Confidant

LSE toolsLSE toolsConfidant (111)Confidant (111)

Tool and Usage

Project details
LicenseApache License 2.0
Programming languagePython
AuthorRyan Lane
Latest release4.4.0 []

Project health

81
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Most applications with a connection to a database or other software component, need some form of authentication. Often the related credentials are stored in a configuration file. A secret manager like Confidant will provide an alternative, by storing the details in a database. Only applications that need to access the secrets are allowed to obtain them. Often system administrators are denied access to them.

How it works

Confidant stores the secrets in DynamoDB by only appending data. For every revision of every secret, it will be adding this data and protecting it via Fernet symmetric authenticated cryptography. It uses AWS KMS and IAM to define who has access to the data.

Usage and audience

Confidant is commonly used for secrets management or secure storage. Target users for this tool are developers, general public, and system administrators.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 1000 GitHub stars
  • + The source code of this software is available
  • + Supported by a large company

Author and Maintainers

Confidant is under development by Ryan Lane.

Installation

Supported operating systems

Confidant is known to work on Linux.

Confidant alternatives

Similar tools to Confidant:

64

TeamVault

TeamVault is a password manager for teams written in Python. In this review, we cover the tool and how it works.

64

Aletheia

Aletheia is a project to manage secrets in Google Cloud with CloudKMS and Cloud Storage. It can be used to store sensitive data like authentication details.

68

BlackBox

BlackBox allows you to store secrets safely in a version control system (VCS) like Git, Mercurial, Subversion, or Perforce). The toolkit has several scripts to encrypt specific files in a repository by using GNU Privacy Guard (GPG).

All Confidant alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a secrets management tool.