{
	"id": "c6c38258-0151-4d5d-be5e-3135a2935c5a",
	"created_at": "2026-04-06T01:31:12.86267Z",
	"updated_at": "2026-04-10T03:20:54.504901Z",
	"deleted_at": null,
	"sha1_hash": "8a38c61de983c77d6348e1d7af2b705c1b74fdf0",
	"title": "List secrets and view secret details",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 84309,
	"plain_text": "List secrets and view secret details\r\nArchived: 2026-04-06 01:03:25 UTC\r\nIn Secret Manager, a secret acts as a container for multiple secret versions. It holds important information like\r\nlabels and rotation settings, but not the secret value itself. This page explains how to retrieve a list of all secrets\r\nwithin a project and view the metadata associated with each secret.\r\nRequired roles\r\nTo get the permissions that you need to list secrets and view secret metadata, ask your administrator to grant you\r\nthe Secret Manager Viewer ( roles/secretmanager.viewer ) IAM role on the project, folder, or organization. For\r\nmore information about granting roles, see Manage access to projects, folders, and organizations.\r\nYou might also be able to get the required permissions through custom roles or other predefined roles.\r\nTo retrieve a list of all secrets within a project, use one of the following methods:\r\n1. In the Google Cloud console, go to the Secret Manager page.\r\nGo to Secret Manager\r\n2. Check the list of secrets in the project. You can click a secret to view the secret metadata.\r\nBefore using any of the command data below, make the following replacements:\r\nExecute the following command:\r\nLinux, macOS, or Cloud Shell\r\ngcloud secrets list\r\nWindows (PowerShell)\r\ngcloud secrets list\r\nWindows (cmd.exe)\r\ngcloud secrets list\r\nThe response returns the list of secrets and their secret versions.\r\nBefore using any of the request data, make the following replacements:\r\nhttps://cloud.google.com/secret-manager/docs/view-secret-details\r\nPage 1 of 5\n\nPROJECT_ID: the Google Cloud project ID\r\nHTTP method and URL:\r\nGET https://secretmanager.googleapis.com/v1/projects/PROJECT_ID/secrets\r\nRequest JSON body:\r\n{}\r\nTo send your request, choose one of these options:\r\nSave the request body in a file named request.json , and execute the following command:\r\ncurl -X GET \\\r\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\r\n -H \"Content-Type: application/json; charset=utf-8\" \\\r\n -d @request.json \\\r\n \"https://secretmanager.googleapis.com/v1/projects/PROJECT_ID/secrets\"\r\nSave the request body in a file named request.json , and execute the following command:\r\n$cred = gcloud auth print-access-token\r\n$headers = @{ \"Authorization\" = \"Bearer $cred\" }\r\nInvoke-WebRequest `\r\n -Method GET `\r\n -Headers $headers `\r\n -ContentType: \"application/json; charset=utf-8\" `\r\n -InFile request.json `\r\n -Uri \"https://secretmanager.googleapis.com/v1/projects/\r\nPROJECT_ID/secrets\" | Select-Object -Expand Content\r\nYou should receive a JSON response similar to the following:\r\n{\r\n \"secrets\": [\r\n {\r\n \"name\": \"projects/PROJECT_ID/locations/LOCATION/secrets/SECRET_ID\",\r\n \"createTime\": \"2024-09-02T07:14:00.281541Z\",\r\n \"etag\": \"\\\"16211daf5f29c5\\\"\"\r\n },\r\n ],\r\n \"totalSize\": 1\r\nhttps://cloud.google.com/secret-manager/docs/view-secret-details\r\nPage 2 of 5\n\n}\r\nTo run this code, first set up a C# development environment and install the Secret Manager C# SDK. On Compute\r\nEngine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Go development environment and install the Secret Manager Go SDK. On Compute\r\nEngine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Java development environment and install the Secret Manager Java SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Node.js development environment and install the Secret Manager Node.js SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first learn about using PHP on Google Cloud and install the Secret Manager PHP SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Python development environment and install the Secret Manager Python SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Ruby development environment and install the Secret Manager Ruby SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nView secret details\r\nTo view a secret's metadata, use one of the following methods:\r\n1. In the Google Cloud console, go to the Secret Manager page.