gcreds - a credential management tool using google cloud
Project description
gcreds
Inspired by credstash, I ended up putting Google Cloud Datastore and Google Cloud KMS (CLOUD KEY MANAGEMENT SERVICE) together to make gcreds to manage credentials in google cloud.
gcreds allows you store (put) and access (get) your credential in google cloud, and help to reduce security hole like keeping secrets being stored from your source code control.
Installation
Just run:
pip install gcreds
Getting started
Before you can use it, it will require a little setup work here:
Greate a KMS key ring on global location, named it like gcreds.
gcloud kms keyrings create gcreds --location global
Under that key ring, create a crypto key named gcreds.
gcloud kms keys create gcreds --location global --keyring gcreds --purpose encryption
You can customized location, key-ring, cryopto-key.
Once you have it setup, let’s try to put some credential.
Storing the password:
$ gcreds put mysecret SxtlB5fBvvAKT7P4 project_id is not provided, will use default project: [your-default-gcloud-project] instead.
Retriving the password:
$ gcreds get mysecret project_id is not provided, will use default project: [your-default-gcloud-project] instead. SxtlB5fBvvAKT7P4
You can also redirect a file to it.
Let’s have a file contain a super strong password by hand.
$ cat a_super_password.txt Y#7U*ubwZh=D^XEq3a_MMyX3NVL_gfk9K4eq2HX
And Let’s use the redirect to enter the password
$ gcreds put mysecret < a_super_password.txt project_id is not provided, will use default project: [your-default-gcloud-project] instead.
Let’s retrive the password
$ gcreds get mysecret project_id is not provided, will use default project: [your-default-gcloud-project] instead. Y#7U*ubwZh=D^XEq3a_MMyX3NVL_gfk9K4eq2HX
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
File details
Details for the file gcreds-0.3.0-py2.py3-none-any.whl
.
File metadata
- Download URL: gcreds-0.3.0-py2.py3-none-any.whl
- Upload date:
- Size: 6.0 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2d8e546be296fd07baf346cdf81e58610e3d0ac2499bc98642d8c75c84533980 |
|
MD5 | b15c1f87176be773f7dcf2cfb174d257 |
|
BLAKE2b-256 | 835d403c3ed1cad179a75b3447e03fb458f33dc743a660a4621855605df2e156 |