Google Cloud offers a range of technologies and some of them are used to run Passwd. Learn why we chose them and how you benefit from them.
At Passwd, we use the following Google Cloud technologies:
- Cloud Run
- Cloud Storage (GCS)
- Firestore
- Key Management Service (KMS)
- Cloud Build
- Cloud Functions
- Source Repositories
Each of these technologies has a specific role in the workings of Passwd. Since Passwd runs on your own Google Cloud Platform, it’s good to have at least basic knowledge of how they work.
How Google Cloud technologies and Passwd work together?
How the two communicate?
Let’s start at the beginning: the installation. When we deploy Passwd to your cloud, we first upgrade version information in our internal repository and then push it to your repository hosted in your Source Repository in your own Google Cloud project. This is the only part of your Google Cloud project we ever have access to, and it also later enables us to upgrade your version of Passwd.
When we push a new version, triggers in the Cloud Build recognize that and start the build. The build checks the status of the required APIs and activates them in case they are not active. After that, it checks the status of the KMS and other necessary configurations and updates them if needed. When all checks pass and potential issues are resolved, we deploy the backend to Cloud Run and copy the bundled frontend from our bucket to yours together with the appropriate configuration for your project.
How does Passwd work?
With this, we have deployed a new version of Passwd. But how does Passwd itself work? Let’s start with the frontend. It is hosted in the GCS bucket and configured to act as a website. And that is all for frontend :).
The backend is not as simple as the frontend. It runs in the Cloud Run service, starts when needed and runs for as long as it receives traffic. This means that you don’t have to pay for the time when you are not using Passwd (typically during off-hours).
For storing your passwords, Passwd backend uses Firestore database, but we don’t keep the passwords in plain text. That wouldn’t be safe. Instead, our backend uses the Key Management Service, from which it gets cryptographically secure keys to encrypt your data and stores it only once they are encrypted.
We also use Cloud Functions, which are triggered periodically, to back up your database in case an accident occurs.
Want to know more?
Get more information about the individual price of the Google Cloud Platform. Read how the installation process works. Learn more about the Passwd architecture.