A large customer has a requirement to protect sensitive configuration data such that recovery by users at the CLI or API is not trivial.
A specific example they gave which is currently problematic is LDAP bind passwords which reside in the config in cleartext.
Currently they are exposed in config.toml (which they delete after applying).
The larger issues is that it's also pretty easy to recover them with a curl against the Hab API, or via chef-automate config show
A mechanism similar to the one in Chef server for secrets storage might be appropriate (chef-server-ctl set-secret data_collector token 'some-token' )