How to secure and manage secrets using Google Cloud KMS

Secrets + Google KMS + Git

Let’s jump right in. We all know it’s a bad idea to store application secrets within our code. So why we are storing there it still? Let’s take an example.

We could store those secrets in a file and add it to the gitignore so it’s not added to version control. But there are a couple of hurdles:

  • How do we manage those secrets?