Files
superset2/docs/admin_docs
Amin Ghadersohi 531b89ec00 docs(security): add a secrets register and rotation schedule
The production hardening guide documented rotation for SUPERSET_SECRET_KEY but
not for the other security-critical secrets, so operators following the
checklist could leave guest-token/async-query JWT secrets and SMTP/DB
credentials un-rotated after a leak.

Add an "Appendix C: Secrets Register and Rotation Schedule" enumerating all
security-critical secrets with their purpose, leak risk, and rotation cadence,
and reference it from the ongoing-maintenance checklist.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-22 18:01:34 -07:00
..