gcloud secrets create always fails with “INVALID_ARGUMENT: The provided Project ID ... does not match the expected format [projects/*]”

I'm trying to create a new secret in Google Cloud Secret Manager using the ⁠gcloud CLI, but I always get the following error:

echo -n "my-secret-value" | gcloud --project=[MY_PROJECT_ID] secrets create MY_SECRET --data-file=-

or

gcloud config set project [MY_PROJECT_ID]
echo -n "my-secret-value" | gcloud secrets create MY_SECRET --data-file=-

ERROR: (gcloud.secrets.create) INVALID_ARGUMENT: The provided Project ID [projects/[MY_PROJECT_ID]/locations/[MY_REGION]] does not match the expected format [projects/*]

More context

• My project ID is a simple string (e.g. ⁠my-project-123), not a full resource path.
• My region is a valid region (e.g. ⁠europe-west1).
• I have tried both using the ⁠--project flag and setting the project globally with ⁠gcloud config set project [MY_PROJECT_ID].
• I have updated my gcloud CLI to the latest version and re-authenticated with ⁠gcloud auth login.
• I have tried both variable and hardcoded values.

Extra step to assure project is correct

When I run the following command, it returns the correct project number, confirming that my project ID is valid:

gcloud projects describe [MY_PROJECT_ID] --format="value(projectNumber)"

Creating a secret via the Cloud Console UI works fine.

Set the api_endpoint_overrides/secretmanager property to the regional endpoint using this command:

gcloud config set api_endpoint_overrides/secretmanager https://secretmanager.<region>.rep.googleapis.com/

OR

export CLOUDSDK_API_ENDPOINT_OVERRIDES_SECRETMANAGER=https://secretmanager.<region>.rep.googleapis.com/

Also, replication policy must be specified using the --replication-policy flag during secret creation.

gcloud secrets create SECRET_ID \
--replication-policy="REPLICATION_POLICY"

To select the right replication policy for your secret, see Choose a Replication policy.