How to secure and manage secrets using Google Cloud KMS

January 7, 2019

Let’s jump right in. We all know it’s a bad idea to store application secrets within our code. So why we are storing there it still? Let’s take an example. We could store those secrets in a file and add it to the gitignore so it’s not added to version control. But there are a couple of hurdles:

  • How do we manage those secrets?
  • What happens when the local copy is deleted?
  • How do we share it with other developers?
  • How do we manage versioning of those secrets during changes and an audit log of who changed what?

A lot of questions! So we end up storing it within the code, since it’s too much complexity to deal with.

Project link: https://medium.com/@rameshlingappa/securing-managing-secrets-using-google-cloud-kms-3fe08c69f499

Copyright ©2019 rameshl.com 😀