AWS Secrets Manager vs HashiCorp Vault comparison

AWS Secrets Manager
Read 12 AWS Secrets Manager reviews
  • 15,396 Views
  • 13,600 Comparison Views
100% willing to recommend
HashiCorp Vault
Read 16 HashiCorp Vault reviews
  • 17,624 Views
  • 11,944 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 6, 2024

We compared HashiCorp Vault and AWS Secrets Manager based on our user's reviews in several parameters.

HashiCorp Vault is praised for its security, ease of use, and ROI, while AWS Secrets Manager stands out for its efficient integration with AWS services and user-friendly interface. HashiCorp Vault offers flexibility in pricing and setup, whereas AWS Secrets Manager is commended for its competitive pricing and straightforward setup process. Both products have areas for improvement, with HashiCorp Vault focusing on user interface enhancements and AWS Secrets Manager on clearer documentation and better integration with other AWS services.

Features: HashiCorp Vault excels in providing superb security measures, comprehensive functionality, and seamless integration with other tools and platforms. On the other hand, AWS Secrets Manager focuses on secure data storage, efficient integration with AWS services, and robust security measures.

Pricing and ROI: The setup cost for HashiCorp Vault is minimal, making it easy to get started. Users appreciate the affordability and flexibility of the pricing and licensing options. On the other hand, AWS Secrets Manager also offers competitive pricing and ensures a straightforward setup. The licensing is flexible and caters to diverse needs., HashiCorp Vault offers enhanced security, control over access privileges, compliance, efficiency, and integration, while AWS Secrets Manager provides cost-effective and secure management, easy integration, and automated secret rotation.

Room for Improvement: HashiCorp Vault has room for improvement in areas such as user interface, documentation, integration, scalability, and performance. AWS Secrets Manager, on the other hand, needs enhancements in documentation, examples, integration with other AWS services, and user interface.

Deployment and customer support: Users reported varying durations for establishing a new tech solution using HashiCorp Vault. Some took 3 months for deployment and an extra week for setup, while others required only a week for both. AWS Secrets Manager also had varied durations, with users taking up to 3 months for deployment or just a week. When mentioned separately, deployment and setup should be considered distinct phases, but if the same timeframe is given, they should be assumed to refer to the same period., Users have expressed satisfaction with HashiCorp Vault's customer service and support, appreciating the prompt and helpful assistance received. Similarly, AWS Secrets Manager has also received positive feedback for their knowledgeable and efficient responses, effectively addressing and resolving customer issues.

The summary above is based on 18 interviews we conducted recently with HashiCorp Vault and AWS Secrets Manager users. To access the review's full transcripts, download our report.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Secrets Manager vs. HashiCorp Vault Report (Updated: May 2024).
Buyer's Guide
AWS Secrets Manager vs. HashiCorp Vault
May 2024
Download the complete report
Helped 787,061 peers since 2012
 

Categories and Ranking

AWS Secrets Manager
Ranking in Enterprise Password Managers
2nd
Average Rating
8.8
Number of Reviews
12
Ranking in other categories
No ranking in other categories
HashiCorp Vault
Ranking in Enterprise Password Managers
3rd
Average Rating
8.2
Number of Reviews
16
Ranking in other categories
No ranking in other categories
 

Market share comparison

As of June 2024, in the Enterprise Password Managers category, the market share of AWS Secrets Manager is 24.7% and it increased by 3.2% compared to the previous year. The market share of HashiCorp Vault is 17.0% and it increased by 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Enterprise Password Managers
Unique Categories:
No other categories found
No other categories found
 

Q&A Highlights

NC
Dec 12, 2021
Which is better - HashiCorp Vault or AWS Secrets Manager?
yet to learn both
See all answers
 

