Google Cloud is making it easier for developers to smuggle ‘secrets’ in their code

Google Cloud has announced a new integration that will help developers ensure sensitive data is not exposed in application code.

The company has melded its Secret Manager service, which provides a secure method of storing API keys, passwords and other private information, with its Cloud Code IDE extensions, designed to accelerate the development of cloud-based applications.

The integration allows developers to replace hardcoded data with so-called Secrets, a type of global object available to applications at build or runtime. This way, cloud applications can make use of the sensitive data when needed, but without leaving it exposed in the codebase.

• We've built a list of the best online Python courses right now
• Here's our list of the best online JavaScript courses around
• Check out our list of the best online HTML courses available

Google Cloud Secret Manager

According to Google, the new integration will make it easier for developers to build secure applications, while also avoiding the complexities of securing sensitive data via alternative methods.

“Hardcoding sensitive configuration data, like database passwords and API keys, into strings is usually not a good idea for your codebase,” explained Abby Carey, Developer Advocate at Google Cloud.

“Today, many applications require credentials to connect to a database, API keys to invoke a service or certificates for authentication. Managing and securing access to these requests is often more complicated by secret sprawl, poor visibility or lock of integrations.”

By integrating Cloud Code and Secret Manager, Google Cloud hopes to address these common developer pain points, balancing both security and convenience.

The new functionality is now live for Cloud Code plugins, which are available for a range of different JetBrains IDEs, VS Code and Cloud Shell Editor.

• Here's our list of the best laptops for developers right now