If I need to store API keys, passwords, or other sensitive information for a Google App Engine app running in the standard environment to access (let's say in order to access third-party services), what are my best options for doing so?
Asked
Active
Viewed 1,011 times
1 Answers
2
I've heard good things about KMS
Easily Encrypt Secrets
Wrap secrets up to 64KiB in size, to allow you to protect secrets like user credentials and API tokens. Take plaintext secrets out of source code, deployment managers, containers, and metadata, and make these accessible to users as well as service accounts via decryption using the Cloud KMS API.
Alex
- 5,141
- 12
- 26
-
How to use these secrets in the yaml config for a Google App Engine standard enivronent? – Roel Jun 01 '22 at 15:36
-
1I've actually been using Google Secret Manager instead. I have a script that is a wrapper to `gcloud app deploy` and it fetches the secrets, creates a new temp app.yaml and injects the secrets in there – Alex Jun 01 '22 at 21:13