At the beginning of last year, I wrote an article titled How to secure and manage secrets using Google Cloud KMS , explaining how we can use Google Cloud KMS (Key Management System) to encrypt secrets and securely use it in our applications.
I mentioned it is a decent approach because of the lack of support for good secret management solutions within the Google cloud ecosystem. It is kind of, a hacky way to get the job done, because,
- it requires a lot of code setup
- had to keep the encrypted version within version control
- no easy way to manage these secrets (like a console UI)
Finally, there is now an easier & better a solution, Google has announced their secret management solution Google Secret Manager.