Reputation: 41
Where to put Google Cloud client/service account secret json file?
So I have the following code in my project
flow = flow_from_clientsecrets(client_secrets_file, scope=flow_scope, redirect_uri='urn:ietf:wg:oauth:2.0:oob')
Which reads from a client_secret.json file in order for me to use Google Cloud API. Here's another piece of code that sets an environment variable for Google Cloud Storage.
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = os.path.join(dir, '../config/service_account.json')
Normally, I would put these info in environment variables, but I don't know how to do that with json files. Where should I put these files or how should I alter them so that I can safely push my code online without revealing my credentials?
Any help is appreciated.
Upvotes: 4
Views: 4670
Answers (1)
Reputation: 21
You can store the file in a secret and access that secret through the Google Cloud Secret Manager. This is also recommended over storing your sensitive data in an environment variable. You can find more information on how to set this up here: https://cloud.google.com/secret-manager/docs/
Upvotes: 2
Related Questions
- How should I store the Google Drive API credentials.json on my system?
- Pass json keyfile from cloud storage to ServiceAccountCredentials function
- Where should private service account key for Google be stored on Mac
- How to securely store and manage Google Cloud Storage key (json file)
- Using Google API for Python- where do I get the client_secrets.json file from?
- Google Cloud service account auth without full json file
- GCP Cloud Storage file push by python using service account json file
- Is there a way for Google Cloud Python Authentication via the JSON keyfile itself and not the file path?
- Where am I supposed to store Oauth2 credentials( client_id & client_secret ) for Google App Engine?
- Where to store client_secret.json from Google API in an Android Application?