Manage and use secrets in Grafana Cloud k6
Manage and use secrets in Grafana Cloud k6
We’re excited to announce the public preview of Secrets Management for Grafana Cloud k6, a new feature that lets you securely store and use sensitive values in your performance tests. If your tests rely on API tokens, credentials, or any other confidential data, you no longer need to hardcode them into your scripts or pass them around manually.
With Secrets Management, secrets are stored centrally in Grafana Cloud and injected into your tests at runtime. This keeps your scripts more secure, avoids accidental leaks in version control, and makes it easier to reuse the same test across environments. Instead of managing secrets externally or relying on environment variables in ad hoc ways, you now have a built-in, consistent solution.
Here’s an example script that imports the k6/secrets module, and retrieves an API token secret:
import check from "k6";
import http from 'k6/http';
import secrets from 'k6/secrets';
export default async function main () {
const apiToken = await secrets.get('api-token');
const headers = {
Authorization: `Bearer ${apiToken}`,
};
console.log("Headers: " + JSON.stringify(headers))
let res = http.get('https://example.com/api', {headers: headers});
check(res, { "get executions status is 200": (res) => res.status === 200 });
}To learn more, watch this video or refer to the Secrets Management documentation.
