Hacker News new | comments | ask | show | jobs | submit login

Another alternative developed for AWS deployments, written in Python and uses KMS: Credstash https://github.com/fugue/credstash

The only downside of credstash is that it doesn't have the ability to restrict sets of credentials to different IAM roles. The access is all-or-nothing, per dynamo table.

Otherwise the general design of credstash is very similar to Confidant.

It is possible to use fine grained access control with dynamodb in order to restrict access within a ddb table

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact