GCP Secret Manager

GCP Secret Manager密钥仓库组件的详细信息


要设置GCP Secret Manager密钥仓库,请创建一个类型为secretstores.gcp.secretmanager的组件。 See this guide on how to create and apply a secretstore configuration. See this guide on referencing secrets to retrieve and use the secret with Dapr components.

apiVersion: dapr.io/v1alpha1
kind: Component
  name: gcpsecretmanager
  namespace: default
  type: secretstores.gcp.secretmanager
  version: v1
  - name: type
    value: <replace-with-account-type>
  - name: project_id
    value: <replace-with-project-id>
  - name: private_key_id
    value: <replace-with-private-key-id>
  - name: client_email
    value: <replace-with-email>
  - name: client_id
    value: <replace-with-client-id>
  - name: auth_uri
    value: <replace-with-auth-uri>
  - name: token_uri
    value: <replace-with-token-uri>
  - name: auth_provider_x509_cert_url
    value: <replace-with-auth-provider-cert-url>
  - name: client_x509_cert_url
    value: <replace-with-client-cert-url>
  - name: private_key
    value: <replace-with-private-key>


字段 必填 详情 Example
type Y 账户类型 "serviceAccount"
project_id Y 与此组件相关联的项目 ID。 "project_id"
private_key_id N 私钥ID "privatekey"
client_email Y 客户端电子邮件地址 "client@example.com"
client_id N 客户端的 ID "11111111"
auth_uri N 认证URI "https://accounts.google.com/o/oauth2/auth"
token_uri N 认证token URI "https://oauth2.googleapis.com/token"
auth_provider_x509_cert_url N 认证提供者的证书URL "https://www.googleapis.com/oauth2/v1/certs"
client_x509_cert_url N 客户端的证书 URL "https://www.googleapis.com/robot/v1/metadata/x509/<project-name>.iam.gserviceaccount.com"
private_key Y 认证用的私钥 "privateKey"

设置GCP Secret Manager实例

参考GCP文档设置 GCP Secret Manager:https://cloud.google.com/secret-manager/docs/quickstart。