GCP Secret Manager
Fetch secrets from Google Cloud Secret Manager to use as variables in your API requests.
Prerequisites
- Google Cloud project with Secret Manager API enabled
- Service account with Secret Manager access
- Service account JSON key file
- A secret stored in GCP Secret Manager
Configuration
- Go to Settings > Secret Providers
- Click Add Provider
- Select GCP
- Fill in the configuration:
| Field | Description |
|---|---|
| Name | Display name for this provider |
| Project ID | Your GCP project ID |
| Credentials JSON | Service account JSON key (paste the entire content) |
| Secret Name | Name of the secret |
- Click Test Connection to verify credentials
- Click Save
Secret Format
Secrets can be stored as JSON key-value pairs:
{
"API_KEY": "sk-xxx",
"DATABASE_URL": "postgres://user:pass@host:5432/db",
"FIREBASE_KEY": "your-firebase-key"
}
Each key becomes a variable you can use as {{API_KEY}}, {{DATABASE_URL}}, etc.
If your secret is a plain string (not JSON), it will be available using the secret name as the variable name.
IAM Role
Grant the service account the Secret Manager Secret Accessor role:
roles/secretmanager.secretAccessor
Or create a custom role with:
secretmanager.versions.access
Creating a Service Account
- Go to IAM & Admin > Service Accounts in GCP Console
- Click Create Service Account
- Name it (e.g.,
istek-secrets-reader) - Grant the
Secret Manager Secret Accessorrole - Click Create Key > JSON
- Download and paste the JSON content into Istek
Usage
Once configured, click Fetch Secrets to load the secrets. They will be available as variables in your requests:
GET {{API_URL}}/users
X-API-Key: {{API_KEY}}