For setting and managing secrets for eg. service endpoints, databases, message brokers, etc. balenaCloud does not support a secret storage and transmission of environment variables. These secrets should be obfuscated in the balenaCloud dashboard, transmitted encrypted to the device and decrypted and only loaded to the service at runtime.
This would be really good to have. A secret storage similar to what is available at Github repos would be great.
Something like Airflow that finds e.g. secret in env name and hides its value from display