Once bug 1375195 has been completed, we should be safe to remove support for worker type secrets from the provisioner. I'd prefer to do this before making worker types publicly viewable, since it solves the race-condition problem that we validate no worker types are using secrets, then during the process of making the worker types publicly world-readable, a new worker type is added e.g. from an old template, that suddenly exposes confidential secrets. This is quite a realistic disclosure possibility, and therefore by removing the feature before exposing the worker type definitions, we are sure no secrets exist.

Will look at this soon...

Having this implemented would be great, especially since we're doing work to derive taskcluster credentials from instance identity documents. These credentials aren't planned to have support for provisioner secrets.

This should be done as a part of the worker-manager transition. Since we'll deprecate the aws-provisioner codebase in favour of the worker manager, we should do the work in this bug. That said, we should still work through bug 1375200 and bug 1375201

reopening this bug, removing worker secrets shouldn't be too difficult from the aws-provisioner codebase, so we should probably consider doing it.