SOPS is a command-line tool offered by Mozilla that allows you to encrypt files containing what are called “secrets,” such as API keys, usernames, passwords, and other sensitive information typically used in DevOps.
Here is a demo of the tool:
Thanks to SOPS (Secrets Operations), you can encrypt YAML, JSON, ENV, INI, or even binary files using PGP or, if you wish, AWS KMS (Amazon), GCP KMS (Google Cloud), or Azure Key Vault (Microsoft).
This tool helps prevent scenarios like “Oops, I put the top-secret API key file on the public Github,” which unfortunately happens quite frequently in the world.
To discover more about the tool, I invite you to watch this episode of Securing DevOps, which covers it well.