This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Methods for protecting service account keys in GCP

Posted on 05-10-2023 09:05 PM
shegde
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

we have service account keys under service-account folder ..which has private keys . how can we protect them and what are the possible methods to store the json key files ?

0 2 295
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
kolban
Staff
Reply posted on --/--/---- --:-- AM

I think my initial answer is to use Google Cloud Secret Manager.  However, to help further, can you clarify "service-account folder" ... is this a local folder/directory on a workstation or somewhere else?  How are the service account keys being used?  Do you have a high level description or diagram showing what needs to be authenticated, where it runs and what it is calling?

0 Likes

Posted on --/--/---- --:-- AM
shegde
Bronze 3
Bronze 3
In response to kolban
Reply posted on --/--/---- --:-- AM

By default SA keys will be downloaded in /service-account directory, which is in our workstation and we will be using the json key path in our override files. so if we store the SA keys in google cloud secret manager how are we going to mention the key path in override files or how to access that in out override files? 

0 Likes
Top Labels in this Space
Top Solution Authors
View all