Complete the code to create a new secret in Google Cloud Secret Manager.
gcloud secrets create [1] --replication-policy="automatic"
The command creates a secret named my-secret with automatic replication.
Complete the code to add a new version of the secret with the content from a file.
gcloud secrets versions add [1] --data-file=credentials.jsonThis command adds a new version to the secret named my-secret using the file credentials.json.
Fix the error in the command to access the latest secret version.
gcloud secrets versions access [1] --secret=my-secretThe keyword latest is used to access the most recent version of the secret.
Fill both blanks to grant the Secret Manager Accessor role to a service account.
gcloud projects add-iam-policy-binding [1] --member='serviceAccount:[2]' --role='roles/secretmanager.secretAccessor'
The command grants the Secret Manager Accessor role to the specified service account in the project my-project-id.
Fill all three blanks to retrieve the secret value in a Python script using the Secret Manager client.
from google.cloud import secretmanager client = secretmanager.SecretManagerServiceClient() name = client.secret_version_path([1], [2], [3]) response = client.access_secret_version(name=name) secret = response.payload.data.decode('UTF-8')
The secret_version_path method requires the project ID, secret name, and version (usually 'latest').