Credentials and sensitive configuration require different handling across Edition types.
Staging Edition
Secrets stored directly in Application Layer database via plugin settings. Acceptable for single-operator deployments. Not suitable for team environments or CI/CD integration.
Enterprise Edition
SDLC Platform provides:
Variable Groups: Shared secrets across pipelines with access control.
Service Connections: Authenticated access to external services.
Key Vault Integration: For high-security requirements, secrets stored in dedicated vault with pipeline access.
Credentials Inventory
| Credential | Storage Location | Rotation Schedule |
|---|---|---|
| Database password | Hosting Control Panel | On breach only |
| SMTP credentials | SMTP plugin settings | Annual |
| CDN API key | Server-Side Caching settings | Annual |
| SDLC Platform token | Local config / Variable Group | 90 days |