        • setUnitBalance
        • update
  • Access management
  • Pricing policy
  • Releases
  • Questions and answers
  1. Concepts
  2. Private data storage

Private data storage

Written by
Yandex.Cloud
  • Scope of secrets

DataSphere provides a special tool called Vault for the secure handling of private data (such as keys and passwords). You can find the Vault on the image/svg+xml tab.

A secret is a key-value pair with the value stored in an encrypted format. After you create the secret, you will see *** instead of the value.

Secrets are created in a project and associated with it. You can use secrets as environment variables in a cell.

Tip

The advantage of a vault is that it stores and transmits secrets only in encrypted form. Do not output the value of a secret to the screen or assign it to a regular variable.

Scope of secrets

The scope of a secret defines where the secret will be available. Valid scope values are listed below:

  • project: The secret is only available in its home project.
  • folder: The secret is available to all projects in the project folder.
  • cloud: The secret is available to all projects in the cloud.

You cannot modify a secret created in a different project, but you can modify a copy. A copied secret is separate from the original: you can edit and delete the copy without affecting the original.

You can't create secrets with identical names in the same project. Two secrets with identical names cannot exist in the same scope even if they were created in different projects. If secrets with identical names belonging to different scopes are visible to a project, then the secret with the narrowest scope will be the one available for coding. A secret with folder scope overrides a secret of the same name with cloud scope, and a secret with project scope overrides secrets of the same name with folder and cloud scopes.

See also

  • Creating a secret
  • Referencing a secret
  • Copying a secret
  • Editing a secret
  • Destroying a secret

Was the article helpful?

Language / Region
© 2022 Yandex.Cloud LLC