This video demonstrates how to secure API keys for applications built with the Agent Development Kit (ADK). We start by showing how to use an environment variable for the API key, then refactor the code to integrate with Google Cloud Secret Manager. Learn why hardcoding keys or relying solely on environment variables can pose security risks. Discover the benefits of Secret Manager, including centralized management, fine-grained access control, and audit logging. We walk through the process of creating a secret, setting access permissions, and updating your application code to safely retrieve credentials at runtime.
Chapters:
0:00 – Introduction to API Key Security
0:17 – Current Method Limitations: Environment Variables
0:53 – Introducing Google Cloud Secret Manager
1:07 – Creating the Secret
1:23 – Setting Access Permissions
1:44 – Updating the Application Code
2:13 – Conclusion
Resources:
Secret Manager → http://goo.gle/4nGQNex
ADK Example with API Key → http://goo.gle/4n9GkHK
Subscribe to Google Cloud Tech → https://goo.gle/GoogleCloudTech
#GoogleCloud #SecretManager #ADK
Speakers: Aron Eidelman
Products Mentioned: Google Cloud Security
