git-secret is a bash tool which stores private data inside a git repo. git-secret encrypts tracked files with public keys for users whom you trust using gpg, allowing permitted users to access encrypted data using their secret keys. With git-secret, changes to access rights are made easy and private-public key issues are handled for you. Passwords do not need to be changed with git-secret when someone's permission is revoked - just remove their key from the keychain using git secret killperson their@email.com, and re-encrypt the files, and they won't be able to decrypt secrets anymore. It also supports apt and yum. You can also use make if you want to. See the installation section for the details.
git-secret git git-addons gpg encryption secret-managementThe recommended way to install ots on macOS is via Homebrew.
cli secret-management secret-sharing end-to-end-encryptionThis is EnvKey's cross-platform native application. It supports Mac, Windows, and Linux. EnvKey is an end-to-end encrypted secrets and configuration management tool. It keeps your configuration securely and automatically in sync for all your developers and servers.
configuration configuration-management secrets encryption openpgp mac react electron security security-tools devops developer-tools devops-tools secret-management password-manager password-managementKubernetes External Secrets allows you to use external secret management systems (e.g., AWS Secrets Manager) to securely add secrets in Kubernetes. Read more about the design and motivation for Kubernetes External Secrets on the GoDaddy Engineering Blog. The project extends the Kubernetes API by adding a ExternalSecrets object using Custom Resource Definition and a controller to implement the behavior of the object itself.
kubernetes secret-management secrets-management aws aws-secrets-manager kubernets sceretsNever leave your terminal to use secrets while developing, testing, and building your apps. Instead of custom scripts, tokens in your .zshrc files, visible EXPORTs in your bash history, misplaced .env.production files and more around your workstation -- just use teller and connect it to any vault, key store, or cloud service you like (Teller support Hashicorp Vault, AWS Secrets Manager, Google Secret Manager, and many more).
heroku aws vault secret-management secrets hashicorp gce cyberark conjurWraps the whole helm command. Slow on multiple value files. Run decrypted command on specific value files.
kubernetes encryption kms vault helm pgp secret-management secrets kubernetes-secrets k8s helm-charts vault-client decryption encryption-tool secrets-stored helm-plugin helm-plugins sops secrets-management helm-chartBerglas is a command line tool and library for storing and and retrieving secrets on Google Cloud. Secrets are encrypted with Cloud KMS and stored in Cloud Storage. As a CLI, berglas automates the process of encrypting, decrypting, and storing data on Google Cloud.
google-cloud gsecrets secrets-management secret-management google-cloud-storage google-cloud-kmsDue to the structure of pass, file- and directory names are not encrypted in the password store. pass-tomb provides a convenient solution to put your password store in a Tomb and then keep your password tree encrypted when you are not using it. It uses the same GPG key to encrypt passwords and tomb, therefore you don't need to manage more key or secret. Moreover, you can ask pass-tomb to automatically close your store after a given time.
password-manager secret-management tomb pass password-store pass-extension password-tomb secret-store cryptographyScan your code for security misconfigurations, search for passwords and secrets.
security nodejs webhook auth0-extend secret-management secrets password-safety serverlessA nodejs wrapper library for using HashiCorp's Vault
vault hashicorp secret-management nodejs token auth secrets vault-library vault-client secret securityIntegrate EnvKey with your Node.js projects to keep api keys, credentials, and other configuration securely and automatically in sync for developers and servers.Generate an ENVKEY in the EnvKey App. Then set ENVKEY=..., either in a gitignored .env file in the root of your project (in development) or in an environment variable (on servers).
nodejs configuration configuration-management secrets encryption security security-tools devops devops-tools developer-tools secret-management environment-variablesIntegrate EnvKey with any language, either in development or on a server, by making your configuration available through the shell as environment variables.envkey-source compiles into a simple static binary with no dependencies, which makes installation a simple matter of fetching the right binary for your platform and putting it in your PATH. An install.sh script is available to simplify this.
envkey configuration configuration-management secrets secret-management secret-sharing secret-storage encryption openpgp bash shell docker web-of-trust environment-variables devops security security-tools devops-tools developer-toolsContainerized applications frequently need access to sensitive information at runtime such as API keys, passwords, certificates etc (aka secrets). Handling such secrets is a challenging and recurring problem for Docker containers. ECS customers also come up against this issue and there's a need to provide a mechanism for delivering secrets securely to such containerized applications.The How to Manage Secrets for Amazon EC2 Container Service–Based Applications by Using Amazon S3 and Docker blog documents how you could store secrets in an Amazon S3 bucket and use AWS Identity and Management (IAM) roles to grant access to those stored secrets. The Managing Secrets for Amazon ECS Applications Using Parameter Store and IAM Roles for Tasks blog illustrates how the EC2 SSM Parameter Store can be used to do the same. The ecs-secrets tool takes an alternative approach of using the AWS Key Management Service (KMS) to encrypt and decrypt secrets stored in Amazon DynamoDB service and use IAM roles for ECS Tasks to control access to these secrets.
ecs docker secret-managementDeveloped and used in all environments in BaseCRM. We store secrets and values in helm_vars dir structure just like in this repository example dir. All this data versioned in GIT. Working in teams on multiple projects/regions/envs and multiple secrets files at once. We have Makefile in our Helm charts repo to simplify install helm-secrets plugin with helm and other stuff we use. Same Makefile used to rebuild all helm charts with dependencies and some other everyday helpers. Encrypting, Decrypting, Editing secrets on local clones, making #PR's and storing this in our helm charts repo encrypted with PGP, AWS KMS and GCP KMS. Deploying using helm-wrapper from local or from CI with same charts and secrets/values from GIT repository.
helm helm-plugin kubernetes k8s helm-charts kubernetes-secrets sops pgp kms encryption-tool encryption decryption secret-management secrets secrets-storedCryptr is a GUI for Hashicorp's Vault. Using Cryptr, a user may easily interact with their Vault instance's API: reading, creating, and modifying secrets with ease.
vault hashicorp hashicorp-vault gui password-manager passwords secrets secret-management secret-storageSecretary helps solve the problem of secrets distribution and authorization in highly dynamic container and VM environments. NaCL and AWS Key Management Service (KMS) are supported crypto backends and can be mixed freely. In a standalone setup the secretary client performs decryption using either local NaCL keys or by calling the AWS Key Management Service.
encrypt-secrets decrypt-secrets docker-image docker container secrets secret-management kmsFor github token you only need read:org permissions.
secret vault cli ruby-gem hashicorp-vault secrets secret-managementVault.NET is an .NET API client for the interacting with Vault. This is a port of the go api client and provides generic methods for interacting with the paths in Vault. Many request/response objects are provided in this package to support different backends. This is in no way an exhaustive list of all the objects. Since the models are the things that are going to most likely change between versions of vault, it may make sense to make your own to service your needs. These may get split into a seperate Nuget package in the future.
vault secret-management vault-server vault-api hashicorp hashicorp-vaultValec is a CLI tool to handle application secrets securely using AWS DynamoDB and KMS. Valec enables you to manage application secrets in your favorite VCS. Set up DynamoDB and KMS (first time only).
aws secret-management secrets dynamodb kmsNote: our badges and social media buttons never track you. We welcome contributions of all kinds to Conjur. See our contributing guide.
secret-management secret-distribution machine-identity
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.