Loading...
Loading...
Secure secrets in Google Cloud Secret Manager. Configure IAM policies, integrate with GKE, and manage secret versions. Use when managing secrets in GCP environments.
npx skill4agent add bagelhole/devops-security-agent-skills gcp-secret-manager# Create secret
echo -n "secret123" | gcloud secrets create db-password --data-file=-
# Access secret
gcloud secrets versions access latest --secret=db-password
# Add new version
echo -n "newsecret" | gcloud secrets versions add db-password --data-file=-
# List secrets
gcloud secrets listfrom google.cloud import secretmanager
client = secretmanager.SecretManagerServiceClient()
name = f"projects/my-project/secrets/db-password/versions/latest"
response = client.access_secret_version(request={"name": name})
secret = response.payload.data.decode("UTF-8")apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: gcp-secrets
spec:
provider: gcp
parameters:
secrets: |
- resourceName: "projects/my-project/secrets/db-password/versions/latest"
path: "db-password"