[Yandex Cloud documentation](../../index.md) > [Yandex Lockbox](../index.md) > Concepts > Overview

# Yandex Lockbox overview

Yandex Lockbox is a service for the centralized storage of secrets, such as passwords, SSH keys, and tokens. A secret is a set of versions that store your data. A version contains one or more key-value pairs. A key is a non-secret ID that identifies a value. The value is your secret data.

Yandex Lockbox allows users to manage a secret's lifecycle by creating, updating, and deleting secrets in a centralized manner and take advantage of all the access control features that [Yandex Identity and Access Management](../../iam/index.md) provides.

All secrets are stored in encrypted form. By default, secrets are encrypted with a system key but you can also use [Yandex Key Management Service](../../kms/index.md) with your own keys.

## Interfaces for using the service {#interface}

To work with Yandex Lockbox, you can use:

* [Management console](https://console.yandex.cloud).
* [Command line interface (CLI)](../../cli/index.md).
* API: [REST](../api-ref/index.md) or [gRPC](../api-ref/grpc/index.md).
* SDK: in [Java](https://github.com/yandex-cloud/java-sdk), [Go](https://github.com/yandex-cloud/go-sdk), [Python](https://github.com/yandex-cloud/python-sdk), or [Node.js](https://github.com/yandex-cloud/nodejs-sdk).