I would recommand using GCP’s Secret Manager :
You get useful features such as rights management (in IAM & Admin), you can update your passwords via Secret versions, etc.. really useful.
Pre-requisits:
- Have a Google Cloud Platform project
- In the IAM & Admin, you should have the role : “Secret Manager Secret Accessor“
- Create a Secret in the Secret Manager :
Here is a way to get your secret with python 3 :
# Install the module and import it :
!pip install google-cloud-secret-manager
from google.cloud import secretmanager
# Create a Client:
client = secretmanager.SecretManagerServiceClient()
secret_name = "my-secret" # => To be replaced with your secret name
project_id = 'my-project' # => To be replaced with your GCP Project
# Forge the path to the latest version of your secret with an F-string:
resource_name = f"projects/{project_id}/secrets/{secret_name}/versions/latest"
# Get your secret :
response = client.access_secret_version(request={"name": resource_name})
secret_string = response.payload.data.decode('UTF-8')
# Tada ! you secret is in the secret_string variable!
Do not try it with your real password or secret while testing this.
Enjoy !