Version management
This feature allows you to systematically manage the history of multiple versions created whenever a secret value changes. You can track change history for auditing purposes or check values used at a specific point in time.
A newly created version is automatically set as the default version of the secret. Therefore, when an application requests a secret value without specifying a version, the default version is always returned.
View versions
-
Go to KakaoCloud Console > Security > Secrets Manager.
-
Select the Secrets menu to view the following items:
Item Description Version An object that stores the actual value of the secret at a specific point in time. A new version is generated each time the secret value is updated. This allows you to track change history or reuse values from a specific version when creating a new one. Status Indicates the current availability of the secret version. Displayed as Active, Deactivated, or Destroyed. KMS key name The name of the KMS key used by the secret version. User-defined for easier identification. KMS key ID The unique ID of the KMS key used by the secret version, assigned by the system. Created at The date and time when the secret version was first created.
Create version
You can create a new version of a secret by entering a new value.
- Go to KakaoCloud Console > Security > Secrets Manager.
- In the Secrets menu, select the secret. When selected, the [Create Version] button at the top right becomes active. Click it, or choose More > Create Version from the secret row.
- If you are on the detail page of the resource, you can perform this action from the action group menu in the header area.
- In the Create Version modal, enter the secret value and click [Create].
Duplicate and create version
You can create a new version by reusing the value from an existing version.
- Go to KakaoCloud Console > Security > Secrets Manager.
- In the Secrets menu, click the name of the secret for which you want to create a new version.
- On the secret detail page, click the Versions tab.
- Select a version and click [Duplicate/Create version] at the top of the list, or choose More > Duplicate/Create version from the version row.
- In the modal, edit the secret value if necessary, then click [Create].
Change version state
You can change the state of a secret version to control its usage. For example, you can temporarily deactivate a version or destroy versions that are no longer needed.
Deactivate
A secret in Active state can be deactivated. A deactivated version can later be restored to Active.
- Go to KakaoCloud Console > Security > Secrets Manager.
- In the Secrets menu, click the name of the secret.
- On the secret detail page, click the Versions tab.
- Select a version and click [Deactivate] at the top, or choose More > Deactivate from the version row.
- If the version is Active, the [Deactivate] option is enabled. If it is Deactivated, the [Activate] option is enabled.
- In the Deactivate modal, click [Deactivate].
- To restore it, select the deactivated version and click [Activate] at the top, or choose More > Activate from the version row.
- In the Activate modal, click [Activate].
Destroy
Versions that are no longer needed and must be permanently removed can be destroyed.
To provide flexibility, Secrets Manager offers both scheduled destruction with a grace period and immediate destruction for urgent cases.
- Once a version is destroyed, it cannot be recovered by any means. Its value cannot be retrieved or used for decryption.
- Before destroying a version, make sure no important data is encrypted with it.
- Go to KakaoCloud Console > Security > Secrets Manager.
- In the Secrets menu, click the name of the secret.
- On the secret detail page, click the Versions tab.
- Select a version and click [Reserve destruction] at the top, or choose More > Reserve destruction from the version row.
- If the secret value has been exposed or a critical security issue is found, you can also destroy it immediately.
- In the Reserve destruction modal, configure the grace period, review the warnings, and click [Destroy].
- To cancel a scheduled destruction within the grace period, select the scheduled version and click [Cancel destruction reservation] at the top, or choose More > Cancel destruction reservation from the version row. The version will then be restored to Deactivated state.