I'm trying to create a new secret in Google Cloud Secret Manager using the gcloud CLI, but I always get the following error:
echo -n "my-secret-value" | gcloud --project=[MY_PROJECT_ID] secrets create MY_SECRET --data-file=-
or
gcloud config set project [MY_PROJECT_ID]
echo -n "my-secret-value" | gcloud secrets create MY_SECRET --data-file=-
ERROR: (gcloud.secrets.create) INVALID_ARGUMENT: The provided Project ID [projects/[MY_PROJECT_ID]/locations/[MY_REGION]] does not match the expected format [projects/*]
When I run the following command, it returns the correct project number, confirming that my project ID is valid:
gcloud projects describe [MY_PROJECT_ID] --format="value(projectNumber)"
Creating a secret via the Cloud Console UI works fine.
Set the api_endpoint_overrides/secretmanager property to the regional endpoint using this command:
gcloud config set api_endpoint_overrides/secretmanager https://secretmanager.<region>.rep.googleapis.com/
OR
export CLOUDSDK_API_ENDPOINT_OVERRIDES_SECRETMANAGER=https://secretmanager.<region>.rep.googleapis.com/
Also, replication policy must be specified using the --replication-policy
flag during secret creation.
gcloud secrets create SECRET_ID \
--replication-policy="REPLICATION_POLICY"
To select the right replication policy for your secret, see Choose a Replication policy.