I just filed jiras 1486,1487,1488 to create secure vault, gbean-permissions and externalize secrets out of deployment plans. Secret is saved in the vault. Permission is granted to the gbean to read an alias in the vault. Secure vault is referenced by the gbean in the deployment plan. Deployment plan grants permission to the gbean to read an entry in the vault. This will extend deployment plan syntax to allow granting of permissions to gbeans.
Simon
