When storing secrets within a Key Vault (Such as 1Password Developer Tools or Azure KeyVault), how do you properly protect the keyvaults secret?
When looking to avoid keeping secrets in code (so it doesn’t get checked into source control) and having them encrypted in some fashion (so they’re not exposed if a machine is compromised), I’m missing something obvious here.