Versions Compared

Old Version 4

changes.mady.by.user Sarabjeet Kaur

Saved on

compared with

New Version Current

changes.mady.by.user Sarabjeet Kaur

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Applies to: Image Removed Kyvos Enterprise    Image Removed Kyvos Cloud (Managed Services on AWS)     Image Removed Kyvos Azure Marketplace

Image Removed Kyvos AWS Marketplace    Image Removed Kyvos Single Node Installation (Kyvos SNI)     Image Removed Kyvos Free (Limited offering for AWSApplies to: (tick) Kyvos Enterprise  (error) Kyvos Cloud (SaaS on AWS) (error) Kyvos AWS Marketplace

(error) Kyvos Azure Marketplace   (error) Kyvos GCP Marketplace (error) Kyvos Single Node Installation (Kyvos SNI)

...

Creating a secret

Creating a secret requires the Secret Manager Admin role (roles/secretmanager.admin) to be assigned to the user creating the secret on the project.

...

To create a secret, perform the following steps.

Aura tab collection
settings{"generalSettings":{"tabSpacing":0,"tabWidth":100,"tabHeight":45,"direction":"horizontal"},"activeSettings":{"backgroundColor":{"color":"#f58227"},"text":{"fontSize":14,"color":"#000000","textAlign":"left","fontWeight":"bold"}},"inactiveSettings":{"backgroundColor":{"color":"#e2e2e2"},"text":{"fontSize":14,"color":"#000000","textAlign":"left","fontWeight":"bold"},"border":{"top":true,"left":true,"right":true,"bottom":true,"width":1,"style":"solid","color":"#cccecf"}},"contentSettings":{"backgroundColor":{"color":"#fff"},"padding":{"top":10,"right":10,"bottom":10,"left":10},"border":{"style":"solid","width":2,"top":true,"bottom":true,"left":true,"right":true,"color":"#cccecf"}},"hoverSettings":{"backgroundColor":{"color":"#cccecf"},"text":{"fontSize":14,"color":"#000000","textAlign":"left","fontWeight":"normal"}}}
tab1
Aura tab
titleGCP Console
Aura tabtitleGcloud Command
paramsJTdCJTIyZ2VuZXJhbCUyMiUzQSU3QiUyMnRhYlNwYWNpbmclMjIlM0EwJTJDJTIydGFiV2lkdGglMjIlM0ExMDAlMkMlMjJ0YWJIZWlnaHQlMjIlM0E1MCUyQyUyMmRpcmVjdGlvbiUyMiUzQSUyMmhvcml6b250YWwlMjIlN0QlMkMlMjJjb250ZW50JTIyJTNBJTdCJTIyYmFja2dyb3VuZENvbG9yJTIyJTNBJTdCJTIyY29sb3IlMjIlM0ElMjIlMjNmZmYlMjIlN0QlMkMlMjJib3JkZXIlMjIlM0ElN0IlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyd2lkdGglMjIlM0ExJTJDJTIydG9wJTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmNvbG9yJTIyJTNBJTdCJTIybGlnaHQlMjIlM0ElMjIlMjNjY2NlY2YlMjIlN0QlN0QlMkMlMjJwYWRkaW5nJTIyJTNBJTdCJTIydG9wJTIyJTNBMTAlMkMlMjJyaWdodCUyMiUzQTEwJTJDJTIyYm90dG9tJTIyJTNBMTAlMkMlMjJsZWZ0JTIyJTNBMTAlN0QlN0QlMkMlMjJhY3RpdmUlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzZjU4MjI3JTIyJTdEJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzMDAwMDAwJTIyJTdEJTJDJTIydGV4dEFsaWduJTIyJTNBJTIybGVmdCUyMiUyQyUyMmZvbnRXZWlnaHQlMjIlM0ElMjJib2xkJTIyJTdEJTdEJTJDJTIyaG92ZXIlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSUyMiUyM2RmZTFlNiUyMiU3RCUyQyUyMnRleHQlMjIlM0ElN0IlMjJmb250U2l6ZSUyMiUzQTE4JTJDJTIyY29sb3IlMjIlM0ElMjIlMjM1ZTZjODQlMjIlMkMlMjJ0ZXh0QWxpZ24lMjIlM0ElMjJsZWZ0JTIyJTJDJTIyZm9udFdlaWdodCUyMiUzQSUyMmxpZ2h0ZXIlMjIlN0QlN0QlMkMlMjJpbmFjdGl2ZSUyMiUzQSU3QiUyMmJhY2tncm91bmRDb2xvciUyMiUzQSU3QiUyMmNvbG9yJTIyJTNBJTIyJTIzZjRmNWY3JTIyJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSUyMiUyMzVlNmM4NCUyMiUyQyUyMnRleHRBbGlnbiUyMiUzQSUyMmxlZnQlMjIlMkMlMjJmb250V2VpZ2h0JTIyJTNBJTIybGlnaHRlciUyMiU3RCUyQyUyMmJvcmRlciUyMiUzQSU3QiUyMnRvcCUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJ3aWR0aCUyMiUzQTElMkMlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyY29sb3IlMjIlM0ElN0IlMjJsaWdodCUyMiUzQSUyMiUyM2NjY2VjZiUyMiU3RCU3RCU3RCU3RA==
Aura tab
summaryGCP Console
paramsJTdCJTIydGl0bGUlMjIlM0ElMjJHQ1AlMjBDb25zb2xlJTIyJTdE

  1. Go to the Secret Manager page in the Cloud Console.

  2. On the Secret Manager page, click Create Secret.

  3. On the Create secret page, under Name, enter a name for the secret (For example, my-secret).

  4. (Optional) Leave the secret value as blank

  5. Leave the Regions section unchanged.

  6. Click the Create secret

Aura tab
summaryGcloud Command
paramsJTdCJTIydGl0bGUlMjIlM0ElMjJHY2xvdWQlMjBDb21tYW5kJTIyJTdE

Execute the gcloud command from GCP Cloud Shell:

gcloud secrets create secret-id --replication-policy="automatic"

Once the secret is created, copy its Resource ID and keep it safe for future use.

Image Added

Permissions for Accessing Secret Manager

...

Steps to create role for Secret Manager:

  1. Click Roles > Create new role. Provide a name like secret-manager-role for storage service and assign the following permissions.

    • versions.access

    • versions.add

...

    • Image Added

  2. Go to IAM & Admin > IAM. Search for the service account that was created for Kyvos.

  3. Click Edit Principal.

...

  1. Image Added

  2. Click Add another role. Select the secret-manager-role (created in Step1).

  3. Click Add condition.

  4. Enter the Title as Secret Manager permission, and add conditions as:

    1. Adding the first condition

      1. Select the Condition Type as Resource > Name.

      2. Select the Operator as Starts with

      3. In the Value field, enter the Resource ID of Secret manager captured in Creating a secret section.

...

      1. Image Added

    2. Adding the second condition

      1. Click Add to add another condition.

      2. Select the Condition Type as Resource > Service.

      3. Select the Operator as is

      4. In Resource Service, select the secretmanager.googleapis.com service. To know more about this service, refer to Google Documentation.

...

      1. Image Added

    2. Click Save.