Google Cloud Secret Manager Client Library
A Python client library for Google Cloud Secret Manager, enabling secure storage and management of application secrets. Current version: 2.27.0. Released on a regular cadence, with recent updates enhancing functionality and security features.
Warnings
- breaking Import path changed from 'google.cloud import secretmanager' to 'google.cloud import secretmanager_v1'.
- deprecated Using 'secretmanager' instead of 'secretmanager_v1' may lead to compatibility issues in future releases.
- gotcha Ensure that the 'GOOGLE_APPLICATION_CREDENTIALS' environment variable points to a valid service account JSON file for authentication.
Install
-
pip install google-cloud-secret-manager
Imports
- SecretManagerServiceClient
from google.cloud import secretmanager_v1
Quickstart
import os
from google.cloud import secretmanager_v1
# Set up authentication
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = 'path_to_your_service_account_file.json'
# Initialize the Secret Manager client
client = secretmanager_v1.SecretManagerServiceClient()
# Define project and secret details
project_id = 'your-project-id'
secret_id = 'your-secret-id'
# Build the parent name from the project
parent = f'projects/{project_id}'
# Create the secret
secret = client.create_secret(
request={
'parent': parent,
'secret_id': secret_id,
'secret': {'replication': {'automatic': {}}},
}
)
# Add a version with a payload
version = client.add_secret_version(
request={
'parent': secret.name,
'payload': {'data': b'hello world!'},
}
)
# Access the secret version
response = client.access_secret_version(request={'name': version.name})
# Print the secret payload
payload = response.payload.data.decode('UTF-8')
print(f'Plaintext: {payload}')