external-secrets
External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets. (by external-secrets)
Passbolt
Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams! (by passbolt)
| external-secrets | Passbolt | |
|---|---|---|
| 23 | 40 | |
| 3,918 | 4,387 | |
| 2.0% | 1.7% | |
| 9.7 | 9.7 | |
| 4 days ago | 2 days ago | |
| Go | PHP | |
| Apache License 2.0 | GNU Affero General Public License v3.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
external-secrets
Posts with mentions or reviews of external-secrets.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-07-06.
- GKE Backup to only backup secrets?
- How to securely store configs across microservices and not commit secrets to vc
-
On AWS: Why use EKS instead of ECS?
Something I personally like about EKS is the Amazon Controllers for Kubernetes nowadays they would more preoperly be called 'operators' like the (non AWS and non AWS specific) External Secrets Operator. Essentially you delegate your cluster to create external resources elsewhere on your behalf based on annotations in your deployment.
- How do you rotate 3rd parties API keys?
-
Self-hosted Secrets Manager (or something alike)
Vault is extremely complex and heavy for my tastes, and Bitwarden Secrets Manager implementation AFAIU is not open source and not suitable for self-hosting. I like that both can be easily integrated with External Secrets for kubernetes secrets management.
-
How to Deploy and Scale Strapi on a Kubernetes Cluster 1/2
Store the Secrets in a vault like Hashicorp Vault, AWS Secrets Manager, GCP Secret Manager, etc., and then use an operator like External Secrets Operator to add them to your K8s cluster.
-
GitOps and Kubernetes – Secure Handling of Secrets
External Secrets is an operator that integrates external KMS such as Hashicorp Vault or those of the major cloud providers. It reads secrets from the external APIs and injects them into Kubernetes secrets. The operator is a new implementation after the merge of similar projects from GoDaddy and ContainerSolutions.
- Accessing ENV variables from cronjob
- How do I manage my Kubernetes secrets?
-
How do I manage Kubernetes Secrets?
I use Kubernetes-External-Secrets https://github.com/external-secrets/external-secrets with aws parameter store
Passbolt
Posts with mentions or reviews of Passbolt.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-12-08.
-
Open Source alternatives to tools you Pay for
Passbolt - Open Source Alternative to 1Password
-
Preferred password manager?
Here's another to add to the list, Passbolt. It is open source and basically built for teams and enterprise. It is design primarily with a unique security model which is based on asymmetric end-to-end encryption, with user-owned encryption keys and support easy cross functional team collaboration. Can it hosted on-prem or host it in cloud depending on your preference. Might be too much information and a tad bias as I work here but wanted you to have all the information as passbolt fits your requirement for business level password manager.
-
KeePass vs VaultWarden
Fyi there is also Passbolt.
- Has anyone tried PassBolt?
-
Self-hosted Secrets Manager (or something alike)
I currently switched from keepass to passbolt: https://www.passbolt.com/
-
Recommend me a password manager
I might be bias here as I work here but another recommendation would be passbolt. Open source password manager that is built for teams and businesses. You can either self-host or host it in the cloud, really depending on what you require and supports secure granular sharing of credentials with nested permission in just a few clicks. Its a solution that is built with security as a top priority. It supports asymmetric end-to-end encryption based on OpenPGP cryptography using both public-private key for encryption/decryption. No secret key is stored on the server side. Both the free community edition and the paid pro version are 100% open source.
-
How much of a security risk does all of our organization's passwords stored plaintext on our file server pose?
All that said...here's my shameless plug: I work for passbolt. You mentioned you have a small team, you might give it a look: https://www.passbolt.com/ there's a community edition you can install for free on the server of your choice. I'm here and happy to answer any questions.
-
What do you guys use for all your personal info?
Passbolt for passwords (backed up to KeepassX files)
-
Any suggestions for a Password Manager + Secrets Manager for small teams?
Have you checked out Passbolt? Its open source built for teams and organisations. Supports asymmetric end-to-end encryption, based on OpenPGP. Its on-prem or you can host it in cloud. You can either opt for the Pro/Enterprise version or the free community edition depending on what you need.
- LastPass says employee’s home computer was hacked and corporate vault taken | Already smarting from a breach that stole customer vaults, LastPass has more bad news.
What are some alternatives?
When comparing external-secrets and Passbolt you can also consider the following projects:
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
vaultwarden - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
vault-secrets-operator - The Vault Secrets Operator (VSO) allows Pods to consume Vault secrets natively from Kubernetes Secrets.
sysPass - Systems Password Manager
Reloader - A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!
Teampass - Collaborative Passwords Manager
kube-score - Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
Padloc - A modern, open source password manager for individuals and teams.
trousseau - Store and access your secrets the Kubernetes native way with any external KMS.
bitwarden_rs - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs [Moved to: https://github.com/dani-garcia/vaultwarden]
external-secrets vs sealed-secrets
Passbolt vs vaultwarden
external-secrets vs secrets-store-csi-driver
Passbolt vs Bitwarden
external-secrets vs vault-secrets-operator
Passbolt vs sysPass
external-secrets vs Reloader
Passbolt vs Teampass
external-secrets vs kube-score
Passbolt vs Padloc
external-secrets vs trousseau
Passbolt vs bitwarden_rs