Displaying 1 to 20 from 28 results

Confidant - Your Secret Keeper. Stores secrets in DynamoDB, encrypted at rest.

  •    Python

Confidant is a open source secret management service that provides user-friendly storage and access to secrets in a secure way, from the developers at Lyft. Confidant stores secrets in an append-only way in DynamoDB, generating a unique KMS data key for every revision of every secret, using Fernet symmetric authenticated cryptography.

kamus - An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications

  •    CSharp

An open source, GitOps, zero-trust secrets encryption and decryption solution for Kubernetes applications. Kamus enable users to easily encrypt secrets than can be decrypted only by the application running on Kubernetes. The encryption is done using strong encryption providers (currently supported: Azure KeyVault, Google Cloud KMS and AES). To learn more about Kamus, check out the blog post and slides. If you're running Kamus locally the Kamus URL will be like http://localhost:<port>. So you need to add --allow-insecure-url flag to enable http protocol.




helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere

  •    Shell

Developed and used in all environments in BaseCRM. We store secrets and values in helm_vars dir structure just like in this repository example dir. All this data versioned in GIT. Working in teams on multiple projects/regions/envs and multiple secrets files at once. We have Makefile in our Helm charts repo to simplify install helm-secrets plugin with helm and other stuff we use. Same Makefile used to rebuild all helm charts with dependencies and some other everyday helpers. Encrypting, Decrypting, Editing secrets on local clones, making #PR's and storing this in our helm charts repo encrypted with PGP, AWS KMS and GCP KMS. Deploying using helm-wrapper from local or from CI with same charts and secrets/values from GIT repository.

node-s3-encryption-client - Node.js implementation of the KMS Envelope Encryption for AWS S3

  •    Javascript

The Amazon S3 Encryption Client (http://docs.aws.amazon.com/kms/latest/developerguide/services-s3.html#sse-client) currently only exists for Java and Ruby. This library implements KMS envelope encryption (http://docs.aws.amazon.com/kms/latest/developerguide/workflow.html) for Javascript, adding an option to choose the cipher algorithm and the S3 objects encoding. It exposes getObject and putObject from the AWS S3 client, with KMS encryption options for client-side encryption. Functions exactly the same as http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#getObject-property, except that it will transparently decrypt the object if a KMS key is present in its Metadata. Additional params are as follows.

secretary - Secrets management for dynamic environments

  •    Go

Secretary helps solve the problem of secrets distribution and authorization in highly dynamic container and VM environments. NaCL and AWS Key Management Service (KMS) are supported crypto backends and can be mixed freely. In a standalone setup the secretary client performs decryption using either local NaCL keys or by calling the AWS Key Management Service.

serverless-env-generator - A Serverless 1

  •    Javascript

This plugin automatically creates a .env file during deployment by merging environment variables from one or more YAML files. During runtime these variables can then be loaded into process.env using dotenv. For a brief introduction, read our blogpost about introducing serverless-env-generator.


valec - Handle application secrets securely

  •    Go

Valec is a CLI tool to handle application secrets securely using AWS DynamoDB and KMS. Valec enables you to manage application secrets in your favorite VCS. Set up DynamoDB and KMS (first time only).

serverless-plugin-encrypted - A Serverless plugin which encrypts Lambda environment variables using an KMS key which is automatically generated for each stage

  •    Javascript

A Serverless plugin which encrypts Lambda environment variables using an KMS key which is automatically generated for each stage. The plugin will look for a KMS key with alias DEV-my-service, and create it if it does not exist. Then it will go through all environment variables within provider and each function. If it finds an entry in custom.encrypted with a matching name it will use the KMS key to encrypt the value (eg: custom.encrypted.SECRET_PASSWORD) and update the provider and function values.

KMS-activator - Windows KMS test activator. This is only for research!

  •    Batchfile

This is a community based project, which was released on MDL and got several patches from me and other people. The goal isn't to bypass Windows activation, the project is for research and to (if used) activation KMS with a legit key, it simplify the activation process. OEM installation: $oem$ folder for pre-activating the system during install. Copy $oem$ to "sources" folder in the install media (iso/usb) use SppExtComObjPatcher.cmd if you want to uninstall the project afterwards.

node-kms - node-scr

  •    Javascript

A JavaScript implementation of Key Management Service (KMS) for current web browsers and node.js-based servers. The KMS API is described in [draft-abiggs-saag-key-management-service-02]. This library uses Promises for many operations.

crypt - Universal cryptographic tool with AWS KMS, GCP KMS and Azure Key Vault support

  •    Go

Universal cryptographic tool with AWS KMS, GCP KMS and Azure Key Vault support. For binaries please visit the Releases Page.

terraform-aws-ssm-parameter-store - Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform

  •    HCL

Terraform module for providing read and write access to the AWS SSM Parameter Store. This project is part of our comprehensive "SweetOps" approach towards DevOps.

nodejs-kms-sdk - Alibaba Cloud KMS client for Node.js

  •    Javascript

alibaba cloud kms client for node.js

nodejs-kms - Node

  •    Javascript

Cloud KMS allows you to keep encryption keys in one central cloud service, for direct use by other cloud resources and applications. With Cloud KMS you are the ultimate custodian of your data, you can manage encryption in the cloud the same way you do on-premises, and you have a provable and monitorable root of trust over your data. Select or create a Cloud Platform project.

cfn-encrypt - 🔑🔐☁️ Cloudformation custom resource that enables creation of KMS encrypted strings and SSM secure parameters

  •    Python

This is the template that provision the lambda function. This is the arn of the kms key you want to use for encryption. If the key is located in another AWS account make sure that it allows the account you create the stack in Encrypt action on the key.