We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
Confidant - Your Secret Keeper. Stores secrets in DynamoDB, encrypted at rest.
- 1067
Confidant is a open source secret management service that provides user-friendly storage and access to secrets in a secure way, from the developers at Lyft. Confidant stores secrets in an append-only way in DynamoDB, generating a unique KMS data key for every revision of every secret, using Fernet symmetric authenticated cryptography.
http://lyft.github.io/confidant/https://github.com/lyft/confidant
| Tags | secret-store password-management certificate-management tokens certificate secret aws kms |
| Implementation | Python |
| License | Apache |
| Platform | Windows Linux |
Related Projects
Vault - A tool for managing secrets
Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Vault presents a unified API to access multiple backends: HSMs, AWS IAM, SQL databases, raw key/value, and more.
secret-store password-management certificate-management tokens certificate secretKeywhiz - A system for distributing and managing secrets
Keywhiz is a system for managing and distributing secrets. Keywhiz servers in a cluster centrally store secrets encrypted in a database. Clients use mutually authenticated TLS (mTLS) to retrieve secrets they have access to. Authenticated users administer Keywhiz via CLI or web app UI. To enable workflows, Keywhiz has automation APIs over mTLS and support for simple secret generation plugins.
secret-store password-management certificate-management tokens certificate secretteller - A secrets management tool for developers built in Go - never leave your command line for secrets
Never leave your terminal to use secrets while developing, testing, and building your apps. Instead of custom scripts, tokens in your .zshrc files, visible EXPORTs in your bash history, misplaced .env.production files and more around your workstation -- just use teller and connect it to any vault, key store, or cloud service you like (Teller support Hashicorp Vault, AWS Secrets Manager, Google Secret Manager, and many more).
heroku aws vault secret-management secrets hashicorp gce cyberark conjurpass-tomb - A pass extension that helps you to keep the whole tree of password encrypted inside a tomb
Due to the structure of pass, file- and directory names are not encrypted in the password store. pass-tomb provides a convenient solution to put your password store in a Tomb and then keep your password tree encrypted when you are not using it. It uses the same GPG key to encrypt passwords and tomb, therefore you don't need to manage more key or secret. Moreover, you can ask pass-tomb to automatically close your store after a given time.
password-manager secret-management tomb pass password-store pass-extension password-tomb secret-store cryptographysops-nix - Atomic secret provisioning for NixOS based on sops
Atomic secret provisioning for NixOS based on sops. Sops-nix decrypts secrets sops files on the target machine to files specified in the NixOS configuration at activation time. It also adjusts file permissions/owner/group. It uses either host ssh keys or GPG keys for decryption. In future we will also support cloud key management APIs such as AWS KMS, GCP KMS, Azure Key Vault or Hashicorp's vault.
nixops nixos sops kropsSOPS: Simple and flexible tool for managing secrets
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault and PGP.
security secret-distribution devops aws pgp secret-store vaultOpenxpki - Manage Keys and Certificate
The OpenXPKI project has the vision to publish a software stack that provides all necessary components to manage keys and certificates primarily based on the X509v3 cryptography standard.
certificate-store certificate-management key-management secure-store pkiDogtag - Certificate System
The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more. It supports Certificate issuance, revocation, and retrieval, Certificate Revocation List (CRL) generation and publishing, Encryption key archival and recovery and lot more.
certificate-authority certificate certificate-management pki cryptography securitykubernetes-external-secrets - 💂 Kubernetes External Secrets
Kubernetes External Secrets allows you to use external secret management systems (e.g., AWS Secrets Manager) to securely add secrets in Kubernetes. Read more about the design and motivation for Kubernetes External Secrets on the GoDaddy Engineering Blog. The project extends the Kubernetes API by adding a ExternalSecrets object using Custom Resource Definition and a controller to implement the behavior of the object itself.
kubernetes secret-management secrets-management aws aws-secrets-manager kubernets sceretsgit-secret - :busts_in_silhouette: A bash-tool to store your private data inside a git repository.