\r\nGo to Secret Manager\r\n2. Click the secret whose details you want to view.\r\n3. On the secret details page, click the Overview tab. This tab displays the general details and metadata\r\nassociated with the secret.\r\nBefore using any of the command data below, make the following replacements:\r\nSECRET_ID: the ID of the secret\r\nExecute the following command:\r\nLinux, macOS, or Cloud Shell\r\ngcloud secrets describe SECRET_ID\r\nhttps://cloud.google.com/secret-manager/docs/view-secret-details\r\nPage 3 of 5\n\nWindows (PowerShell)\r\ngcloud secrets describe SECRET_ID\r\nWindows (cmd.exe)\r\ngcloud secrets describe SECRET_ID\r\nThe response returns the secret.\r\nBefore using any of the request data, make the following replacements:\r\nPROJECT_ID: the Google Cloud project ID\r\nSECRET_ID: the ID of the secret\r\nHTTP method and URL:\r\nGET https://secretmanager.googleapis.com/v1/projects/PROJECT_ID/secrets/SECRET_ID\r\nRequest JSON body:\r\n{}\r\nTo send your request, choose one of these options:\r\nSave the request body in a file named request.json , and execute the following command:\r\ncurl -X GET \\\r\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\r\n -H \"Content-Type: application/json; charset=utf-8\" \\\r\n -d @request.json \\\r\n \"https://secretmanager.googleapis.com/v1/projects/PROJECT_ID/secrets/SECRET_ID\"\r\nSave the request body in a file named request.json , and execute the following command:\r\n$cred = gcloud auth print-access-token\r\n$headers = @{ \"Authorization\" = \"Bearer $cred\" }\r\nInvoke-WebRequest `\r\n -Method GET `\r\n -Headers $headers `\r\n -ContentType: \"application/json; charset=utf-8\" `\r\nhttps://cloud.google.com/secret-manager/docs/view-secret-details\r\nPage 4 of 5\n\n-InFile request.json `\r\n -Uri \"https://secretmanager.googleapis.com/v1/projects/\r\nPROJECT_ID/secrets/SECRET_ID\" | Select-Object -Expand Content\r\nYou should receive a JSON response similar to the following:\r\n{\r\n \"name\": \"projects/PROJECT_ID/locations/LOCATION/secrets/SECRET_ID\",\r\n \"createTime\": \"2024-09-02T07:14:00.281541Z\",\r\n \"etag\": \"\\\"16211daf5f29c5\\\"\"\r\n}\r\nTo run this code, first set up a C# development environment and install the Secret Manager C# SDK. On Compute\r\nEngine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Go development environment and install the Secret Manager Go SDK. On Compute\r\nEngine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Java development environment and install the Secret Manager Java SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Node.js development environment and install the Secret Manager Node.js SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first learn about using PHP on Google Cloud and install the Secret Manager PHP SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Python development environment and install the Secret Manager Python SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nTo run this code, first set up a Ruby development environment and install the Secret Manager Ruby SDK. On\r\nCompute Engine or GKE, you must authenticate with the cloud-platform scope.\r\nWhat's next\r\nLearn how to edit secrets.\r\nLearn how to set up rotation schedules for secrets.\r\nLearn how to set up notifications on a secret.\r\nSource: https://cloud.google.com/secret-manager/docs/view-secret-details\r\nhttps://cloud.google.com/secret-manager/docs/view-secret-details\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://cloud.google.com/secret-manager/docs/view-secret-details"
	],
	"report_names": [
		"view-secret-details"
	],
	"threat_actors": [],
	"ts_created_at": 1775439072,
	"ts_updated_at": 1775791254,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/8a38c61de983c77d6348e1d7af2b705c1b74fdf0.pdf",
		"text": "https://archive.orkl.eu/8a38c61de983c77d6348e1d7af2b705c1b74fdf0.txt",
		"img": "https://archive.orkl.eu/8a38c61de983c77d6348e1d7af2b705c1b74fdf0.jpg"
	}
}