Secret Manager conceptual overview

This topic explains the main Secret Manager concepts.

Secret

A secret is a project-global object that contains a collection of metadata and secret versions. The metadata can include replication locations, labels, and permissions. The secret versions store the actual secret data, such as an API key or credential.

Version

A secret version stores the actual secret data, such as API keys, passwords, or certificates.

You can address individual versions of a secret. You cannot modify a version, but you can delete it.

Rotation

Rotation is the process where you periodically update to a different version to reinforce security.

By storing many versions of a secret and rotating as needed, you can better maintain consistent and secure access to any system that requires those credentials.

A secret is often rotated when a new version is created. You might also want to rotate secrets regularly to limit the secret's lifecycle.

What's next

Bu sayfayı yararlı buldunuz mu? Lütfen görüşünüzü bildirin:

Şunun hakkında geri bildirim gönderin...

Secret Manager Documentation