Menu
Is there an "official" solution for passing sensitive information, such as API keys, to Google Cloud Functions? In particular it would be nice to avoid passing this information as arguments to the function since it will be the same for every invocation. AWS Lambda has a built-in solution using encrypted environment variables for this. Is there some similar approach for Google Cloud Functions?
I could imagine using a cloud storage bucket or cloud datastore for this, but that feels very manual.
204
Because Cloud Functions can be triggered by messages on a Pub/Sub topic, you can integrate Cloud Functions with any other Google service that supports Pub/Sub as an event bus. In addition, by using HTTP triggers you can also integrate with any service that provides HTTP callbacks (webhooks).
Google Cloud Functions is a stateless execution environment, which means that the functions follow a shared-nothing architecture. Each running function is responsible for one and only one request at a time.
If you're using Cloud Functions with Firebase, you're looking for environment configuration.
With that, you deploy configuration data from the Firebase CLI:
firebase functions:config:set someservice.key="THE API KEY" someservice.id="THE CLIENT ID"
And then read it in your functions with:
functions.config().someservice.id
You can use Google Secret Manager. https://cloud.google.com/secret-manager/docs
See this article for an example: https://dev.to/googlecloud/using-secrets-in-google-cloud-functions-5aem
40
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
