Secret Manager - bobbae/gcp GitHub Wiki
Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data.
Concepts
Secret Manager works well for storing configuration information such as database passwords, API keys, or TLS certificates needed by an application at runtime.
A key management system, such as Cloud KMS, allows you to manage cryptographic keys and to use them to encrypt or decrypt data. However, you cannot view, extract, or export the key material itself.
Quickstart
https://cloud.google.com/secret-manager/docs/quickstart
Creating and Accessing secrets
https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets
Best Practices
https://cloud.google.com/secret-manager/docs/best-practices
Berglas
https://github.com/GoogleCloudPlatform/berglas
Examples
Passing secretes to terraform from Secret Manager
https://xbery.medium.com/how-to-pass-secrets-to-terraform-from-google-cloud-build-c648c76e2b9a