Skip to main content

Google Cloud is making it easier for developers to smuggle ‘secrets’ in their code

coding
(Image credit: Shutterstock / Gorodenkoff)

Google Cloud has announced a new integration that will help developers ensure sensitive data is not exposed in application code.

The company has melded its Secret Manager service, which provides a secure method of storing API keys, passwords and other private information, with its Cloud Code IDE extensions, designed to accelerate the development of cloud-based applications.

The integration allows developers to replace hardcoded data with so-called Secrets, a type of global object available to applications at build or runtime. This way, cloud applications can make use of the sensitive data when needed, but without leaving it exposed in the codebase.

Google Cloud Secret Manager

According to Google, the new integration will make it easier for developers to build secure applications, while also avoiding the complexities of securing sensitive data via alternative methods.

“Hardcoding sensitive configuration data, like database passwords and API keys, into strings is usually not a good idea for your codebase,” explained Abby Carey, Developer Advocate at Google Cloud.

“Today, many applications require credentials to connect to a database, API keys to invoke a service or certificates for authentication. Managing and securing access to these requests is often more complicated by secret sprawl, poor visibility or lock of integrations.”

By integrating Cloud Code and Secret Manager, Google Cloud hopes to address these common developer pain points, balancing both security and convenience.

The new functionality is now live for Cloud Code plugins, which are available for a range of different JetBrains IDEs, VS Code and Cloud Shell Editor.

Joel Khalili is a Staff Writer working across both TechRadar Pro and ITProPortal. He's interested in receiving pitches around cybersecurity, data privacy, cloud, storage, internet infrastructure, mobile, 5G and blockchain.