Displaying 1 to 20 from 22 results

git-secret - :busts_in_silhouette: A bash-tool to store your private data inside a git repository.

  •    Shell

git-secret is a bash tool which stores private data inside a git repo. git-secret encrypts tracked files with public keys for users whom you trust using gpg, allowing permitted users to access encrypted data using their secret keys. With git-secret, changes to access rights are made easy and private-public key issues are handled for you. Passwords do not need to be changed with git-secret when someone's permission is revoked - just remove their key from the keychain using git secret killperson their@email.com, and re-encrypt the files, and they won't be able to decrypt secrets anymore. It also supports apt and yum. You can also use make if you want to. See the installation section for the details.

EnvKey - Protect API keys and credentials, Keep configuration in sync everywhere.

  •    Javascript

This is EnvKey's cross-platform native application. It supports Mac, Windows, and Linux. EnvKey is an end-to-end encrypted secrets and configuration management tool. It keeps your configuration securely and automatically in sync for all your developers and servers.

envkey-node - EnvKey's official Node.js client library

  •    Javascript

Integrate EnvKey with your Node.js projects to keep api keys, credentials, and other configuration securely and automatically in sync for developers and servers.Generate an ENVKEY in the EnvKey App. Then set ENVKEY=..., either in a gitignored .env file in the root of your project (in development) or in an environment variable (on servers).

envkey-source - Set OS-level shell environment variables with EnvKey

  •    Go

Integrate EnvKey with any language, either in development or on a server, by making your configuration available through the shell as environment variables.envkey-source compiles into a simple static binary with no dependencies, which makes installation a simple matter of fetching the right binary for your platform and putting it in your PATH. An install.sh script is available to simplify this.

ecs-secrets - Runtime secrets management solution for ECS using Task IAM Roles

  •    Go

Containerized applications frequently need access to sensitive information at runtime such as API keys, passwords, certificates etc (aka secrets). Handling such secrets is a challenging and recurring problem for Docker containers. ECS customers also come up against this issue and there's a need to provide a mechanism for delivering secrets securely to such containerized applications.The How to Manage Secrets for Amazon EC2 Container Service–Based Applications by Using Amazon S3 and Docker blog documents how you could store secrets in an Amazon S3 bucket and use AWS Identity and Management (IAM) roles to grant access to those stored secrets. The Managing Secrets for Amazon ECS Applications Using Parameter Store and IAM Roles for Tasks blog illustrates how the EC2 SSM Parameter Store can be used to do the same. The ecs-secrets tool takes an alternative approach of using the AWS Key Management Service (KMS) to encrypt and decrypt secrets stored in Amazon DynamoDB service and use IAM roles for ECS Tasks to control access to these secrets.

helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere

  •    Shell

Developed and used in all environments in BaseCRM. We store secrets and values in helm_vars dir structure just like in this repository example dir. All this data versioned in GIT. Working in teams on multiple projects/regions/envs and multiple secrets files at once. We have Makefile in our Helm charts repo to simplify install helm-secrets plugin with helm and other stuff we use. Same Makefile used to rebuild all helm charts with dependencies and some other everyday helpers. Encrypting, Decrypting, Editing secrets on local clones, making #PR's and storing this in our helm charts repo encrypted with PGP, AWS KMS and GCP KMS. Deploying using helm-wrapper from local or from CI with same charts and secrets/values from GIT repository.

cryptr - Cryptr: a GUI for Hashicorp's Vault

  •    HTML

Cryptr is a GUI for Hashicorp's Vault. Using Cryptr, a user may easily interact with their Vault instance's API: reading, creating, and modifying secrets with ease.

secretary - Secrets management for dynamic environments

  •    Go

Secretary helps solve the problem of secrets distribution and authorization in highly dynamic container and VM environments. NaCL and AWS Key Management Service (KMS) are supported crypto backends and can be mixed freely. In a standalone setup the secretary client performs decryption using either local NaCL keys or by calling the AWS Key Management Service.

Vault.NET - .NET API client for vault

  •    CSharp

Vault.NET is an .NET API client for the interacting with Vault. This is a port of the go api client and provides generic methods for interacting with the paths in Vault. Many request/response objects are provided in this package to support different backends. This is in no way an exhaustive list of all the objects. Since the models are the things that are going to most likely change between versions of vault, it may make sense to make your own to service your needs. These may get split into a seperate Nuget package in the future.

valec - Handle application secrets securely

  •    Go

Valec is a CLI tool to handle application secrets securely using AWS DynamoDB and KMS. Valec enables you to manage application secrets in your favorite VCS. Set up DynamoDB and KMS (first time only).

conjur - CyberArk Conjur automatically secures secrets used by privileged users and machine identities

  •    Ruby

Note: our badges and social media buttons never track you. We welcome contributions of all kinds to Conjur. See our contributing guide.

SecretServer - Secret Server PowerShell Module

  •    PowerShell

This is a PowerShell module for working with Thycotic Secret Server's web services. If you use this module, check in every so often, there will be regular updates.

strongbox - A secret manager for AWS

  •    Java

Strongbox is a CLI/GUI and SDK to manage, store, and retrieve secrets (access tokens, encryption keys, private certificates, etc). Strongbox is a client-side convenience layer on top of AWS KMS, DynamoDB and IAM. It manages the AWS resources for you and configure them in a secure way. Strongbox has been used in production since mid-2016 and is now used extensively within Schibsted.

seconfig - super easy encrypted config

  •    Go

Create and initialize a config struct with data. You make your own Config type with its own fields. Marshal and encrypt the config struct into a slice of encrypted bytes.

jackson - Pythonic way of keeping secrets secure in JSON

  •    Python

Have you ever used JSON as your config? Have you keep secrets in config as plain text, that you dont want to? Then this is the right tool for you. JackSON is the simple and flexible file extension of JSON file types written in python (in less than 50 lines of code), this extension allows the users to keep their secrets in environment variables and pass the reference to those environment variables into the JSON file(jackson). The secrets in the environment variables will be read securely in to the in memory dict. Example JackSON config file.

marathon-vault-plugin - Marathon plugin which injects Vault secrets via environment variables

  •    Scala

Plugin for Marathon which injects secrets stored in Vault via environment variables. If the provided Vault path or field is not found, the environment variable will not be set. The same applies when it cannot be read because of permissions or other types of errors. Either way, it will be logged as an error in Marathon logs.

kube-vault-controller - Claim secrets from Vault for use in Kubernetes.

  •    Go

Claim secrets from Vault for use in Kubernetes. Install with helm: (chart), or kubectl: templates.