0

I'm using Google Cloud Platform and researching what's needed for continuous development/integration.

We may use Google Secrets for passwords, API keys, etc. But I also see information in settings and config files that don't seem appropriate as a secret, but still probably needs secured. For example, the files might contain a list of white listed apps and URLs, or user names and IP addresses.

What is the best way to securely keep these files in a place where other developers can access them when needed? I'm not asking where they are kept when developing, but where to make them available for new developers to access them the first time. Would encrypting them and storing on Google Drive, and then limiting who has access, be appropriate?

Dan Cogswell
  • 475
  • 3
  • 16

1 Answers1

2

The easiest way, IMO, is to use Secret Manager, in a dev project. All the developers can access the project and access to the secret.

The local code uses also the secret stored in Google Cloud (off line development is not possible).

Deployment on dev project is easy, because the same secrets are used.

A new developer? Add them in the developer group and they will have automatically access to the secrets

guillaume blaquiere
  • 66,369
  • 2
  • 47
  • 76
  • Guillaume, so store them the same as I would store passwords? If I add up all of the white listed applications, user names, etc., that's a lot of secrets! (Dozens) Or, do we not worry about making these public? – Dan Cogswell Jun 22 '22 at 20:38
  • 1
    You can store 64KiB per secret. Organize them as you wish. Store many thing at the same time. I wrote something pretty similar: https://medium.com/google-cloud/mount-a-file-as-a-volume-in-cloud-run-facc74c02cc6 – guillaume blaquiere Jun 22 '22 at 21:03
  • Thanks Guillaume! Just what I needed. I'll stop thinking of secrets as only small strings. – Dan Cogswell Jun 23 '22 at 12:45