10

Exploring Cloud Secret Store on GCP

Previously, we did a deep dive into Azure Key Vault. We managed to store Secrets securely on Key Vault and utilized it as a key management service for the Secrets that will reside on etcd. In this chapter, we will focus on the Google Cloud Platform and will utilize the Secret Manager of Google Cloud.

We will be covering the following topics in this chapter:

  • Overview of GCP Secret Manager
  • Workload Identity on GKS
  • GKE and GCP Secret Manager integration
  • Auditing and logging
  • GKE and KMS integration

By the end of this chapter, we should be able to store our Secrets to GCP Secret Manager securely, monitor secret access through auditing, and add an extra layer of security by encrypting the Secrets on etcd.

Get Kubernetes Secrets Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.