git-secret is a bash tool which stores private data inside a git repo. git-secret encrypts tracked files with public keys for users whom you trust using gpg, allowing permitted users to access encrypted data using their secret keys. With git-secret, changes to access rights are made easy and private-public key issues are handled for you. Passwords do not need to be changed with git-secret when someone's permission is revoked - just remove their key from the keychain using git secret killperson their@email.com, and re-encrypt the files, and they won't be able to decrypt secrets anymore. It also supports apt and yum. You can also use make if you want to. See the installation section for the details.
git-secret git git-addons gpg encryption secret-managementhelm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere
Wraps the whole helm command. Slow on multiple value files. Run decrypted command on specific value files.
kubernetes encryption kms vault helm pgp secret-management secrets kubernetes-secrets k8s helm-charts vault-client decryption encryption-tool secrets-stored helm-plugin helm-plugins sops secrets-management helm-chartcertificates - 🛡️ An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere
An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. For more information and docs see the Step website and the blog post announcing Step Certificate Authority.
tls x509 certificates security security-tools certificate-authority pki caberglas - A tool for managing secrets on Google Cloud
Berglas is a command line tool and library for storing and and retrieving secrets on Google Cloud. Secrets are encrypted with Cloud KMS and stored in Cloud Storage. As a CLI, berglas automates the process of encrypting, decrypting, and storing data on Google Cloud.
google-cloud gsecrets secrets-management secret-management google-cloud-storage google-cloud-kmsssh-cert-authority - An implementation of an SSH certificate authority.
A democratic SSH certificate authority. Operators of ssh-cert-authority want to use SSH certificates to provide fine-grained access control to servers they operate, keep their certificate signing key a secret and not need to be required to get involved to actually sign certificates. A tall order.
Secret Squirrel
Secret Squirrel is a basic password management application written in Java. It uses Blowfish and SHA-384, performs password generation using the Java secure random object (fully configurable), and supports password groups.
EnvKey - Protect API keys and credentials, Keep configuration in sync everywhere.
This is EnvKey's cross-platform native application. It supports Mac, Windows, and Linux. EnvKey is an end-to-end encrypted secrets and configuration management tool. It keeps your configuration securely and automatically in sync for all your developers and servers.
configuration configuration-management secrets encryption openpgp mac react electron security security-tools devops developer-tools devops-tools secret-management password-manager password-managementKeePassX - Cross Platform Password Manager
KeePassX is an application for people with extremely high demands on secure personal data management. KeePassX saves many different information e.g. user names, passwords, urls, attachments and comments in one single database. For a better management user-defined titles and icons can be specified for each single entry. Furthermore the entries are sorted in groups, which are customizable as well. The integrated search function allows to search in a single group or the complete database. KeePassX offers a little utility for secure password generation. The password generator is very customizable, fast and easy to use. Especially someone who generates passwords frequently will appreciate this feature.
password password-manager secretcert-manager - Automatically provision and manage TLS certificates in Kubernetes
cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.
kubernetes letsencrypt tls certificate crd certificate-manager cert-manager kubernetes-toolspasscore - A self-service password management tool for Active Directory
PassCore is a very simple 1-page web application written in C#, using ASP.NET 5, Angular Material, Angular and Microsoft Directory Services. It allows users to change their Active Directory password on their own, provided the user is not disabled.PassCore does not require any configuration, as it obtains the principal context from the current domain. I wrote this because a number of people have requested several features that the original version did not have. The original version of this tool was downloaded around 8000 times in 2.5 years. My hope is that the new version continues to be just as popular. There really is no free alternative out there (that I know of) so hopefully this saves someone else some time and money.
activedirectory password-meter password self-service password-manager dotnetcore recaptcha iis ssl-certificate application-pool angular angularjs4 angularjs-material mvc5VaultSharp - A .NET Library for HashiCorp's Vault (Secret Management System)
A cross-platform .NET Library for HashiCorp's Vault - A Secret Management System.
dotnet-standard hashicorp-vault secret restclient vault-library vault-client vault security
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
