| CARVIEW |
Select Language
HTTP/2 301
content-type: text/html; charset=utf-8
location: https://cloud.google.com/security/products/secret-manager
cache-control: private, max-age=2592000
pragma:
vary: Cookie
vary: Accept-Encoding
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-SEN7CN7hkz5HUhyUaK6Ps7IAULk+Zm' 'unsafe-eval'; frame-ancestors 'self' https://developers.google.com/_d/analytics-iframe; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 0
x-content-type-options: nosniff
expires: 0
content-encoding: gzip
x-cloud-trace-context: 56d5a02f048d15f051802ac6a0ed3424
date: Tue, 15 Jul 2025 00:32:39 GMT
server: Google Frontend
content-length: 198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
HTTP/2 200
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Jul 2025 00:32:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-aH35NBUh_1mvmB4nWcw2Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GoogleCloudUxWebAppCgcUi/cspreport;worker-src 'self' blob:
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/ https://maps.googleapis.com https://googleads.g.doubleclick.net https://s.ytimg.com https://ssl.google-analytics.com https://www.googleadservices.com/pagead/ https://www.youtube.com https://youtube.com https://youtube.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/GoogleCloudUxWebAppCgcUi/cspreport/allowlist
content-security-policy: require-trusted-types-for 'script';report-uri /_/GoogleCloudUxWebAppCgcUi/cspreport
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/GoogleCloudUxWebAppCgcUi/web-reports?context=eJzjqtDikmJw1ZBiSHv6mInp0ROm1pvnWKcCsZrrBdak8ousyUyXWA0VLrE6AnGRxBXWJhB2vcp648E11i8511k_Vd1gFaq-wXqz-QZrEvtN1iIgflB4i3XXxlush4BY6cwt1q_9d1l_r7nLyrz2Luv3bXdZ1bi82IR4OJYfvnaYTWDF6u27mZU0k_IL45Nz8ktTdEsrdMtTkxILCnST05N1SzPjjQyMTA3MDU30DEziCwwAyR1IAg"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=525=c877j6o8jCT6fxG6ESVAErgKbUgAr4xEyRyWszuwf2luW0T-BkiscRKuD8kWLpFxhiGoMAnnLhiDj0xi7m2fFpJGON9VeszzpeXVT6Evw5lHtepJV3Hll9lD90duKybEeCBW9eNnjvBqkJuZ4GBoUcZ9rD4S28efSTl-rW2FdIGzisbSMEjZ20KN6DDYl038; expires=Wed, 14-Jan-2026 00:32:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Secret Manager | Google Cloud
What you'll get:
Secret Manager
Store API keys, passwords, certificates, and sensitive data
Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data.
The first six secret versions are free. New customers get $300 in free credits to spend on Secret Manager.
Features
Least privilege made easy
Easily follow the principle of least privilege with Secret Manager's Cloud IAM roles. You can grant individual permissions to secrets and separate the ability to manage secrets from the ability to access their data.
Simplified life cycle management
Secret Manager enables simple life cycle management with first class versioning and the ability to pin requests to the latest version of a secret. You can use Cloud Functions to automate rotation.
Powerful auditing, built in
With Cloud Audit Logs integration, every interaction with Secret Manager generates an audit log. This integration makes meeting audit and compliance requirements easy.
Replication policies
Secret names are project-global resources, but secret data is stored in regions. You can choose specific regions in which to store your secrets, or you can let us decide. Either way, we automatically handle the replication of secret data.
First-class versioning
Secret data is immutable and most operations take place on secret versions. With Secret Manager, you can pin a secret to specific versions like "42" or floating aliases like "latest."
Cloud IAM integration
Control access to secrets the same way you control access to other Google Cloud resources. Only project owners have permission to access Secret Manager secrets; other roles must explicitly be granted permissions through Cloud IAM.
Audit logging
With Cloud Audit Logs enabled, every interaction with Secret Manager generates an audit entry. You can ingest these logs into anomaly detection systems to spot abnormal access patterns and alert on possible security breaches.
Encrypted by default
Data is encrypted in transit with TLS and at rest with AES-256-bit encryption keys.
VPC Service Controls support
Enable context-aware access to Secret Manager from hybrid environments with VPC Service Controls.
Powerful and extensible
Secret Manager's API-first design makes it easy to extend and integrate into existing systems. It is also integrated into popular third-party technologies like HashiCorp Terraform and GitHub Actions.
