Google has introduced a new service that aims to centralize, manage, and secure sensitive information like API keys, passwords, certificates, and other important data. Google Cloud Secret Manager is designed to help tackle secret sprawl, a significant barrier to application security that is caused by poor management of sensitive authentication data across an application stack.
Google Cloud Product Manager Matt Driscoll noted in the announcement of the new tool that in addition to tackling secret sprawl, developers will also benefit from having a “single source of truth” that contains all the tools needed for managing secrets.
Secret Manager ensures that Secret data is immutable by implementing a versioning system that allows data managers to assign designations to secret versions for clarity and transparency. Additionally, by default only project owners have access to secrets, all other roles will need to explicitly be granted permissions.
Secret Manager Beta is available to all customers now and documentation is provided to help developers get started.