A tool for managing secrets on Google Cloud (by GoogleCloudPlatform)

Berglas Alternatives

Similar projects and alternatives to berglas

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better berglas alternative or higher similarity.

berglas reviews and mentions

Posts with mentions or reviews of berglas. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-29.
  • Increasing Your Cloud Function Development Velocity Using Dynamically Loading Python Classes
    3 projects | | 29 Nov 2023
    Google Secret Manager
  • Getting started using Google APIs: API Keys (Part 2)
    4 projects | | 16 Nov 2023
    API keys are easy to "leak" or compromise, so best to not only use the restrictions presented to you when you create them but physically protect them as well. Don't code them in plain-text, don't check them into GitHub, etc. Store them in a secure database or use a service like GCP Secret Manager.
  • Need some advice on API key storage
    2 projects | /r/reactjs | 23 Oct 2023
    I've been looking at Google Secret Manager which sounds promising but I've not been able to find any examples or tutorials that help with the actual practical details of best practice or getting this working. I'm currently reading about Cloud Functions which also sound promising but again, I'm just going deeper and deeper into GCP without feeling like I'm gaining any useful insights.
  • Secure GitHub Actions by pull_request_target
    5 projects | | 23 Oct 2023
    In this post, I described how to build secure GitHub Actions workflows by pull_request_target event instead of pull_request event. Using pull_request_target, you can prevent malicious codes from being executed in CI. And by managing secrets in secrets management services such as AWS Secrets Manager and Google Secret Manager and access them via OIDC, you can restrict the access to secrets securely. To migrate pull_request to pull_request_target, several modifications are needed. And pull_request_target has a drawback that it's difficult to test changes of workflows, so it's good to introduce pull_request_target to repositories that require strong permissions in CI. For example, a Terraform Monorepo tends to require strong permissions for CI, so it's good to introduce pull_request_target to it.
  • How to Deploy and Scale Strapi on a Kubernetes Cluster 1/2
    13 projects | | 3 Feb 2023
    Store the Secrets in a vault like Hashicorp Vault, AWS Secrets Manager, GCP Secret Manager, etc., and then use an operator like External Secrets Operator to add them to your K8s cluster.
  • Vault Secrets in K8S, use CRD Injector ?
    2 projects | /r/kubernetes | 10 Jan 2023
    is the secret store csi driver used to fetch secrets from services like the: - - -
  • Show HN: Infisical – open-source secrets manager
    6 projects | | 19 Dec 2022
    This looks great! But after looking through the docs and Github, I don't know what the architecture is beyond there is a CLI and a browser UI that interact with some sort of central service.

    The main thing stopping me from using Vault is that it can become a central point of failure. If the cloud provider secret managers are down then its likely that something else in the cloud is having major issues as well so from an uptime perspective and easy of operations that has always seemed a safe approach, although the pricing is kind of outrageous. But just storing (e2e encrypted, etc) in cloud object storage is also an option. Berglass for example gives the option of storing in the secret manager or in cloud storage directly:

  • Shhhh... Kubernetes Secrets Are Not Really Secret!
    12 projects | | 15 Dec 2022
    Sealed Secrets are a great starting point for securing secrets, but there is an even better way. Using the External Secrets Operator (ESO) and an external secret management system like HashiCorp Vault, AWS Secrets Manager, Google Secrets Manager, or Azure Key Vault. While this is a bit more involved to set up, it is a better approach if you use a cloud provider to host your Kubernetes cluster. ESO supports many such secret managers and watches for changes to external secret stores, and keeps Kubernetes secrets in sync.
  • Web Security 101 - Part 1: Secrets
    3 projects | | 29 Nov 2022
    Products like Google Cloud have the authentication, authorization, secret storage, and secret retrieval built into the system you use to deploy your code.
  • Google Cloud Reference
    24 projects | | 30 Aug 2022
    Secret Manager: Store and manage secrets 🔗Link 🔗Link
  • A note from our sponsor - InfluxDB | 11 Dec 2023
    Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge. Learn more →


Basic berglas repo stats
12 days ago
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives