Video Demonstration

[9876691]

What the video should communicate

• Secrets sprawl one place for secrets and secrets distribution. Manual processes
• Minimal needed permissions - Just in Time and Just once. principal of least privelage.
• Saas. Immediate on-boarding, with no deployment required. Available anywhere, hybrid and multi cloud environments. High availability, backup and disaster recovery is included.
• End to End Encryption. Best practice, You providers supply chain is your supply chain.
• Audit and Compliance
• Integrations with minimal impact on your supply chain.
• Incomplete visibility and awareness:
• Manual secrets management processes
• Remove secrets from code, configuration files and other unprotected areas.
• Secrets rotation
• Protection against secrets erasure. soft delete. https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview

Features to compare

• End 2 End encryption
• Reliable propagation to kubernetes (i.e dont put the CLI into a pod like secrethub does)
• CLI in docker container (no dependencies)?
• Audit trail and search
• RBAC
• CLI
• Service accounts with timeout
• .env file generation.
• Use existing K8 operators and not tie you in to the vendor.
• Works on mobile

• Doppler
• https://www.conjur.org/
• Hashicorp vault
• https://www.akeyless.io/
• https://envkey.com/
• https://1password.com/secrets/
• https://secrethub.io/
• aws
• azure
• gcp