How to secure and manage secrets using Google Cloud KMS

Let’s jump right in. We all know it’s a bad idea to store application secrets within our code. So why we are storing there it still? Let’s take an example. We could store those secrets in a file and add it to the gitignore so it’s not added to version control. But there are a couple of hurdles: How do we manage those secrets? What happens when the local copy is deleted? How do we share it with other developers? How do we manage versioning of those secrets during changes and an audit log of who changed what? A lot of questions! So we end up storing it within the code, since it’s too much complexity to deal with.

January 7, 2019 · 1 min · Ramesh Lingappan