Featured Reviews

RR
Oct 6, 2023
Stable solution and utilized for managing secrets within AWS
AWS Secrets Manager takes care of managing the secret within AWS and other AWS services.  With AWS Secrets Manager, we can configure the required secrets in the secret manager, and we can access that from the Lambda service without any additional effort. So, we just have to update policies. Based…
Read full review
BP
Dec 18, 2023
Offers ability to store secret credentials and create policies using API calls, like allowing specific users to access certain data only after authentication
Before provisioning things in Azure, we use HashiCorp Vault to store service principal credentials—passwords and such. Then, we can identify if a user is authorized to provision resources. If not, the blueprint will throw an error saying the user isn't authorized to provision or spin up resources in Azure. Same thing with other components, except for the applications themselves. We don't store credentials for those. On the replication side, in a high-availability setup in multiple Vault instances, secret data is accessible by other resources. Each user or technical user has their own token, and there are different tokens for dev, test, QA, and product environments. It meets all three-point authentication, authorization, and access control requirements.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is usability, as it is quite user-friendly."
"It's highly scalable, so I'd rate it a ten out of ten."
"The most valuable feature of AWS Secrets Manager is the ability to keep data secret and assign access permissions to people to grant or restrict access."
"Integrating with other services was straightforward, especially within the AWS environment."
"The most valuable feature is the management of credentials."
"The solution is very scalable."
"The most valuable feature is security."
"All our workloads are running on AWS, so integration with our workload is much easier on AWS Secrets Manager than going with another solution such as Thycotic."
More AWS Secrets Manager pros
"The interface is very simple to navigate."
"It's stable. I would rate the stability a nine out of ten."
"It can still be configured by a separate team other than developers. That's why I think it's more secure."
"The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp."
"It is user-friendly and easy to implement from any application point."
"We use the solution for secret management."
"This solution is easy to use and to integrate."
"It is an added value for our customers to have a Secrets Management workflow available that is PaaS/CaaS/KaaS Platform agnostic."
More HashiCorp Vault pros
 

Cons

"It would be good if the AWS Secrets Manager were more customizable."
"The solution's initial setup process is complicated."
"There is room for improvement in terms of integrating with certain other platforms."
"The sidecar feature has room for improvement."
"If you add one more layer of security to AWS Secrets Manager, even the programmer will not be able to see the secrets."
"We occasionally have problems with rate limits, although that is a problem more generally with AWS."
"The price of the solution could improve."
"AWS Secrets Manager could support hybrid infrastructure."
More AWS Secrets Manager cons
"The product is complicated to install."
"The solution's initial setup process is complicated."
"The onboarding is a challenge. It should be more self-service, but it involves reviews and approvals."
"The technical support was hard to get a hold of and lacking in service."
"I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube."
"In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it."
"We could use more documentation, primarily to do with integrations."
"There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security."
More HashiCorp Vault cons
 

Pricing and Cost Advice

"I don't believe there is a license cost for the solution."
"The cost is somewhat high."
"We purchase a monthly license for the product."
"The solution is expensive."
"We've observed that AWS Secrets Manager pricing is based on a per-secret-per-month model. As a result, we prefer to divide our secrets into individual pieces to increase security and grant specific access permissions to certain secrets, systems, or individuals. However, this approach results in higher costs. Therefore, we have been exploring ways to combine our secrets into groups to reduce expenses and simplify management. Nonetheless, we acknowledge that this issue may not be related to the secret manager's functionality."
"It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud."
"The solution's cost is reasonable."
"In my case, the open-source version works well. It's advisable for small to medium-scale organizations, but for large-scale organizations, you should go with the enterprise version."
"I am using the open-source version of Vault and I would have to buy a license if I want to get support."
"The product is expensive."
"The AWS version is much cheaper than HashiCorp Vault."
report
See which vendors are best for you
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
See recommendations
787,061 professionals have used our research since 2012.
 

