Suggestion - categorize allowed secret name structure

[stijnmoreels]

What secret store are you interested in?
A ISecretProvider implementation that would work as an extra proxy (like the caching, user chooses where) that would make sure that (for example) only secrets that starts with the prefix "ARCUS_" can be looked up.
Aside from the added security perspective, this could also lead to less malicious requests to the store.

What scenarios would it enable you?
Anywhere where we may not have full control over the vault/store where the concrete secret provider is used.

Original issue: #167