--- a/modules/nixos/secrets.nix
+++ b/modules/nixos/secrets.nix
@@ -139,7 +139,7 @@
       };
       config.parts = mkMerge [
         (mkIf (config.generator != null && config.generator ? parts) config.generator.parts)
-        (mapAttrs (_: _: {}) (removeAttrs sysConfig.data.secrets.${secretName} ["shared"]))
+        (mapAttrs (_: _: {}) (removeAttrs sysConfig.data.secrets.${secretName} ["shared" "managed"]))
       ];
     }
   );
--- a/modules/secrets-data.nix
+++ b/modules/secrets-data.nix
@@ -38,6 +38,12 @@
   sharedSecretData = {
     freeformType = attrsOf (submodule secretDataValue);
     options = {
+      managed = mkOption {
+        type = nullOr bool;
+        description = "Is current fleet data value is generated by generator";
+        default = null;
+      };
+
       createdAt = mkOption {
         type = str;
         description = "Timestamp of secret generation/last rotation.";