Hacker News new | comments | ask | show | jobs | submit login

Another alternative developed for AWS deployments, written in Python and uses KMS: Credstash https://github.com/fugue/credstash



The only downside of credstash is that it doesn't have the ability to restrict sets of credentials to different IAM roles. The access is all-or-nothing, per dynamo table.

Otherwise the general design of credstash is very similar to Confidant.


It is possible to use fine grained access control with dynamodb in order to restrict access within a ddb table




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: