We compared HashiCorp Vault and AWS Secrets Manager based on our user's reviews in several parameters.
HashiCorp Vault is praised for its security, ease of use, and ROI, while AWS Secrets Manager stands out for its efficient integration with AWS services and user-friendly interface. HashiCorp Vault offers flexibility in pricing and setup, whereas AWS Secrets Manager is commended for its competitive pricing and straightforward setup process. Both products have areas for improvement, with HashiCorp Vault focusing on user interface enhancements and AWS Secrets Manager on clearer documentation and better integration with other AWS services.
Features: HashiCorp Vault excels in providing superb security measures, comprehensive functionality, and seamless integration with other tools and platforms. On the other hand, AWS Secrets Manager focuses on secure data storage, efficient integration with AWS services, and robust security measures.
Pricing and ROI: The setup cost for HashiCorp Vault is minimal, making it easy to get started. Users appreciate the affordability and flexibility of the pricing and licensing options. On the other hand, AWS Secrets Manager also offers competitive pricing and ensures a straightforward setup. The licensing is flexible and caters to diverse needs., HashiCorp Vault offers enhanced security, control over access privileges, compliance, efficiency, and integration, while AWS Secrets Manager provides cost-effective and secure management, easy integration, and automated secret rotation.
Room for Improvement: HashiCorp Vault has room for improvement in areas such as user interface, documentation, integration, scalability, and performance. AWS Secrets Manager, on the other hand, needs enhancements in documentation, examples, integration with other AWS services, and user interface.
Deployment and customer support: Users reported varying durations for establishing a new tech solution using HashiCorp Vault. Some took 3 months for deployment and an extra week for setup, while others required only a week for both. AWS Secrets Manager also had varied durations, with users taking up to 3 months for deployment or just a week. When mentioned separately, deployment and setup should be considered distinct phases, but if the same timeframe is given, they should be assumed to refer to the same period., Users have expressed satisfaction with HashiCorp Vault's customer service and support, appreciating the prompt and helpful assistance received. Similarly, AWS Secrets Manager has also received positive feedback for their knowledgeable and efficient responses, effectively addressing and resolving customer issues.
The summary above is based on 18 interviews we conducted recently with HashiCorp Vault and AWS Secrets Manager users. To access the review's full transcripts, download our report.
"The product is easy to use and is inexpensive."
"The most valuable feature is security."
"The API is fine and works well."
"It's highly scalable, so I'd rate it a ten out of ten."
"The most valuable feature of AWS Secrets Manager is the ability to keep data secret and assign access permissions to people to grant or restrict access."
"The solution is very scalable."
"Integrating with other services was straightforward, especially within the AWS environment."
"All our workloads are running on AWS, so integration with our workload is much easier on AWS Secrets Manager than going with another solution such as Thycotic."
"The tool's dynamic rotation of the password credentials is good."
"It can still be configured by a separate team other than developers. That's why I think it's more secure."
"The solution is stable. It has been working perfectly without any problem."
"The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp."
"It is an added value for our customers to have a Secrets Management workflow available that is PaaS/CaaS/KaaS Platform agnostic."
"We were using it because we have compliance requirements around secret management. Having a secure vault and encrypting data was an additional requirement. When we looked at it first, we were just looking for a vault, like a lockbox. The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive."
"For me, the most valuable features include that it's easy to manage and maintain the password API for retrieving passwords and other things."
"This solution is easy to use and to integrate."
"An area for improvement in AWS Secrets Manager could be expanding integration options beyond AWS services."
"The price of the solution could improve."
"There is room for improvement in the pricing model."
"There is room for improvement in terms of integrating with certain other platforms."
"The solution's initial setup process is complicated."
"There is a need for better environmental implementation, such as having a security fund as a solution."
"We occasionally have problems with rate limits, although that is a problem more generally with AWS."
"If you add one more layer of security to AWS Secrets Manager, even the programmer will not be able to see the secrets."
"We could use more documentation, primarily to do with integrations."
"There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security."
"The documentation is very general; it should have more examples and more use cases."
"The solution's initial setup process is complicated."
"The solution could be much easier to implement."
"The product needs to improve its customization. It should be also more like easy to plug and play."
"In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it."
"In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through API calls. I think CyberArk has a better approach because it provides a UI that integrates features across all its components, making it easier, especially for new users or those from organizations with strict licensing policies."
AWS Secrets Manager is ranked 3rd in Enterprise Password Managers with 12 reviews while HashiCorp Vault is ranked 2nd in Enterprise Password Managers with 16 reviews. AWS Secrets Manager is rated 8.8, while HashiCorp Vault is rated 8.2. The top reviewer of AWS Secrets Manager writes "Seamlessly integrates with various AWS services while offering reasonable pricing". On the other hand, the top reviewer of HashiCorp Vault writes "Useful for machine-to-machine communication and has secret engine feature ". AWS Secrets Manager is most compared with Azure Key Vault, 1Password, CyberArk Enterprise Password Vault, BeyondTrust Password Safe and Delinea Secret Server, whereas HashiCorp Vault is most compared with Azure Key Vault, CyberArk Enterprise Password Vault, Delinea Secret Server, Keeper and BeyondTrust Password Safe. See our AWS Secrets Manager vs. HashiCorp Vault report.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic solution, HashiCorp Vault allows you to be flexible in the cloud infrastructure that you choose to use. It is completely compatible and integratable with a myriad of different platforms. You can determine what you want to use and HashiCorp Vault will function without issue, regardless of what you choose. If you are using HashiCorp Vault as a multi-cloud solution, then you have an even greater number of platform options. You will be able to mix and match which cloud platforms you like to use to customize your data protection. The only limits on your customization will end up being your imagination.
HashiCorp Vault’s user interface is simple for you to both use and navigate. The UI was designed to be basic enough for users to manage without forcing an organization to spend a great deal of time and resources having to train employees in its use. It might be a little confusing for employees when they start using it. However, once they have used it for a little while they will be proficient in its use. Should an organization choose to invest in training employees in the use of this UI, the required investment will be minimal.
AWS Secrets Manager is an extremely user-friendly solution. It is intuitive in its design, which makes it a valuable product. However, AWS Secrets Manager lacks the level of cloud flexibility that HashiCorp Vault offers.
Conclusion:
While AWS Secrets Manager is a fairly competent product, we found HashiCorp Vault to be superior. HashiCorp Vault‘s greater flexibility and integration capabilities make it the more robust solution.