Secret Handling and Encryption Guarantees

Who this is for

Anyone who needs to understand how CloudAIPilot handles sensitive data — cloud API keys, environment variables, SSH keys, and notification credentials.

What you will complete

Understand which data is encrypted, how it is encrypted, who can access it, and what happens if you rotate or delete a secret.

What counts as a "secret" in CloudAIPilot

• Cloud provider credentials — IAM role ARNs, service account keys, client secrets, personal access tokens
• Environment variables — values stored for sites, apps, and servers (not the names, but the values)
• SSH private keys — used by the platform to connect to your servers
• Notification channel credentials — email passwords, Slack webhook URLs, Telegram bot tokens
• AI provider API keys — Anthropic, OpenAI, Google, or Ollama credentials

Encryption at rest

All secrets are encrypted before being stored. The encryption uses strong symmetric encryption. The encryption keys are managed by the platform and are not accessible to individual users, including staff.

What this means in practice:

• If the database were somehow accessed without the encryption keys, secrets would appear as encrypted ciphertext — not readable values.
• Platform staff cannot view your cloud API keys, environment variable values, or SSH private keys in plain text.

Encryption in transit

All communication between your browser and the CloudAIPilot platform uses TLS 1.3. All communication between the platform and your servers uses the encrypted control channel (SSH for operations, PQC-protected channel for the agent). See KB-11-03 for post-quantum protection details.

Post-quantum protection for cloud credentials

Cloud API keys (AWS IAM role, GCP service account, Azure client secret, DigitalOcean token) are stored with an additional layer of post-quantum encryption using ML-KEM-768. This means they remain protected even against future quantum computing attacks.

What the AI can and cannot see

• The AI cannot read secret values. Environment variable values, cloud API keys, notification channel credentials, and SSH keys are never passed to the AI.
• The AI can acknowledge that a secret exists. It can tell you "a DATABASE_URL environment variable is set on this site" but cannot tell you its value.
• This behavior is enforced at the platform level and cannot be changed by any setting.

Secret rotation

Environment variables: Update the value in the site or app environment variables panel. The new value is encrypted and stored. The old value is immediately replaced.

Cloud provider credentials: Go to Cloud Accounts, click the account, and use the Reconnect or Rotate Credentials option. Enter the new credential and save. See KB-01-06.

AI provider API key: Go to Settings → AI Agent → AI Provider, enter the new key, and click Save AI Settings. Click Test Connection to verify.

Notification channel credentials: Edit the channel in Settings → Notification Channels, enter the new value (webhook URL, bot token, etc.), and save. Send a test to verify.

What happens when you delete a secret

When you delete a site, server, cloud account, or notification channel:

• All associated secrets are scheduled for deletion.
• The deletion is permanent. Secrets cannot be recovered after deletion.
• If a grace period is in effect (see KB-11-05), the secrets are deleted when the grace period expires.

Related articles

• KB-11-01: Security model overview for users
• KB-11-03: PQC basics and what is active today
• KB-01-06: Reconnect or rotate credentials safely
• KB-07-14: Privacy and governance fundamentals