Secrets
Passwords, keys, and tokens are the most dangerous thing to mishandle, so they’re held apart from the services that use them — in dedicated credential storage, not scattered through configs and scripts. Access is granted narrowly and revocably; a leaked secret should be a contained incident, not a master key.
What kind of secret lives where, and who may retrieve it, is the substance of this room. The storage package itself is in Software; the directories that authenticate a retrieval are in Access.