How It Works
Secret Manager lets you store, manage, and access secrets as binary blobs or text strings. Secret Manager works well for storing configuration information such as database passwords, API keys, or TLS certificates needed by an application at runtime.
Secret Manager lets you store, manage, and access secrets as binary blobs or text strings. Secret Manager works well for storing configuration information such as database passwords, API keys, or TLS certificates needed by an application at runtime.
Manage your Cloud Run secrets securely with Secret Manager
Common Uses
Secrets management
Create a secret
Create a secret
- Go to the Secret Manager page in the Google Cloud console.
- On the Secret Manager page, click Create secret.
- On the Create secret page, under Name, enter a name for the secret (for example, my-secret). A secret name can contain uppercase and lowercase letters, numerals, hyphens, and underscores. The maximum allowed length for a name is 255 characters.
- Optional: To also add a secret version when creating the initial secret, in the Secret value field, enter a value for the secret (for example, abcd1234). The secret value can be in any format but must not be larger than 64 KiB. You can also upload a text file containing the secret value using the Upload file option.
- Click the Create secret button.
Tutorials, quickstarts, & labs
Create a secret
Create a secret
- Go to the Secret Manager page in the Google Cloud console.
- On the Secret Manager page, click Create secret.
- On the Create secret page, under Name, enter a name for the secret (for example, my-secret). A secret name can contain uppercase and lowercase letters, numerals, hyphens, and underscores. The maximum allowed length for a name is 255 characters.
- Optional: To also add a secret version when creating the initial secret, in the Secret value field, enter a value for the secret (for example, abcd1234). The secret value can be in any format but must not be larger than 64 KiB. You can also upload a text file containing the secret value using the Upload file option.
- Click the Create secret button.
Generate a solution
What problem are you trying to solve?
check_smallStep-by-step guide
check_smallReference architecture
check_smallAvailable pre-built solutions
This service was built with Vertex AI. You must be 18 or older to use it. Do not enter sensitive, confidential, or personal info.
Pricing
| How Secret Manager pricing works | When you use Secret Manager, you are charged for operations and active secret versions. | |
|---|---|---|
| Service | Description | Price |
Get started free | New users get $300 in free trial credits to use within 90 days. | Free |
All customers get six secret versions for analyzing and storing sensitive data. | Free | |
Secret versions | Active | $0.06 per version per location |
Destroyed | Free | |
Operations | Access operations | $0.03 per 10,000 operations |
Management operations | Free | |
Notifications | Rotation notifications | $0.05 per rotation Secret Manager bills for every SECRET_ROTATE message sent to a Pub/Sub topic. |
Learn more about Secret Manager pricing
How Secret Manager pricing works
When you use Secret Manager, you are charged for operations and active secret versions.
All customers get six secret versions for analyzing and storing sensitive data.
Description
Free
Secret versions
Description
Active
Price
$0.06 per version per location
Destroyed
Description
Free
Operations
Description
Access operations
Price
$0.03 per 10,000 operations
Management operations
Description
Free
Notifications
Description
Rotation notifications
Price
$0.05 per rotation
Secret Manager bills for every SECRET_ROTATE message sent to a Pub/Sub topic.
Learn more about Secret Manager pricing
- Accelerate your digital transformation
- Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.
- Key benefits
- Not seeing what you're looking for?
- See all industry solutions
- Featured Products
- AI and Machine Learning
- Business Intelligence
- Compute
- Containers
- Data Analytics
- Databases
- Developer Tools
- Distributed Cloud
- Hybrid and Multicloud
- Industry Specific
- Integration Services
- Management Tools
- Maps and Geospatial
- Media Services
- Migration
- Mixed Reality
- Networking
- Operations
- Productivity and Collaboration
- Security and Identity
- Serverless
- Storage
- Web3
- Featured Products
- Not seeing what you're looking for?
- See all products (100+)
- Not seeing what you're looking for?
- See all AI and machine learning products
- Business Intelligence
- Not seeing what you're looking for?
- See all compute products
- Not seeing what you're looking for?
- See all data analytics products
- Not seeing what you're looking for?
- See all developer tools
- Hybrid and Multicloud
- Industry Specific
- Not seeing what you're looking for?
- See all management tools
- Media Services
- Not seeing what you're looking for?
