GCP Certificate Manager (GCM) is a Google Cloud service for centrally managing TLS/SSL certificates at scale, simplifying their acquisition, deployment, and renewal for Google Cloud services, supporting both Google-managed certificates and self-managed certificates imported into it.
The GCP Certificate Manager plugin:
- Connects to your GCP account using Service account key and IAM permissions.
- Discovers all X.509 SSL/TLS certificates stored in GCM within a specified GCP region.
- Public Certificates—Free SSL/TLS certificates for use with GCP services such as Google Cloud load balancers by acquisition from trusted CAs. For example, Let's Encrypt or Google Trust Services.
- Private Certificates—Certificates issued through integration between Certificate Manager and a private CA pool in CA Service.
- Imported Certificates—Third-party certificates that have been imported into GCP.
- Exports certificate data in PEM format along with comprehensive metadata.
The plugin supports incremental scanning to discover only new or updated certificates since the last scan.