Ask HN: How do you and your team manage secrets day to day?

2 pointsby markvm5 hours ago1 comment

philmillman4 hours ago
We built varlock.dev to solve this exact problem. It works with all the secret and password managers everyone is already using and gives you a schema that you can commit, better DX (type-safety, intellisense) and security guardrails (redaction, leak prevention, scanning). Would love to hear your thoughts!
- markvm3 hours ago
  Thank you, just took a look. So, if I understand correctly varlock is designed to run on top of existing password/secrets managers. Do you have any idea which ones are typically used by varlock users? What do you use?
  - philmillman3 hours ago
    Yeah we're currently meant to run on top of whatever platforms/products people are already using. We're launching some first party encryption support imminently. It's mostly geared towards local overrides, but that will evolve into more of an end-to-end solution over time.
    1Password is very popular, especially for dev/pre-prod where shared vaults are more the norm. I think it will continue to grow as their Environments product matures. Next most popular would be AWS (our plugin supports both of their secrets management solutions). And after that would be Infisical. Some of the other plugins are quite new so I expect some growth there as people find them.
    We are pretty heavy 1Pass users internally.