Tool and Usage
|License||Apache License 2.0|
|Latest release||4.4.0 |
Why this tool?
Most applications with a connection to a database or other software component, need some form of authentication. Often the related credentials are stored in a configuration file. A secret manager like Confidant will provide an alternative, by storing the details in a database. Only applications that need to access the secrets are allowed to obtain them. Often system administrators are denied access to them.
How it works
Confidant stores the secrets in DynamoDB by only appending data. For every revision of every secret, it will be adding this data and protecting it via Fernet symmetric authenticated cryptography. It uses AWS KMS and IAM to define who has access to the data.
Usage and audience
Confidant is commonly used for secrets management or secure storage. Target users for this tool are developers, general public, and system administrators.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 1000 GitHub stars
- + The source code of this software is available
- + Supported by a large company
Supported operating systems
Confidant is known to work on Linux.
Similar tools to Confidant:
TeamVault is a password manager for teams written in Python. In this review, we cover the tool and how it works.
Aletheia is a project to manage secrets in Google Cloud with CloudKMS and Cloud Storage. It can be used to store sensitive data like authentication details.
BlackBox allows you to store secrets safely in a version control system (VCS) like Git, Mercurial, Subversion, or Perforce). The toolkit has several scripts to encrypt specific files in a repository by using GNU Privacy Guard (GPG).
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
This tool is categorized as a secrets management tool.