在Google App Engine标准环境中处理机密 [英] Handling secrets in Google App Engine Standard Environment
问题描述
如果我需要存储API密钥,密码或其他敏感信息,以供在标准环境中运行的Google App Engine应用访问(例如,为了访问第三方服务),我的最佳选择是所以?
If I need to store API keys, passwords, or other sensitive information for a Google App Engine app running in the standard environment to access (let's say in order to access third-party services), what are my best options for doing so?
推荐答案
我听说过有关KMS的好消息
I've heard good things about KMS
轻松加密秘密
包装机密最大为64KiB,以允许您保护诸如用户凭证和API令牌之类的机密.拿源代码,部署管理器,容器,和元数据,并使用户和服务都可以访问使用Cloud KMS API通过解密创建帐户.
Wrap secrets up to 64KiB in size, to allow you to protect secrets like user credentials and API tokens. Take plaintext secrets out of source code, deployment managers, containers, and metadata, and make these accessible to users as well as service accounts via decryption using the Cloud KMS API.
这篇关于在Google App Engine标准环境中处理机密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
