Google Cloud Platform (GCP) Secret Manager is a secrets management service provided by Google Cloud. It allows you to securely store and manage secrets such as database credentials, API keys, and other sensitive information.
In 01Cloud, the GCP Secret Manager can also be used as an external secret provider, which means that 01Cloud can fetch and utilize the secrets stored in GCP Secret Manager. This centralizes the management of sensitive information and allows for easy access to the secrets from multiple applications, including those running in a Kubernetes environment.
By using GCP Secret Manager in 01Cloud, you can enhance the security and reliability of your applications by separating secrets from code and reducing the risk of hardcoded secrets in the codebase. Additionally, you can also easily update secrets without the need to update code.
For further information and exploration on the external secret feature within 01Cloud, please refer here.
Steps to Create GCP Secret
- Initially, let us establish a secret within Google Cloud Platform (GCP). To do this, log into the Google Cloud Console and locate the Secret Manager feature by utilizing the search bar. Once found, you will be presented with the following interface. To create a new secret, simply click on the “Create Secret” button.
- Next, we must provide a name for the secret and enter its corresponding secret value. After this, we may proceed to create the secret by clicking on the “Create Secret” button.
- We have successfully created the secret “secret01”. Within this secret, there are two versions available where we have stored relevant data.
- Before utilizing the secret within our 01Cloud environment, it is necessary to create a Service Account file. During this process, it is imperative to assign the “Secret Manager Viewer” role to the Service Account file.
Steps to use GCP Secret in 01Cloud
- To begin, it is necessary to create a project and an application for WordPress. Once this is complete, we may proceed to establish an environment. In order to utilize external secrets, it is required to enable the “External Secrets” tab within the custom installation process.
- After selecting Google Cloud Platform (GCP) as the provider in the “Select Provider” field, it is necessary to provide the Service Account file. It is important to note that the project ID within the Service Account file should match the project ID field.
- Now we can continue with environment creation process.
- Upon initiation of the environment creation process, all of the authentication details specified in the external secret are processed. If the authentication is successful, a message indicating that the secret has been successfully fetched should be displayed in the activity log of the environment.
- As we can see environment is running.
- The details of the external secret can be viewed in the “External Secrets” tab within the settings. In the event of an error, the secret can be edited. Additionally, it is possible to force a synchronization of the external secret operator to retrieve updated data from the external secret manager.
Conclusion
With this approach, we have demonstrated how to set up and utilize the external secret feature within 01Cloud. 01Cloud retrieves and implements the data from the external secret in the 01Cloud environment.