AWS Secrets Manager Alternatives & Competitors 2024

by Andrew Magnusson

Customer Engineering Expert

StrongDM

3 min read

Last updated on: November 6, 2023

Found in: Access Compare AWS

StrongDM manages and audits access to infrastructure.

Role-based, attribute-based, & just-in-time access to infrastructure
Connect any person or service to any infrastructure, anywhere
Logging like you've never seen

Get a demo

AWS Secrets Manager is a popular and highly intuitive secrets management tool that lets organizations automate secrets rotation processes and securely store, manage, and audit IT credentials. However, certain AWS Secrets Manager alternatives are available if you are looking to avoid getting tied down exclusively to AWS products or prioritize efficient user onboarding. In this product comparison guide, we evaluate AWS Secrets Manager competitors that can fill in some of its product gaps.

AWS Secrets Manager Overview

Brief product summary

AWS Secrets Manager is a scalable solution for secrets management—priced entirely using a per unit, per month cost model, which lets organizations boost capacity as their total number of API calls and stored credentials increase. Users can use AWS Secrets Manager to store encrypted credential data, automate secrets rotation and replication, and administer secrets using preset identity and access management (IAM) policies. The system also includes secrets auditing capabilities and ensures compliance with nearly all major regulatory requirements.

Use cases

Auditing and reporting on secrets usage for security and compliance management.
Storing credentials and API keys for secure access and replication to meet disaster recovery or secret redundancy requirements.
Automating secrets management processes such as database and cluster credential rotation without code deployments.
Maintaining security, DevOps, and IT management operations entirely within AWS services.

Pros

Cost-scalable plans that grow with enterprise storage and connection requirements.
User-friendly platform for operating storage, automation, and audit features.
Offers a single source of truth for secrets management that can secure credentials for various workloads, databases, applications, and clusters.

Cons

Integration restrictions are mostly limited to AWS products.
Quality product support requires users to subscribe to an expensive enterprise support plan.

1. StrongDM

strongdm-new-homepage-screenshot

Brief product summary

StrongDM is a Dynamic Access Management (DAM) platform that lets teams centralize access and credential management for enterprise databases, servers, and Kubernetes, in a single interface. The platform integrates with a wide range of environments and works with secrets management tools so users can easily store all credentials and keys, and configure workflow automation in the same system. This helps streamline secret rotation, employee onboarding, user provisioning, and control management for just-in-time, privileged, and least-privilege access.

Use cases

Supporting secrets management and privileged access management (PAM) in multiple cloud deployments, such as public, private, hybrid, and multi-cloud environments.
Automating user onboarding and offboarding to ensure resource security and speed up user provisioning processes.
Managing and administering specific access types to employees using prominent frameworks like least privilege, just-in-time, and temporary-account access.
Tracking and reporting on permissions, user activity, and access logs for audit and compliance management purposes.
Security and compliance teams simplify HIPAA, SOC 2, SOX, ISO 27001 compliance certification.

Pros

Straightforward and transparent pricing model.
See and replay all activity with session recordings.
Super flexible solution that works with any infrastructure and integrates with popular secrets manager products like HashiCorp Vault, AWS Secrets Manager, and Google Cloud Platform (GCP) Secret Manager.
Simple deployment that makes it easy to set up and connect IAM, PAM, and credential management tools without operational downtime.

Cons

Requires continual access to the StrongDM API to maintain access to managed resources.

StrongDM’s G2 Reviews

51 reviews (at the time of writing)
4.8 / 5 stars

Read all of StrongDM’s G2 reviews here.

g2-review-screenshot

Pricing Information

StrongDM offers simple per-user pricing, starting at $70/license, including support for all resource types.

Users have the option to sign up for a free 14-day trial.

strongdm-new-pricing

2. Azure Key Vault

Brief product summary

Microsoft Azure Key Vault is an all-in-one platform for managing encryption keys, transport layer security/secure sockets layer (TLS/SSL) digital certificates, and secrets data like tokens, user credentials, and API keys. The system and graphical unit interface (GUI) are easy to operate to help organizations maintain a secure solution to store and administer secrets or keys. It also supports security compliance activities and supplies robust visibility through key vault monitoring and logging features.

Use cases

Providing a centralized system to securely store, distribute, and rotate secrets, keys, or digital certificates.
Monitoring and archiving activity logs for security and key access, use, and alterations.
Automating key and certificate lifecycle and secrets management activities like enrollments, renewals, replications, and secrets segregation.

Pros

Secure, turn-key solution for managing resource access and storing sensitive credentials and keys.
GUI that provides easy-to-use modules for a great user experience.
Users can supplement key or credential management features that are missing using a wide range of third-party solutions.

Cons

Network latency issues can cause inconsistent API response times within the product.
Cannot handle key management on specific endpoints, such as mobile devices.

3. HashiCorp Vault

Brief product summary

HashiCorp Vault allows enterprises to manage secrets with strict access management controls and secure storage of passwords, keys, tokens, and certificates. It can integrate with many user, application, and machine identity management systems to help maintain security across an entire technology stack and network infrastructure. HashiCorp Vault also offers product flexibility with a free, open-source option and various paid plans to meet budget, feature, or storage requirements.

Use cases

Storing and distributing secrets for applications, Kubernetes systems, and other infrastructure environments accessible via API or command-line interface (CLI).
Automating and standardizing processes like credential rotations, key lifecycle management, and the on-demand creation of X.509 certificates for public key infrastructure (PKI) systems.
Centralizing secrets data storage for simplified identity-based control in cloud systems, databases, and endpoints.

Pros

Can support all types of cloud environments and infrastructure and integrate with many third-party security tools.
Flexible capabilities that allow all types of storage data like keys, tokens, binary data, and user credentials for API, CLI, and web UI access.

Cons

Requires a complex setup process with lots of back-end configuration and integration work.
Insufficient product documentation that misses steps or updates slowly after product and API changes.

About the Author

Andrew Magnusson, Customer Engineering Expert, has worked in the information security industry for 20 years on tasks ranging from firewall administration to network security monitoring. His obsession with getting people access to answers led him to publish Practical Vulnerability Management with No Starch Press in 2020. He holds a B.A. in Philosophy from Clark University, an M.A. in Philosophy from the University of Connecticut, and an M.S. in Information Management from the University of Washington. To contact Andy, visit him on LinkedIn.