Overview
The KakaoCloud Secrets Manager service ensures a high level of security and compliance by separating sensitive information—such as API keys and database credentials that might otherwise be hardcoded in code—and securely and systematically creating, storing, and managing them centrally. Instead of hardcoding secrets in source code, you can dynamically retrieve them by calling the Secrets Manager API, which eliminates security risks caused by code exposure and centralizes secret management.
- When starting the Secrets Manager service for the first time, you must click Start Service on the service screen.
- To use the Secrets Manager service, you need the role of Project Administrator or Secrets Manager Project Manager.
Purpose and use cases
Secrets Manager is used to securely store and dynamically provide all types of secret information required by applications. It enables centralized management of database access information, external service API keys, OAuth tokens, and more.
Features
Centralized management
Secrets such as database passwords and API keys used across multiple applications can be centrally managed in one place. This eliminates security gaps and operational complexity that may arise when managing secrets in a distributed environment.
Fine-grained access control
Granular access permissions can be set based on Identity and Access Management (IAM) policies. This allows you to apply the principle of least privilege effectively by granting only secret view or management permissions to specific users or applications.
Audit and compliance support
All activities related to who accessed or modified a secret and when are logged and tracked in the Cloud Trail service. In addition, a new version is created whenever a secret is updated, allowing you to easily trace and restore to a specific point in time if issues occur.
Getting started
For detailed instructions on using the Secrets Manager service, refer to the How-to Guides documentation. If you are new to KakaoCloud, start by reviewing Getting Started with KakaoCloud.