Skip to content

docs: add missing CREATE SECRET end-to-end examples #1018

New issue
New issue
Closed
Closed
docs: add missing CREATE SECRET end-to-end examples#1018
Assignees
kwannoelcopilot-swe-agent
Labels
bugSomething isn't workingdocs-agentdocumentationImprovements or additions to documentation
@kwannoel

Description

@kwannoel
kwannoel
opened on Feb 20, 2026

Context

Slack request (2026-02-20): missing CREATE SECRET docs examples.
Marker: docs-eval-1771558446206

Slack thread: (link not provided in transcript)

Related docs/pages:

Problem

Current CREATE SECRET docs cover syntax and baseline examples, but they do not provide enough practical end-to-end SQL examples for common operator workflows.

Gaps called out by context search:

  • No clear rotation flow example showing ALTER SECRET and what users should do for dependent sources/sinks.
  • Limited privilege-management examples for USAGE on secrets (grant/revoke + expected behavior).
  • Missing broader connector-oriented examples that demonstrate how secrets are referenced in realistic source/sink SQL.
  • Missing advanced lifecycle examples (for example, ownership/lifecycle implications and DROP SECRET variants).

This makes secret management harder to discover and increases trial-and-error for users handling credentials securely in production.

Suggested Fix

Add a focused example section (or mini cookbook) under sql-create-secret.mdx and/or manage-secrets.mdx with copy/paste-ready SQL:

  1. Create and use secret in connector DDL
  • CREATE SECRET ...
  • CREATE SOURCE / CREATE SINK reference patterns
  1. Rotate secret safely
  • ALTER SECRET ... AS ...
  • Document expected behavior for dependent objects and recommended operational steps
  1. Privileges and access control
  • GRANT USAGE ON SECRET ...
  • REVOKE USAGE ON SECRET ...
  • Include expected failure mode when USAGE is missing
  1. Lifecycle cleanup
  • DROP SECRET ... patterns, with caveats around dependencies

Acceptance criteria:

  • At least one complete end-to-end flow from create -> use -> rotate -> verify -> cleanup.
  • At least one RBAC flow with explicit grant/revoke and failure behavior.
  • Examples are consistent with both linked docs pages and connector docs terminology.

Metadata

Metadata

Assignees

Labels

bugSomething isn't workingdocs-agentdocumentationImprovements or additions to documentation

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions