docs: explain how to display secrets (#3443)

coder · Aug 9, 2022 · 88c9f31 · 88c9f31
1 parent fd59e2e
commit 88c9f31
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 0 deletions.
diff --git a/docs/images/secret-metadata-ui.png b/docs/images/secret-metadata-ui.png
diff --git a/docs/secrets.md b/docs/secrets.md
@@ -55,6 +55,32 @@ A catch-all variation of this approach is dynamically provisioning a cloud servi
 for each workspace and then making the relevant secrets available via the cloud's secret management
 system.
 
+## Displaying Secrets
+
+While you can inject secrets into the workspace via environment variables, you
+can also show them in the Workspace UI with [`coder_metadata`](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/metadata).
+
+![secret UI](./images/secret-metadata-ui.png)
+
+Can be produced with
+
+```hcl
+resource "twilio_iam_api_key" "api_key" {
+  account_sid   = "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+  friendly_name = "Test API Key"
+}
+
+
+resource "coder_metadata" "twilio_key" {
+  resource_id = twilio_iam_api_key.api_key.id
+  item {
+    key = "secret"
+    value = twilio_iam_api_key.api_key.secret
+    sensitive = true
+  }
+}
+```
+
 ## Coder SSH Key
 
 Coder automatically inserts an account-wide SSH key into each workspace. In MacOS