google-cloud-platform migration google-kubernetes-engine kubernetes-secrets google-secret-manager

Migrating GKE Secrets to Secret Manager

I was wondering if there are any migration guides for migrating from GKE Secrets to the Secret Manager API?

Solution

I'm not aware of any existing guides for doing this.

Basically, you'll need to

recreate all of your secrets in Secret Manager
modify your application code to use the Secrets Manager API to access the secrets
ensure you have Workload Identity enabled for your cluster
make sure your pod(s) use a identity with access to Secrets Manager.
assuming everything above works, delete your existing Secrets

How to configure google load balancer to route to cloud run service using url mask but strip service from url
Datastore export logic in Java
Does snapshot size is less than actual disk size even disk is full in google cloud?
Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
GA4 Data Not Retained for More Than 60 Days Despite BigQuery Table Expiration Set to 'Never
Firebase Firestore: Accessing Never-Retrieved Data Offline
How to write a REGEXP_EXTRACT expression in Google Cloud Logging config json?
Why does my GKE cluster not show any events?
Python to get billing info from Gcloud
Google Cloud: sign a JWT while impersonating a service account
Google recaptcha enterprise: Your default credentials were not found
Firebase Admin SDK cant upload to storage bucket folder
Accessing Firestore via Cloud Function
Problem with executing asynchronous Cloud Function
do you need to create a separate collection/document for reading an aggregated document with firebase cloud function
httpsCallable is not a function when calling a Firebase function
Google Cloud Eventarc: Receive events via Pub/Sub directly
Android Studio's project gradle file changed?
How to listen to button triggers using Firebase
gcloud auth login throwing error: gcloud crashed (ConnectionError): HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded
Google Cloud Build Error: build step 0 "gcr.io/cloud-builders/docker" failed: step exited with non-zero status: 1
Terraform - GCP - Import project IAM member
Choosing fields to return with Places API (new) client library
Deploy to Update version of Gmail App Script Extension
Getting random "User not found in file /etc/passwd" error on Cloud Run Job
Change time format in GCP Logs Explorer
Deploying to Cloud Run with a custom service account failed with iam.serviceaccounts.actAs error
Deploying a pelican site to Google Cloud Run with Dockerfile not working
Is there a good explanation of resource labels versus metric labels?
Why do I set the resource type when writing the metric but not when creating a descriptor?