Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/usr/bin/env bash
gcloud services enable cloudkms.googleapis.com
KEYRING=keyring
KEY=secrets
gcloud kms keys list --location global --keyring $KEYRING
if [[ $? -ne 0 ]]; then
gcloud kms keyrings create ${KEYRING} --location global
gcloud kms keys create ${KEY} --location global \
--keyring ${KEYRING} --purpose encryption
fi
rm -f secrets.cfg.encrypted
gcloud kms encrypt --location global \
--keyring ${KEYRING} \
--key ${KEY} \
--plaintext-file secrets.cfg \
--ciphertext-file secrets.cfg.encrypted
gsutil cp sectets.cfg.encrypted gs://vault
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.