🚀 New! Kestra raises $3 million to grow Learn more

This integration will store secrets in Google Secret Manager. Kestra authentication must have roles/secretmanager.admin permission.


You can authenticate the Secrets Manager with Google Cloud in multiple ways:

  • By setting the serviceAccount property that must contain the contents of the service account JSON key file.
  • By setting the GOOGLE_APPLICATION_CREDENTIALS environment variable on the nodes (or server) running Kestra. It must point to a JSON credentials file. Keep in mind that you'd need to use the same variable on all worker nodes and that this authentication method can cause some security concerns.
  • If none is set, the default service account will be used.
      project: kestra-unit-test
      serviceAccount: 'JSON content of the service account'

Others configurations


Google Cloud project ID that Kestra will use.


Optional. All key handled by kestra will be prefixed with this. Can be useful to share the same secret manager between Kestra instances.