User Guides

Secrets

LaunchFlow secrets allow you to easily reference sensitive information such as API keys, passwords, and private keys in your code without exposing them in your codebase.

For GCP LaunchFlow Environments, you can use launchflow.gcp.SecretManagerSecret to create a secret:

1
import launchflow as lf
2
3
api_key = lf.gcp.SecretManagerSecret("api-key")

Then run launchflow create to create the container for your secret. Once the container is created, you can set the value with the launchflow secrets set CLI command:

1
launchflow secrets set api-key <secret-value>

Once you've run this you can access the secret in your code by calling the version method on the secret object.

1
from app.infra import api_key
2
3
api_key.version()

In addition to using the launchflow secrets set method you can also set versions directly in the AWS or GCP console, or use the add_version method of your secrets resource.

1
from app.infra import api_key
2
3
api_key.add_version("my-api-key")
Previous
Environments