Stack Overflow
Stack Overflow

Questions tagged [google-secret-manager]

Secret Manager provides a secure and convenient tool for storing API keys, passwords, certificates, and other sensitive data on Google Cloud Platform.

Secret Manager is a Google Cloud product that provides a secure and convenient way to store and access API keys, passwords, certificates, and other sensitive data.

Resources

Related Products

312 questions
59
votes
7 answers

Secret manager access denied despite correct roles for service account

I'm writing a cloud function in Nodejs (10), and trying to access a secret like so: const [secret] = await new SecretManagerServiceClient().accessSecretVersion({ name: `projects/PROJECT_NUMBER/secrets/SECRET_NAME/versions/latest` }) I created…
Alex Meuer
  • 1,621
  • 3
  • 26
  • 37
38
votes
2 answers

What are the difference between the KMS and secret manager in GCP?

I am wondering if you please help me out with the following question. What are the differences between the KMS and the secret manager in GCP? Thank you in advance. https://cloud.google.com/secret-manager/docs/ HB
H.Bustam
  • 515
  • 1
  • 4
  • 6
31
votes
5 answers

How to handle secrets in Google App Engine?

My application needs a bunch of secrets to run: database credentials, API credentials, etc. It's running in Google App Engine Standard Java 11. I need these secrets as environment variables or as arguments to my application, so that my framework can…
Pablo Fernandez
  • 279,434
  • 135
  • 377
  • 622
15
votes
5 answers

Can't access secret in GCP Secret Manager

I'm trying to migrate my code from using API keys stored in the .env file to using Google Cloud Platform Secrets Manager. I've followed the instructions here but I encounter an error saying that I don't have permissions to access the secret. import…
Bartek Pacia
  • 1,085
  • 3
  • 15
  • 37
9
votes
1 answer

Storing secrets in firebase projects: Firebase config API or Secret Manager API?

To access secrets from cloud functions, Google provides the Secret Manager API: Secret Manager stores API keys, passwords, certificates, and other sensitive data. It provides convenience while improving security. On the other hand Firebase…
Felix K.
  • 14,171
  • 9
  • 58
  • 72
9
votes
6 answers

How to use a Google Secret in a deployed Cloud Run Service (managed)?

I have a running cloud run service user-service. For test purposes I passed client secrets via environment variables as plain text. Now since everything is working fine I'd like to use a secret instead. In the "Variables" tab of the "Edit Revision"…
xetra11
  • 7,671
  • 14
  • 84
  • 159
9
votes
1 answer

How can I give a service account access to a particular secret?

I want to grant a service account access to a secret in Google Secrets Manager. I can access the secret like this: gcloud beta secrets versions access 1 --secret="thesecret" --project="myproject" But when my service account tries the same command,…
MatrixManAtYrService
  • 8,023
  • 1
  • 50
  • 61
8
votes
3 answers

Can't access secret stored in Secrets Manager from Google Cloud Function

While testing a Google Cloud Function I wrote that attempts to access a secret stored in the Secret Manager, I get this error: Error: 7 PERMISSION_DENIED: Permission 'secretmanager.versions.access' denied for resource '' (or it may…
bhawk90
  • 321
  • 1
  • 2
  • 7
7
votes
2 answers

Automatically Grab Latest Google Cloud Platform Secret Version

I'm trying to grab the latest secret version. Is there a way to do that without specifying the version number? Such as using the keyword "latest". I'm trying to avoid having to iterate through all the secret versions with a for loop as GCP…
EnglishBanana
  • 121
  • 1
  • 8
7
votes
2 answers

GKE Secrets OR Google Secret manager

Does anyone know in which case choose Kubernetes secrets instead of google secret manager and the reverse ? Differences between the two ?
DE_WMA
  • 151
  • 1
  • 2
  • 7
7
votes
4 answers

google.cloud namespace import error in __init__.py

I have read through at least a dozen different stackoverflow questions that all present the same basic problem and have the same basic answer: either the module isn't installed correctly or the OP is doing the import wrong. In this case, I am trying…
Noah Goodrich
  • 24,875
  • 14
  • 66
  • 96
6
votes
5 answers

How to inject secret from Google Secret Manager into Kubernetes Pod as environment variable with Spring Boot?

For the life of Bryan, how do I do this? Terraform is used to create an SQL Server instance in GCP. Root password and user passwords are randomly generated, then put into the Google Secret Manager. The DB's IP is exposed via private DNS zone. How…
Moritz Schmitz v. Hülst
  • 3,229
  • 4
  • 36
  • 63
6
votes
3 answers

How should I store access tokens generated by another application using Google Cloud KMS?

I am building a Node.js application that receives a long term access token from another application that I need to access. I don't want to store these access tokens directly in the database since anyone who has access to these tokens can basically…
JackH
  • 4,613
  • 4
  • 36
  • 61
6
votes
4 answers

Google Cloud Function : support for Google Cloud KMS

I am using a Google Cloud Function (GCF) with a Pubsub trigger which sends a HTTP request to a third party API. The GCF receives notifications from a Pubsub topic used by a service which should not be aware of the third party API. The third party…
JackTheRipper
  • 61
  • 1
  • 5
5
votes
2 answers

Firebase secrets not defined in process.env

I'm writing a Firebase function with Cloud Storage trigger. Like this const functions = require('firebase-functions') const doSomethingWithSecrets = require('./doSomethingWithSecrets') const doSomethingWhenUploaded = functions.runWith({ secrets:…
starleaf1
  • 2,701
  • 6
  • 37
  • 66
1
2 3
20 21