gcp-secret-manager
1
总安装量
1
周安装量
#52774
全站排名
安装命令
npx skills add https://github.com/bagelhole/devops-security-agent-skills --skill gcp-secret-manager
Agent 安装分布
opencode
1
codex
1
claude-code
1
Skill 文档
GCP Secret Manager
Store and manage secrets securely in Google Cloud Platform.
When to Use This Skill
Use this skill when:
- Managing secrets in GCP
- Integrating with GKE workloads
- Storing API keys and credentials
- Implementing secret rotation
Prerequisites
- GCP project
- gcloud CLI configured
- Secret Manager API enabled
Basic Operations
# Create secret
echo -n "secret123" | gcloud secrets create db-password --data-file=-
# Access secret
gcloud secrets versions access latest --secret=db-password
# Add new version
echo -n "newsecret" | gcloud secrets versions add db-password --data-file=-
# List secrets
gcloud secrets list
Application Integration
from google.cloud import secretmanager
client = secretmanager.SecretManagerServiceClient()
name = f"projects/my-project/secrets/db-password/versions/latest"
response = client.access_secret_version(request={"name": name})
secret = response.payload.data.decode("UTF-8")
GKE Integration
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: gcp-secrets
spec:
provider: gcp
parameters:
secrets: |
- resourceName: "projects/my-project/secrets/db-password/versions/latest"
path: "db-password"
Best Practices
- Use Workload Identity for GKE
- Implement IAM least-privilege
- Enable audit logging
- Use secret versions for rollback
- Integrate with Cloud KMS for encryption
Related Skills
- hashicorp-vault – Multi-cloud secrets
- gcp-gke – GKE integration