The footnote and the entry was a bit rushed and was not intended to be snarky. To the best of my knowledge - please correct me if I'm wrong - you cannot say a secret should be valid in a time period in Vault. The TTL…
Thank you for your feedback and clarifications. Vault is a well regarded project that is designed to solve a broader set of problems than Strongbox (i.e. Vault has many different backends, more auth solutions etc.).…
For Strongbox CloudTrail logs are indirect: you need to look at the logs of the backends used by Strongbox, i.e. KMS and DynamoDB. Consistent naming of the resources (managed by Strongbox) should help you filter out the…
That is certainly one approach we have looked at. The question then is where would you run the REST API? As a side car, as a separate service, e.g. using AWS API Gateway and Lambdas? If you look at the work required to…
[1] Please follow the link to see a comparison table with Hashicorp Vault and AWS Parameter Store: https://schibsted.github.io/strongbox/ [2] One of the fundamental differences between BlackBox and Strongbox is that…
AWS Parameter Store certainly has merit. As you can see from the comparison table there are certain functionality that is supported by Strongbox which AWS Parameter Store does not currently offer, like larger secrets,…
Strongbox was designed prior to AWS Parameter Store, and took its inspiration from projects like Fugue CredStash and similar AWS KMS based projects. While there are certainly pros and cons with the different approaches,…
The project has been used in production since the summer of 2016. It is being used by a number of teams, and has been contributed to by more than 20 developers (there is a CONTRIBUTORS file). The backup will take the…
Today people are using the SDK directly or injecting secrets via the CLI. Multi-language support and integration with e.g. Kubernetes is high on the wish list. The approach we are looking at for multi-language support…
I'm the creator of Strongbox. Feel free to ask me technical questions about the project.
The footnote and the entry was a bit rushed and was not intended to be snarky. To the best of my knowledge - please correct me if I'm wrong - you cannot say a secret should be valid in a time period in Vault. The TTL…
Thank you for your feedback and clarifications. Vault is a well regarded project that is designed to solve a broader set of problems than Strongbox (i.e. Vault has many different backends, more auth solutions etc.).…
For Strongbox CloudTrail logs are indirect: you need to look at the logs of the backends used by Strongbox, i.e. KMS and DynamoDB. Consistent naming of the resources (managed by Strongbox) should help you filter out the…
That is certainly one approach we have looked at. The question then is where would you run the REST API? As a side car, as a separate service, e.g. using AWS API Gateway and Lambdas? If you look at the work required to…
[1] Please follow the link to see a comparison table with Hashicorp Vault and AWS Parameter Store: https://schibsted.github.io/strongbox/ [2] One of the fundamental differences between BlackBox and Strongbox is that…
AWS Parameter Store certainly has merit. As you can see from the comparison table there are certain functionality that is supported by Strongbox which AWS Parameter Store does not currently offer, like larger secrets,…
Strongbox was designed prior to AWS Parameter Store, and took its inspiration from projects like Fugue CredStash and similar AWS KMS based projects. While there are certainly pros and cons with the different approaches,…
The project has been used in production since the summer of 2016. It is being used by a number of teams, and has been contributed to by more than 20 developers (there is a CONTRIBUTORS file). The backup will take the…
Today people are using the SDK directly or injecting secrets via the CLI. Multi-language support and integration with e.g. Kubernetes is high on the wish list. The approach we are looking at for multi-language support…
I'm the creator of Strongbox. Feel free to ask me technical questions about the project.