Administrative members have the capability to define organization-level environment variables. These variables can be grouped and associated with various projects. This streamlines the management of shared environment variables across multiple projects, eliminating the need for redundant definitions.
This centralized approach simplifies tasks like key rotation, as the information is stored in one location for all relevant projects, improving efficiency and security.
Similarly to the project-scoped environment variables, also the ones you create on organization level can be set to be secrets. Note that even though you set an environment variable secret, any user in the projects that have access to it can for example print the value in their executions.
Creating Environment Variable Groups
- Click on “
Hi, <username>!” in the top right corner.
- Select “
- Open the “Environment Variables” tab.
- Name your environment variable group and create it by clicking “Create new environment variable group”.
- Choose the projects that should have access to this group.
- Enter the environment variable name and value in their respective fields, then save them with the “Add” button.
- To keep a value secret, check the “Secret” checkbox.
- Save the changes made to the group by clicking “Save”.
In the example below, there are two environment variable groups: “production” and “staging.”
- “production” is used in projects “fun-tensorflow” and “production.”
- “staging” is used exclusively in the “staging” project.
Both groups contain two environment variables, with a public value and the other with its value marked as a secret.
Using Environment Variable Groups
The environment variable groups you have created will be visible under the project’s “Env Variables” tab, as shown below. Non-admin users can view them but cannot modify their values. Values for secret environment variables are hidden in the user interface.