Secret Manager - bobbae/gcp GitHub Wiki

Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data.

Concepts

Secret Manager works well for storing configuration information such as database passwords, API keys, or TLS certificates needed by an application at runtime.

A key management system, such as Cloud KMS, allows you to manage cryptographic keys and to use them to encrypt or decrypt data. However, you cannot view, extract, or export the key material itself.

Quickstart

https://cloud.google.com/secret-manager/docs/quickstart

Creating and Accessing secrets

https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets

Best Practices

https://cloud.google.com/secret-manager/docs/best-practices

Berglas

https://github.com/GoogleCloudPlatform/berglas

Examples

Passing secretes to terraform from Secret Manager

https://xbery.medium.com/how-to-pass-secrets-to-terraform-from-google-cloud-build-c648c76e2b9a

Cloud functions and Secret Manager

https://beranger.medium.com/native-implementation-of-google-secret-manager-in-cloud-functions-93a1732dd175