Currently, secrets is defined for each Operator. For example, aws.access-key-id can use for "s3_waits>" Operator only.
If user want to hide setting on other Operator, secrets for global variables are very convenience.
For example, td> Operator use aws.access-key-id for result_url:
Secrets can be used as parameters within your workflow - regardless of the operator. Please see an example with `td_load>` operator & your S3 credentials here: https://github.com/treasure-data/workflow-examples/tree/master/td_load/s3