@google-cloud/secret-manager

A cloud-hosted service that provides a secure and convenient tool for storing API keys, passwords, certificates, and other sensitive data.

Showing:

Popularity

Downloads/wk

150K

GitHub Stars

69

Maintenance

Last Commit

18hrs ago

Contributors

19

Package

Dependencies

1

License

Apache-2.0

Type Definitions

Tree-Shakeable

No?

Categories

Readme

Google Cloud Platform logo

Secret Manager: Node.js Client

release level npm version codecov

Secrets client for Node.js

A comprehensive list of changes in each version may be found in the CHANGELOG.

Read more about the client libraries for Cloud APIs, including the older Google APIs Client Libraries, in Client Libraries Explained.

Table of contents:

Quickstart

Before you begin

  1. Select or create a Cloud Platform project.
  2. Enable billing for your project.
  3. Enable the Secret Manager API.
  4. Set up authentication with a service account so you can access the API from your local workstation.

Installing the client library

npm install @google-cloud/secret-manager

Using the client library

// Import the Secret Manager client and instantiate it:
const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
const client = new SecretManagerServiceClient();

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// parent = 'projects/my-project', // Project for which to manage secrets.
// secretId = 'foo', // Secret ID.
// payload = 'hello world!' // String source data.

async function createAndAccessSecret() {
  // Create the secret with automation replication.
  const [secret] = await client.createSecret({
    parent: parent,
    secret: {
      name: secretId,
      replication: {
        automatic: {},
      },
    },
    secretId,
  });

  console.info(`Created secret ${secret.name}`);

  // Add a version with a payload onto the secret.
  const [version] = await client.addSecretVersion({
    parent: secret.name,
    payload: {
      data: Buffer.from(payload, 'utf8'),
    },
  });

  console.info(`Added secret version ${version.name}`);

  // Access the secret.
  const [accessResponse] = await client.accessSecretVersion({
    name: version.name,
  });

  const responsePayload = accessResponse.payload.data.toString('utf8');
  console.info(`Payload: ${responsePayload}`);
}
createAndAccessSecret();

Samples

Samples are in the samples/ directory. Each sample's README.md has instructions for running its sample.

SampleSource CodeTry it
Access Secret Versionsource codeOpen in Cloud Shell
Add Secret Versionsource codeOpen in Cloud Shell
Create Secretsource codeOpen in Cloud Shell
Delete Secretsource codeOpen in Cloud Shell
Destroy Secret Versionsource codeOpen in Cloud Shell
Disable Secret Versionsource codeOpen in Cloud Shell
Enable Secret Versionsource codeOpen in Cloud Shell
Get Secretsource codeOpen in Cloud Shell
Get Secret Versionsource codeOpen in Cloud Shell
Iam Grant Accesssource codeOpen in Cloud Shell
Iam Revoke Accesssource codeOpen in Cloud Shell
List Secret Versionssource codeOpen in Cloud Shell
List Secretssource codeOpen in Cloud Shell
Quickstartsource codeOpen in Cloud Shell
Update Secretsource codeOpen in Cloud Shell

The Secret Manager Node.js Client API Reference documentation also contains samples.

Supported Node.js Versions

Our client libraries follow the Node.js release schedule. Libraries are compatible with all current active and maintenance versions of Node.js.

Client libraries targeting some end-of-life versions of Node.js are available, and can be installed via npm dist-tags. The dist-tags follow the naming convention legacy-(version).

Legacy Node.js versions are supported as a best effort:

  • Legacy versions will not be tested in continuous integration.
  • Some security patches may not be able to be backported.
  • Dependencies will not be kept up-to-date, and features will not be backported.

Legacy tags available

  • legacy-8: install client libraries from this dist-tag for versions compatible with Node.js 8.

Versioning

This library follows Semantic Versioning.

This library is considered to be General Availability (GA). This means it is stable; the code surface will not change in backwards-incompatible ways unless absolutely necessary (e.g. because of critical security issues) or with an extensive deprecation period. Issues and requests against GA libraries are addressed with the highest priority.

More Information: Google Cloud Platform Launch Stages

Contributing

Contributions welcome! See the Contributing Guide.

Please note that this README.md, the samples/README.md, and a variety of configuration files in this repository (including .nycrc and tsconfig.json) are generated from a central template. To edit one of these files, make an edit to its templates in directory.

License

Apache Version 2.0

See LICENSE

Rate & Review

Great Documentation0
Easy to Use0
Performant0
Highly Customizable0
Bleeding Edge0
Responsive Maintainers0
Poor Documentation0
Hard to Use0
Slow0
Buggy0
Abandoned0
Unwelcoming Community0
100