How encrypted data is handled
By default, encrypted values appear in all views as *******. Only users with the CDM Secrets [sn_cdm.cdm_secrets] role can view, create, update, and delete encrypted values in config data. The system validates and exports encrypted data appropriately.
Important:
Starting with the Washington DC release, DevOps Config is being prepared for future deprecation. It will be hidden and no longer installed on new instances but will continue to be supported. For details, see the Deprecation Process [KB0867184] article in the Now Support Knowledge Base.
Permissions of users with the CDM Secrets [sn_cdm.cdm_secrets] role
- Encrypted values appear in all views as
*******by default. - Select the View encrypted data menu option to display encrypted values in any view.
- Validate and export a snapshot that includes encrypted data. All exported data is readable by the CI/CD pipeline apps.
- Create, update, delete abilities:
- View an encrypted value.
- Edit an encrypted value.
- While creating a CDI, specify that the value should be encrypted.
- Permanently encrypt a value that is currently not encrypted.
- Permanently decrypt a value that is currently encrypted.
- Delete a CDI that has an encrypted value.
Permissions of all other users
- Encrypted values always appear in all views as
*******. - Request manual validation of snapshots that include encrypted data.
- Delete encrypted values in config data.
- Cannot view, create, or update encrypted values in config data.
- Cannot export a snapshot that includes encrypted data.