Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
Comprehensive Cloudflare platform skill covering Workers, D1, R2, KV, AI, Durable Objects, and security.
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
references/secrets-store/README.md
1# Cloudflare Secrets Store23Account-level encrypted secret management for Workers and AI Gateway.45## Overview67**Secrets Store**: Centralized, account-level secrets, reusable across Workers8**Worker Secrets**: Per-Worker secrets (`wrangler secret put`)910### Architecture1112- **Store**: Container (1/account in beta)13- **Secret**: String ≤1024 bytes14- **Scopes**: Permission boundaries controlling access15- `workers`: For Workers runtime access16- `ai-gateway`: For AI Gateway access17- Secrets must have correct scope for binding to work18- **Bindings**: Connect secrets via `env` object1920**Regional Availability**: Global except China Network (unavailable)2122### Access Control2324- **Super Admin**: Full access25- **Admin**: Create/edit/delete secrets, view metadata26- **Deployer**: View metadata + bindings27- **Reporter**: View metadata only2829API Token permissions: `Account Secrets Store Edit/Read`3031### Limits (Beta)3233- 100 secrets/account34- 1 store/account35- 1024 bytes max/secret36- Production secrets count toward limit3738## When to Use3940**Use Secrets Store when:**41- Multiple Workers share same credential42- Centralized management needed43- Compliance requires audit trail44- Team collaboration on secrets4546**Use Worker Secrets when:**47- Secret unique to one Worker48- Simple single-Worker project49- No cross-Worker sharing needed5051## In This Reference5253### Reading Order by Task5455| Task | Start Here | Then Read |56|------|------------|-----------|57| Quick overview | README.md | - |58| First-time setup | README.md → configuration.md | api.md |59| Add secret to Worker | configuration.md | api.md |60| Implement access pattern | api.md | patterns.md |61| Debug errors | gotchas.md | api.md |62| Secret rotation | patterns.md | configuration.md |63| Best practices | gotchas.md | patterns.md |6465### Files6667- [configuration.md](./configuration.md) - Wrangler commands, binding config68- [api.md](./api.md) - Binding API, get/put/delete operations69- [patterns.md](./patterns.md) - Rotation, encryption, access control70- [gotchas.md](./gotchas.md) - Security issues, limits, best practices7172## See Also73- [workers](../workers/) - Worker bindings integration74- [wrangler](../wrangler/) - CLI secret management commands75