- See all networking products
- Productivity and Collaboration
- Not seeing what you're looking for?
- See all security and identity products
- Save money with our transparent approach to pricing
- Google Cloud's pay-as-you-go pricing offers automatic savings based on monthly usage and discounted rates for prepaid resources. Contact us today to get a quote.
- Pricing overview and tools
- Learn & build
- Connect
- Accelerate your digital transformation
- Learn more
- Key benefits
- Why Google Cloud
- AI and ML
- Multicloud
- Global infrastructure
- Data Cloud
- Modern Infrastructure Cloud
- Security
- Productivity and collaboration
- Reports and insights
- Executive insights
- Analyst reports
- Whitepapers
- Customer stories
- Industry Solutions
- Retail
- Consumer Packaged Goods
- Financial Services
- Healthcare and Life Sciences
- Media and Entertainment
- Telecommunications
- Games
- Manufacturing
- Supply Chain and Logistics
- Government
- Education
- See all industry solutions
- See all solutions
- Application Modernization
- CAMP
- Modernize Traditional Applications
- Migrate from PaaS: Cloud Foundry, Openshift
- Migrate from Mainframe
- Modernize Software Delivery
- DevOps Best Practices
- SRE Principles
- Day 2 Operations for GKE
- FinOps and Optimization of GKE
- Run Applications at the Edge
- Architect for Multicloud
- Go Serverless
- Artificial Intelligence
- Customer Engagement Suite with Google AI
- Document AI
- Vertex AI Search for retail
- Gemini for Google Cloud
- Generative AI on Google Cloud
- APIs and Applications
- New Business Channels Using APIs
- Unlocking Legacy Applications Using APIs
- Open Banking APIx
- Data Analytics
- Data Migration
- Data Lake Modernization
- Stream Analytics
- Marketing Analytics
- Datasets
- Business Intelligence
- AI for Data Analytics
- Databases
- Database Migration
- Database Modernization
- Databases for Games
- Google Cloud Databases
- Migrate Oracle workloads to Google Cloud
- Open Source Databases
- SQL Server on Google Cloud
- Gemini for Databases
- Infrastructure Modernization
- Application Migration
- SAP on Google Cloud
- High Performance Computing
- Windows on Google Cloud
- Data Center Migration
- Active Assist
- Virtual Desktops
- Rapid Migration and Modernization Program
- Backup and Disaster Recovery
- Red Hat on Google Cloud
- Cross-Cloud Network
- Observability
- Productivity and Collaboration
- Google Workspace
- Google Workspace Essentials
- Cloud Identity
- Chrome Enterprise
- Security
- Security Analytics and Operations
- Web App and API Protection
- Security and Resilience Framework
- Risk and compliance as code (RCaC)
- Software Supply Chain Security
- Security Foundation
- Google Cloud Cybershield™
- Startups and SMB
- Startup Program
- Small and Medium Business
- Software as a Service
- Featured Products
- Compute Engine
- Cloud Storage
- BigQuery
- Cloud Run
- Google Kubernetes Engine
- Vertex AI
- Looker
- Apigee API Management
- Cloud SQL
- Gemini
- Cloud CDN
- See all products (100+)
- AI and Machine Learning
- Vertex AI Platform
- Vertex AI Studio
- Vertex AI Agent Builder
- Conversational Agents
- Vertex AI Search
- Speech-to-Text
- Text-to-Speech
- Translation AI
- Document AI
- Vision AI
- Contact Center as a Service
- See all AI and machine learning products
- Business Intelligence
- Looker
- Looker Studio
- Compute
- Compute Engine
- App Engine
- Cloud GPUs
- Migrate to Virtual Machines
- Spot VMs
- Batch
- Sole-Tenant Nodes
- Bare Metal
- Recommender
- VMware Engine
- Cloud Run
- See all compute products
- Containers
- Google Kubernetes Engine
- Cloud Run
- Cloud Build
- Artifact Registry
- Cloud Code
- Cloud Deploy
- Migrate to Containers
- Deep Learning Containers
- Knative
- Data Analytics
- BigQuery
- Looker
- Dataflow
- Pub/Sub
- Dataproc
- Cloud Data Fusion
- Cloud Composer
- BigLake
- Dataplex
- Dataform
- Analytics Hub
