My projects are based on Google Cloud Platform and over the years I've used two different approaches:
Encrypt .env files and store them in the git repo. Manage encryption keys via Cloud KMS. This approach has an advantage that secrets are stored with the code and it's easy to distribute them.
Use Secret Manager to store arbitrary (.env, .json) configurations and pull those directly from google. This way it's easier to rotate the configurations and it provides audit logs for secrets access.
If all the secrets are used together, then I'd store them together in one configuration. Unless there is some complex requirement for rotating individual keys - in this case having separate secrets makes managing their versions easier.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
My projects are based on Google Cloud Platform and over the years I've used two different approaches:
Denis - regarding #2, curious if you see advantages/disadvantages to storing complete configurations vs. individual distinct secrets?
If all the secrets are used together, then I'd store them together in one configuration. Unless there is some complex requirement for rotating individual keys - in this case having separate secrets makes managing their versions easier.