Skip to content

Secret definitions

Secret definitions are resources used by the Designer to reference an existing AWS Secrets Manager secret. Secret definitions do not create secrets.

Once a secret definition is created, it can be used in many places throughout the Designer where sensitive information must be given, such as password fields. Secret definitions can be viewed and created in the Secret Definitions tab in the Designer after selecting your project. Not added a project yet? Read Add project.

Adding a secret to the AWS Secrets Manager

  1. Log in to the AWS account that houses your agent.
  2. Browse to the Secrets Manager service.
  3. Ensure you're in the same AWS Region as your agent.
  4. Click Store a new secret.
  5. Click Other type of secret.
  6. Enter a memorable key name and then your secret's value as the value.
  7. Click Next until the secret creation is completed.

Add new secret definition


It is recommended that secret names and secret definition names do not end with a hyphen followed by six characters. To quote the AWS documentation:

Do not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.

  1. From the Your projects menu, select your project.
  2. Navigate to the Secret definitions tab.
  3. Click Add secret definition.
  4. Configure your secret definition.

    Property Description
    Secret definition name A name for the secret definition. Any whitespace added to the start or end of the secret definition name is automatically trimmed.
    Description An optional, referential description for the secret. Max 256 characters.
    Agent Select the agent that will be used by the pipelines that use this secret. This is only required if you have a Hybrid SaaS solution. To learn how to create an agent, read Create an agent.
    Secret Name For a Hybrid SaaS solution only, select a named entry created in AWS Secrets Manager.
    Secret Key For a Hybrid SaaS solution only, select a named secret key tied to your secret name.
    Use multi-line text input? For a Matillion Full SaaS solution only, toggle "Yes" to enable multi-line text input for secret values that require multi-line input. For example, certificates and SSH keys.
    Secret value For a Matillion Full SaaS solution only, give a secret value in the field provided.
  5. Click Create secret.


  • You can sort the Secret definitions menu by name or description.
  • Once you've created a secret definition, click the more button ... next to your secret and click View secret details if required.

Delete secret definition

  1. Enter the Secret definitions tab.
  2. Click the more button ... on the corresponding row of a secret definition you want to delete.
  3. Click Delete secret.
  4. Click Yes, delete to confirm deletion. Otherwise, click Cancel.