- See all data analytics products
- Databases
- AlloyDB for PostgreSQL
- Cloud SQL
- Firestore
- Spanner
- Bigtable
- Datastream
- Database Migration Service
- Bare Metal Solution
- Memorystore
- Developer Tools
- Artifact Registry
- Cloud Code
- Cloud Build
- Cloud Deploy
- Cloud Deployment Manager
- Cloud SDK
- Cloud Scheduler
- Cloud Source Repositories
- Infrastructure Manager
- Cloud Workstations
- Gemini Code Assist
- See all developer tools
- Distributed Cloud
- Google Distributed Cloud Connected
- Google Distributed Cloud Air-gapped
- Hybrid and Multicloud
- Google Kubernetes Engine
- Apigee API Management
- Migrate to Containers
- Cloud Build
- Observability
- Cloud Service Mesh
- Google Distributed Cloud
- Industry Specific
- Anti Money Laundering AI
- Cloud Healthcare API
- Device Connect for Fitbit
- Telecom Network Automation
- Telecom Data Fabric
- Telecom Subscriber Insights
- Spectrum Access System (SAS)
- Integration Services
- Application Integration
- Workflows
- Apigee API Management
- Cloud Tasks
- Cloud Scheduler
- Dataproc
- Cloud Data Fusion
- Cloud Composer
- Pub/Sub
- Eventarc
- Management Tools
- Cloud Shell
- Cloud console
- Cloud Endpoints
- Cloud IAM
- Cloud APIs
- Service Catalog
- Cost Management
- Observability
- Carbon Footprint
- Config Connector
- Active Assist
- See all management tools
- Maps and Geospatial
- Earth Engine
- Google Maps Platform
- Media Services
- Cloud CDN
- Live Stream API
- OpenCue
- Transcoder API
- Video Stitcher API
- Migration
- Migration Center
- Application Migration
- Migrate to Virtual Machines
- Cloud Foundation Toolkit
- Database Migration Service
- Migrate to Containers
- BigQuery Data Transfer Service
- Rapid Migration and Modernization Program
- Transfer Appliance
- Storage Transfer Service
- VMware Engine
- Mixed Reality
- Immersive Stream for XR
- Networking
- Cloud Armor
- Cloud CDN and Media CDN
- Cloud DNS
- Cloud Load Balancing
- Cloud NAT
- Cloud Connectivity
- Network Connectivity Center
- Network Intelligence Center
- Network Service Tiers
- Virtual Private Cloud
- Private Service Connect
- See all networking products
- Operations
- Cloud Logging
- Cloud Monitoring
- Error Reporting
- Managed Service for Prometheus
- Cloud Trace
- Cloud Profiler
- Cloud Quotas
- Productivity and Collaboration
- AppSheet
- AppSheet Automation
- Google Workspace
- Google Workspace Essentials
- Gemini for Workspace
- Cloud Identity
- Chrome Enterprise
- Security and Identity
- Cloud IAM
- Sensitive Data Protection
- Mandiant Managed Defense
- Google Threat Intelligence
- Security Command Center
- Cloud Key Management
- Mandiant Incident Response
- Chrome Enterprise Premium
- Assured Workloads
- Google Security Operations
- Mandiant Consulting
- See all security and identity products
- Serverless
- Cloud Run
- Cloud Functions
- App Engine
- Workflows
- API Gateway
- Storage
- Cloud Storage
- Block Storage
- Filestore
- Persistent Disk
- Cloud Storage for Firebase
- Local SSD
- Storage Transfer Service
- Parallelstore
- Google Cloud NetApp Volumes
- Backup and DR Service
- Web3
- Blockchain Node Engine
- Blockchain RPC
- Save money with our transparent approach to pricing
- Request a quote
- Pricing overview and tools
- Google Cloud pricing
- Pricing calculator
- Google Cloud free tier
- Cost optimization framework
- Cost management tools
- Product-specific Pricing
- Compute Engine
- Cloud SQL
- Google Kubernetes Engine
- Cloud Storage
- BigQuery
- See full price list with 100+ products
- Learn & build
- Google Cloud Free Program
- Solution Generator
- Quickstarts
- Blog
- Learning Hub
- Google Cloud certification
- Cloud computing basics
- Cloud Architecture Center
- Connect
- Innovators
- Developer Center
- Events and webinars
- Google Cloud Community
- Consulting and Partners
- Google Cloud Consulting
- Google Cloud Marketplace
- Google Cloud partners
- Become a partner