Show HN: Infisical – open-source secrets manager

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
secrets-management secret-management google-cloud CLI gsecrets

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • infisical

    ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.

    • Last month, we open-sourced Infisical (https://github.com/Infisical/infisical) - a simple, end-to-end encrypted tool to sync environment variables across your team and infrastructure. You can use it to store environment variables and inject them into your applications locally or into CI/CD and production infrastructure. It can be used with any language/framework and is platform independent with a super easy setup.

    We know secret managers exist but, in our experience, they’re too complicated, not comprehensive, not user-friendly, or a mix of all three — other nicer ones are closed-source and don’t have self-hosted options available. That’s why we’re on a mission to make secret management more accessible to every developer — not just security teams.

    We’ve launched this repo under the MIT license so any developer can use the tool. The goal is to not charge individual developers. We make money by charging a license fee for some future enterprise features as well as providing a hosted version and support.

    In the coming weeks, we plan to add features like key rotation, access logs + more integrations. We’d love to hear your thoughts and any feature requests!

    Give it a try (https://github.com/Infisical/infisical), and let us know what you think!

    Main website: https://infisical.com/

  • berglas

    A tool for managing secrets on Google Cloud

    • This looks great! But after looking through the docs and Github, I don't know what the architecture is beyond there is a CLI and a browser UI that interact with some sort of central service.

    The main thing stopping me from using Vault is that it can become a central point of failure. If the cloud provider secret managers are down then its likely that something else in the cloud is having major issues as well so from an uptime perspective and easy of operations that has always seemed a safe approach, although the pricing is kind of outrageous. But just storing (e2e encrypted, etc) in cloud object storage is also an option. Berglass for example gives the option of storing in the secret manager or in cloud storage directly: https://github.com/GoogleCloudPlatform/berglas

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts