51 Resources
Golang secrets Libraries
VaultOperator provides a CRD to interact securely and indirectly with secrets stored in Hashicorp Vault.
vault-operator The vault-operator provides several CRDs to interact securely and indirectly with secrets. Details Currently only stage 1 is implemente
K8s-dotenv - Kubernetes Secrets and Configmaps to dot env file
k8s-dotenv A commandline tool to fetch, merge and convert secrets and config map
Racoon - Secrets are my thing
racoon - secrets are my thing Commands See racoon help or racoon --help for all
Etcd config dispenser
etcd-config-dispenser Some things are best explained with an example: I use lets
Secretsmanager - Secrets management that allows you to store your secrets encrypted in git
I created secretsmanager to store some secrets within a repository. The secrets are encrypted at rest, with readable keys and editable JSON, so you can rename a key or delete it by hand. The cli tool handles the bare minumum of requirements.
QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security and store it on physical paper.
QR Secrets QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security. Incorporating; AES256-GCM-HKDF
Secret - Prevent your secrets from leaking into logs and std*
secret - Prevent your secrets from leaking into logs and std* The package provid
It is a package and command line application that provides you to store encrypted credentials/secrets in your repository.
sypher[ ⚠️ Work in progress] sypher provides you to store your credentials and secrets as encrypted in your repository. Usage Install the command line
Aws-secretsmanager-caching-extension - Cache server for AWS Secrets Manager
AWS Lambda Extension / Sidecar Container Cache Server The cache server is writte
A simple CLI and API client for One-Time Secret
OTS Go client otsgo is a simple CLI and API client for One-Time Secret written i
Create @tailscale authentication tokens using vault
Vault Secrets Plugin - Tailscale Vault secrets plugins to simplying creation, ma
create @auth0 management api tokens
Vault Secrets Plugin - Auth0 Vault secrets plugins to simplying creation, management, and revocation of auth0 management API tokens. Usage Setup Endpo
A project for sharing secrets in a quick and secure manner
Yopass - Share Secrets Securely Yopass is a project for sharing secrets in a quick and secure manner*. The sole purpose of Yopass is to minimize the a
An example microservice demo using kubernetes concepts like deployment, services, persistent volume and claims, secrets and helm chart
Docker vs Kubernetes Docker Kubernetes container tech, isolated env for apps infra management, multiple containers automated builds and deploy apps -
Integrates Spiffe and Vault to have secretless authentication
SPIFFE Vault Integrates SPIFFE SVID authentication with Hashicorp Vault to retrieve a VAULT_TOKEN. Example usecases Read secrets from Hashicorp Vault
Sample application accessing kubernetes secrets
Kubernetes secrets API example This git repo illustrates a small application which can access kubernetes secrets. Build small application To test the
Biscuit is a multi-region HA key-value store for your AWS infrastructure secrets.
Biscuit Biscuit is a simple key-value store for your infrastructure secrets. Is Biscuit right for me? Biscuit is most useful to teams already using AW
Vaku is a CLI and API for running path- and folder-based operations on the Vault Key/Value secrets engine.
Vaku Vaku is a CLI and API for running path- and folder-based operations on the Vault Key/Value secrets engine. Vaku extends the existing Vault CLI an
recursively list secrets from Vaults KV2 engine
vkv recursively list secrets from Vaults KV2 engine Installation Find the corresponding binaries, .rpm and .deb packages in the release section. Authe
kubectl plugin for generating nginx-ingress compatible basic-auth secrets on kubernetes clusters
kubectl-htpasswd kubectl plugin for easily generating hashed basic auth secrets. Supported hash algorithms bcrypt Examples Create the secret on the cl
A tool for secrets management, encryption as a service, and privileged access management
Deploy HCP Vault & AWS Transit Gateways via Terraform https://medium.com/hashicorp-engineering/deploying-hcp-vault-using-the-hcp-terraform-provider-5e
CLI based tools to find the secrets in docker Images
docker-secrets CLI based tools to find the secrets in docker Images This tool use detect-secrets to find the secrets in the docker Image file system P
This repo contains example on how to consume secrets from Google Secret Manager from GKE
GKE Secret Manager. Environment setup This repo contains examples of how to consume secrets from Google Secret Manager (GSM) from Google Kubernetes En
Watch and react to changes in Kubernetes TLS Secrets
cert-watch Watch and react to change in Kubernetes TLS Secrets. What is cert-watch? Kubernetes has introduced a number of different ways to keep certi
Allows you to replace a secret in a file using secrets manager
secrets inserter Allows you to replace a secret in a file using secrets manager. ::SECRET:secret-name:SECRET:: will be replaced with your secret-name
Copy your HashiCorp Vault secrets to a file
Vault Backup ⚠️ Check the oficial way to backup your HashiCorp Vault. Create a backup file of all HashiCorp Vault kv2 secrets. ./vault-backup -help
GO ABI for AWS Secrets-Manager
secrets-manager-cli GO ABI for AWS Secrets-Manager SDK Setup AWS Documentation Download (Source) go get github.com/aws/aws-sdk-go-v2/aws go get github
Kubernetes Operator to sync secrets between different secret backends and Kubernetes
Vals-Operator Here at Digitalis we love vals, it's a tool we use daily to keep secrets stored securely. We also use secrets-manager on the Kubernetes
Sidecar container for injecting secrets into configuration files from Hashicorp Vault
talebearer noun A person who spreads scandal or tells secrets; gossip Note This code is not being actively developed, and has not seen substantial cha
Support converting Vault Secrets to diffrent formats.
Vault Converter Support converting Vault Secrets to different formats. vault-converter is a tool designed to synchronize variables from local to Vault
Paste your GitHub Secrets to files
Paste-Secret Paste your GitHub Secrets in files Usage Inputs Required secrets : Secrets ise JSON object array. Holds filename, keys and values which w
Store private data inside a git repository.
git-private lets you store private data inside a git repo. A common use case is protecting files containing API keys et.c.
A CLI to sync configmaps and secrets in a kubernetes cluster
kube-sync Kube Sync is a CLI application to copy/sync configmaps and secrets from one namespace to another. Motivation While working with kubernetes,
password manager using age for encryption
page ====== password manager using age (https://age-encryption.org/) for encryption. encrypted secrets are files in the $PAGE_SECRETS/ directory that
🔐 Share end-to-end encrypted secrets with others via a one-time URL
If you use this repo, star it ✨ 🔐 Share end-to-end encrypted secrets with others via a one-time URL Use to securely share API Keys, Signing secrets,
🔐 Share end-to-end encrypted secrets with others via a one-time URL
If you use this repo, star it ✨ 🔐 Share end-to-end encrypted secrets with others via a one-time URL Use to securely share API Keys, Signing secrets,
A containerd runc shim for replacing environment variables with external secrets
ext-secrets-runc-shim A containerd, runc-based, shim for replacing environment variables with secrets from arbitrary external engines. Quickstart Inst
Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...
Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more... Coded with 💙 by edoardottt. Share on Twitter! P
Simplify Kubernetes Secrets Management with Dockhand Secrets Operator
dockhand-secrets-operator Secrets management with GitOps can be challenging in Kubernetes environments. Often engineers resort to manual secret creati
Censors or hides shell / Bash / console output based on defined patterns - great for hiding secrets in demos!
censor-shell Installation go install Usage Make the file ~/.censor-shell as an INI file with the following content: [nameofmyreplacement] pattern = b
A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers
k8s-vault-webhook is a Kubernetes admission webhook which listen for the events related to Kubernetes resources for injecting secret directly from sec
Teller - the open-source universal secret manager for developers
A secrets management tool for developers built in Go - never leave your command line for secrets.
Kubesecret is a command-line tool that prints secrets and configmaps data of a kubernetes cluster.
Kubesecret Kubesecret is a command-line tool that prints secrets and configmaps data of a kubernetes cluster. kubesecret -h for help pages. Install go
Not Yet Another Password Manager written in Go using libsodium
secrets Secure and simple passwords manager written in Go. It aims to be NYAPM (Not Yet Another Password Manager), but tries to be different from othe
A tool for secrets management, encryption as a service, and privileged access management
Vault Please note: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please respo
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com
shhgit helps secure forward-thinking development, operations, and security teams by finding secrets across their code before it leads to a security br
Age based repository file encryption gitops tool
agebox Easy and simple file repository encryption tool based on Age. Have you ever though "this should be simple" while you were using tools like Blac
Assume AWS IAM roles from GitHub Actions workflows with no stored secrets
AWS IAM roles for GitHub Actions workflows Background and rationale GitHub Actions are a pretty nice solution for CI/CD. Where they fall short is inte
Friends don't let friends leak secrets on their terminal window
senv - safer env Friends don't let friends leak secrets in terminal windows. 📺 Print your environment to the terminal without worry.
Find secrets and passwords in container images and file systems
Find secrets and passwords in container images and file systems
Telling tales on you for leaking secrets!
Squealer Telling tales on you for leaking secrets! Squealer scans a local git repository for secrets that are being leaked deep within the commit hist