Modal logo
IntroductionCustom container images Defining ImagesPrivate registriesFast pull from registryGPUs and other resources GPU accelerationUsing CUDA on ModalReserving CPU and memoryScaling out Scaling outDicts and queuesJob processingInput concurrencyDynamic batching (beta)Scheduling and cron jobsDeployment Apps, Stubs, and entrypointsManaging deploymentsInvoking deployed functionsContinuous deploymentSecrets and environment variables SecretsEnvironment variablesWeb endpoints Web endpointsStreaming endpointsWeb endpoint URLsRequest timeoutsWebhook tokens (beta)Networking Tunnels (beta)Proxies (beta)Cluster networkingData sharing and storage Passing local dataVolumesMounting local files and directoriesStoring model weightsDataset ingestionCloud bucket mountsSandboxes SandboxesRunning commandsNetworking and securityFile accessSnapshotsPerformance Cold start performanceMemory Snapshot (beta)Geographic latencyReliability and robustness Failures and retriesPreemptionTimeoutsTroubleshootingSecurity and privacyIntegrations Using OIDC to authenticate with external servicesConnecting Modal to your Datadog accountConnecting Modal to your OpenTelemetry providerOkta SSOSlack notifications (beta)Other topics Modal 1.0 migration guideFile and project structureDeveloping and debuggingModal user account setupWorkspacesEnvironmentsJupyter notebooksAsynchronous API usageGlobal variablesRegion selectionContainer lifecycle hooksParametrized functionsS3 Gateway endpointsGPU Metrics

Secrets

Securely provide credentials and other sensitive information to your Modal Functions with Secrets.

You can create and edit Secrets via the dashboard, the command line interface (modal secret), and programmatically from Python code (modal.Secret).

To inject Secrets into the container running your Function, add the secrets=[...] argument to your app.function or app.cls decoration.

Deploy Secrets from the Modal Dashboard

The most common way to create a Modal Secret is to use the Secrets panel of the Modal dashboard, which also shows any existing Secrets.

When you create a new Secret, you’ll be prompted with a number of templates to help you get started. These templates demonstrate standard formats for credentials for everything from Postgres and MongoDB to Weights & Biases and Hugging Face.

Use Secrets in your Modal Apps

You can then use your Secret by constructing it from_name when defining a Modal App and then accessing its contents as environment variables. For example, if you have a Secret called secret-keys containing the key MY_PASSWORD:

@app.function(secrets=[modal.Secret.from_name("secret-keys")])
def some_function():
    import os

    secret_key = os.environ["MY_PASSWORD"]
    ...

Each Secret can contain multiple keys and values but you can also inject multiple Secrets, allowing you to separate Secrets into smaller reusable units:

@app.function(secrets=[
    modal.Secret.from_name("my-secret-name"),
    modal.Secret.from_name("other-secret"),
])
def other_function():
    ...

The Secrets are applied in order, so key-values from later modal.Secret objects in the list will overwrite earlier key-values in the case of a clash. For example, if both modal.Secret objects above contained the key FOO, then the value from "other-secret" would always be present in os.environ["FOO"].

Create Secrets programmatically

In addition to defining Secrets on the web dashboard, you can programmatically create a Secret directly in your script and send it along to your Function using Secret.from_dict(...). This can be useful if you want to send Secrets from your local development machine to the remote Modal App.

import os

if modal.is_local():
    local_secret = modal.Secret.from_dict({"FOO": os.environ["LOCAL_FOO"]})
else:
    local_secret = modal.Secret.from_dict({})


@app.function(secrets=[local_secret])
def some_function():
    import os

    print(os.environ["FOO"])

If you have python-dotenv installed, you can also use Secret.from_dotenv() to create a Secret from the variables in a .env file

@app.function(secrets=[modal.Secret.from_dotenv()])
def some_other_function():
    print(os.environ["USERNAME"])

Interact with Secrets from the command line

You can create, list, and delete your Modal Secrets with the modal secret command line interface.

View your Secrets and their timestamps with

modal secret list

Create a new Secret by passing {KEY}={VALUE} pairs to modal secret create:

modal secret create database-secret PGHOST=uri PGPORT=5432 PGUSER=admin PGPASSWORD=hunter2

Remove Secrets by passing their name to modal secret delete:

modal secret delete database-secret
OSZAR »