#How do I censor generated secret values from logs?

For instance if I assume a role using the AWS CLI which produce credentials to use as environment variables in order to execute authenticated AWS CLI commands?

How should I protect these generated secrets and prevent them from showing in the Dagger logs?

@frail plank does the AWS CLI print these credentials in the logs?