Google Secret Manager gives 403 from GAE but works locally (with same credentials)

Question

I\'m developing a webapp in Python3 for AppEngine. I\'ve got various api keys stored in Secret Manager, and running locally with the credentials for my App Engine default se