I haven't explored prefect to that depth yet. Not knowing your use case, I can't be sure. But if you're worried about database security during deployment you could always just have a parameter being a path to your config file. Don't include it in any repo/docker build, but you can manually add it at the end of deployment