OpenBAO (Vault open-source fork) Namespaces

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
hardware-buttons linkedin-bot template-engine-js

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  1. openbao

    OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.

    Not without community involvement :-)

    Horizontal scalability and disaster recovery is one of the next larger features on our mind. We won't use the architecture of Performance Secondaries, and likely will transparently upgrade (existing) Standby nodes to become read-scalable. Local storage is interesting, but brings with it additional complexity that few need. Better to use namespaces with distinct storage backends (distributing active across all nodes in a cluster) to scale writes horizontally across different namespaces before looking at horizontal scalability of a single mount (which is all that local storage gives you -- it doesn't give you write scalability across namespaces).

    Also on that list is external key support, similar to managed keys from Vault Enterprise, but with different configuration semantics: https://github.com/openbao/openbao/pull/1320

    We currently have no plans for implementing some of the enterprise secrets bcakends (KMIP, Transform/Tokenization, KMSE, ...) though of course would be welcoming to these as well. Sync is another area that is not in the cards for the short-term.

    In terms of differentiation, we have a lot of unique RFCs in-flight that I presume are not on Vault Enterprise's immediate roadmap:

    - https://github.com/openbao/openbao/pull/1365 -- starting plans for a UI rewrite and high-level feature requirements

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  3. Vault

    A tool for secrets management, encryption as a service, and privileged access management

    OpenBao’s development seems heavily reliant on a single person, compared to multiple frequent long-term commiters to Vault.

    Not sure if I’d feel comfortable switching from Vault to OpenBao!

    OpenBao last 12 months: https://github.com/openbao/openbao/graphs/contributors?from=...

    Vault last 12 months: https://github.com/hashicorp/vault/graphs/contributors?from=...

  4. openbao-plugins

    A first-party collection of external plugins for OpenBao, including additional auth & secrets engines.

    AWS plugins are released separately: https://github.com/openbao/openbao-plugins/releases

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • How do you guys store and access API keys?

    2 projects | /r/node | 3 Sep 2022

  • docker, sensitive data, git repo, best practice?

    3 projects | /r/devops | 4 Apr 2021

  • Postmortem: HashiCorp Vault 1.16 Secret Rotation Failure Caused 4-Hour Outage for Payment Services

    2 projects | dev.to | 28 Apr 2026

  • OpenBao HA Cluster with Auto-Unseal using TPM

    1 project | dev.to | 10 Apr 2026

  • The LiteLLM Supply Chain Attack: A Wake-Up Call for AI Infrastructure

    2 projects | dev.to | 27 Mar 2026
Loading...