plugins/secretstores/googlecloud/README.md
This plugin allows to retrieve token-based Google Cloud Credentials.
⭐ Telegraf v1.37.0 🏷️ cloud 💻 all
Secrets defined by a store are referenced with @{<store-id>:<secret_key>}
the Telegraf configuration. Only certain Telegraf plugins and options of
support secret stores. To see which plugins and options support
secrets, see their respective documentation (e.g.
plugins/outputs/influxdb/README.md). If the plugin's README has the
Secret store support section, it will detail which options support secret
store usage.
## Fetch tokens from Google Cloud Authentication
[[secretstores.googlecloud]]
## Unique identifier for the secret store.
## This id can later be used in plugins to reference the secrets
## in this secret store via @{<id>:token}(mandatory)
id = "googlecloud_secret"
## Path to the service account credentials file
credentials_file = "./testdata/gdch.json"
## OAuth2 scopes for the generated access token.
## Defaults to cloud-platform for service-account credentials.
## GDCH/STS users can ignore this option as only the audience
## parameter is evaluated for those credential types.
# scopes = ["https://www.googleapis.com/auth/cloud-platform"]
## Audience sent to when retrieving an STS token.
## Currently only used for GDCH auth flow
sts_audience = "https://{AUDIENCE_URL}"
[!IMPORTANT] This plugin only provides one secret with the key
token, other keys lead to errors.
This plugin only supports reading the secrets, it cannot create or modify them.
To generate a Google-Distributed-Cloud-Hosted service account credentials file check the Manage service accounts page.