Manage your Cloud Run secrets securely with Secret Manager
Code shown in this episode → https://goo.gle/3boFqFb
Secret Manager docs → https://goo.gle/3eFNtzm
Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data that provides a central place and single source of truth to manage, access, and audit secrets across Google Cloud. In this episode of Serverless Expeditions Extended, Martin demos how you can update an existing Cloud Run service to use Secret Manager without changing any code and while applying the Principle of Least Privilege. Watch to learn how you can use Secret Manager with your Cloud Run service!
Timestamps:
0:00 - Intro
1:31 - Secret Manager
1:45 - Updating a Cloud Run service to use Secret Manager
2:48 - Putting the database password in Secret Manager
3:25 - Referencing Secret Manager from Cloud Run
3:45 - What did we achieve?
4:47 - Two other ways of accessing Secret Manager
5:42 - Wrap-up
Clarification on the video: if you mount a secret as an environment variable (and point it to the “latest” version of that secret), the latest value of the secret is loaded whenever a Cloud Run instance of your service is started. This happens all the time. So even if you don’t re-deploy your Cloud Run service yourself, the new value of the secret will eventually make it into your Cloud Run service.
Checkout more episodes of Serverless Expeditions → http://goo.gle/ServerlessExpeditions
Subscribe to Google Cloud Tech → https://goo.gle/GoogleCloudTech
#ServerlessExpeditions #ServerlessExpeditionsExtended
Product: Cloud Run, Secret Manager; fullname: Martin Omander;
Видео Manage your Cloud Run secrets securely with Secret Manager канала Google Cloud Tech
Secret Manager docs → https://goo.gle/3eFNtzm
Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data that provides a central place and single source of truth to manage, access, and audit secrets across Google Cloud. In this episode of Serverless Expeditions Extended, Martin demos how you can update an existing Cloud Run service to use Secret Manager without changing any code and while applying the Principle of Least Privilege. Watch to learn how you can use Secret Manager with your Cloud Run service!
Timestamps:
0:00 - Intro
1:31 - Secret Manager
1:45 - Updating a Cloud Run service to use Secret Manager
2:48 - Putting the database password in Secret Manager
3:25 - Referencing Secret Manager from Cloud Run
3:45 - What did we achieve?
4:47 - Two other ways of accessing Secret Manager
5:42 - Wrap-up
Clarification on the video: if you mount a secret as an environment variable (and point it to the “latest” version of that secret), the latest value of the secret is loaded whenever a Cloud Run instance of your service is started. This happens all the time. So even if you don’t re-deploy your Cloud Run service yourself, the new value of the secret will eventually make it into your Cloud Run service.
Checkout more episodes of Serverless Expeditions → http://goo.gle/ServerlessExpeditions
Subscribe to Google Cloud Tech → https://goo.gle/GoogleCloudTech
#ServerlessExpeditions #ServerlessExpeditionsExtended
Product: Cloud Run, Secret Manager; fullname: Martin Omander;
Видео Manage your Cloud Run secrets securely with Secret Manager канала Google Cloud Tech
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Level Up - Secret ManagerCan Cloud Run handle these 9 workloads?AWS Lambda & Secrets Manager: 2 Ways to Grant Access | Resource Permissions | ExampleGoogle Cloud Secret Manager | Professional Architect Exam EssentialsGoogle Cloud Data Catalog Demo | Tagging tables Demo | Qwiklabs - Data Catalog Qwik Start [GSP729]Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes & Refresh TokensCloud Run + Cloud SQL, setupLearn to add authentication and identity management to your own appsCloud Build - Create a CI/CD PipelinePub/Sub tips and tricks8 Terraform Best Practices that will improve your TF workflow immediatelyVSPARKZ | GCP Secret Manager | Create & Access Secrets | DEMOSimplify Cloud Run development with Visual Studio CodeAutomate your Docker deployments with AnsibleAWS Tutorial - AWS Secrets Manager - Create Store and Retrieve a Secret (via Console and CLI)Top 3 ways to run your containers on Google CloudData Encryption and Managed Encryption KeysCloud Run QuickStart - Docker to ServerlessAWS Secrets Manager - Create Store and Retrieve a Secret