metalus

This project aims to make writing Spark applications easier by abstracting the effort to assemble the driver into reusable steps and pipelines.

View project on GitHub
Documentation Home GCP Home

GCPSecretsManagerCredentialProvider

This CredentialProvider implementation extends the DefaultCredentialProvider by searching the GCP Secrets Manager for the named secret. A BasicCredential will be returned containing the string value. A projectId is required to instantiate.

Secrets Manager Formats

When creating the secret that will be used, there are several properties that will be considered. Since GCP Secrets Manager takes a single value, when storing the JSON service account key, it should be stored as JSON. The same is applicable when storing AWS keys. The data should not be encoded.