Answers from the Community

NC
Dec 12, 2021
Dec 12, 2021
Which is better - HashiCorp Vault or AWS Secrets Manager?
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic solution, HashiCorp Vault allows you to be flexible in the cloud infrastructure that you choose to use. It is completely compatible and integratable with a myriad of different platforms. You can determin...
See 2 answers
KK
Nov 23, 2021
yet to learn both
Read full answer
DG
Dec 12, 2021
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic solution, HashiCorp Vault allows you to be flexible in the cloud infrastructure that you choose to use. It is completely compatible and integratable with a myriad of different platforms. You can determine what you want to use and HashiCorp Vault will function without issue, regardless of what you choose. If you are using HashiCorp Vault as a multi-cloud solution, then you have an even greater number of platform options. You will be able to mix and match which cloud platforms you like to use to customize your data protection. The only limits on your customization will end up being your imagination. HashiCorp Vault’s user interface is simple for you to both use and navigate. The UI was designed to be basic enough for users to manage without forcing an organization to spend a great deal of time and resources having to train employees in its use. It might be a little confusing for employees when they start using it. However, once they have used it for a little while they will be proficient in its use. Should an organization choose to invest in training employees in the use of this UI, the required investment will be minimal. AWS Secrets Manager is an extremely user-friendly solution. It is intuitive in its design, which makes it a valuable product. However, AWS Secrets Manager lacks the level of cloud flexibility that HashiCorp Vault offers. Conclusion: While AWS Secrets Manager is a fairly competent product, we found HashiCorp Vault to be superior. HashiCorp Vault‘s greater flexibility and integration capabilities make it the more robust solution.
Read full answer
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
8%
Insurance Company
6%
Financial Services Firm
19%
Computer Software Company
16%
Manufacturing Company
8%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Key Vault or AWS Secrets Manager?
Azure Key Vault is a SaaS solution. You can easily store passwords and secrets securely and encrypt them. Azure Key Vault is a great solution to ensure you are compliant with security and governanc...
See all answers
Which is better - HashiCorp Vault or AWS Secrets Manager?
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic sol...
See all answers
What do you like most about AWS Secrets Manager?
The most valuable feature of AWS Secrets Manager is its seamless integration with various AWS services.
See all answers
What do you like most about HashiCorp Vault?
The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applications, making it easy to set up and implement quickly. This allows you to test it...
See all answers
What is your experience regarding pricing and costs for HashiCorp Vault?
The enterprise version would require considering factors like the level of support needed, the amount of secret data being stored, and replication needs. But in my case, the open-source version wor...
See all answers
What needs improvement with HashiCorp Vault?
In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through A...
See all answers
 

Comparisons

Azure Key Vault vs AWS Secrets Manager Logo
Azure Key Vault vs AWS Secrets Manager
Compared 72% of the time
1Password vs AWS Secrets Manager Logo
1Password vs AWS Secrets Manager
Compared 5% of the time
CyberArk Enterprise Password Vault vs AWS Secrets Manager Logo
CyberArk Enterprise Password Vault vs AWS Secrets Manager
Compared 3% of the time
Delinea Secret Server vs AWS Secrets Manager Logo
Delinea Secret Server vs AWS Secrets Manager
Compared 1% of the time
BeyondTrust Password Safe vs AWS Secrets Manager Logo
BeyondTrust Password Safe vs AWS Secrets Manager
Compared 1% of the time
More AWS Secrets Manager Competitors
Azure Key Vault vs HashiCorp Vault Logo
Azure Key Vault vs HashiCorp Vault
Compared 33% of the time
Keeper vs HashiCorp Vault Logo
Keeper vs HashiCorp Vault
Compared 8% of the time
CyberArk Enterprise Password Vault vs HashiCorp Vault Logo
CyberArk Enterprise Password Vault vs HashiCorp Vault
Compared 8% of the time
Delinea Secret Server vs HashiCorp Vault Logo
Delinea Secret Server vs HashiCorp Vault
Compared 8% of the time
BeyondTrust Password Safe vs HashiCorp Vault Logo
BeyondTrust Password Safe vs HashiCorp Vault
Compared 5% of the time
More HashiCorp Vault Competitors
 

Product Reports

Buyer's Guide
Enterprise Password Managers
June 2024
AWS Secrets Manager reportDownload AWS Secrets Manager product report
Buyer's Guide
HashiCorp Vault
June 2024
HashiCorp Vault reportDownload HashiCorp Vault product report
 

Learn More

Amazon Web Services (AWS)
HashiCorp
 

Overview

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

HashiCorp Vault is a cloud-agnostic solution used for security and secret management. Its valuable features include integration with other HashiCorp tools, token sharing, open source nature, cloud agnosticism, and on-the-fly encryption management. 

The solution provides encryption of data at rest, in use, in transit, on the fly, and linked with applications. It is free to use, and the interface is simple to navigate. HashiCorp Vault has helped organizations with its multiple authentication methods and RESTful API.

HashiCorp Vault Features

  • Data encryption: The solution is capable of encrypting and decrypting data, and will not store it. Organizations’ security personnel define their own encryption protocols; developers can store the encrypted data where they choose and are not obligated to design specific encryption processes.

  • Robust secrets: For systems such as AWS or SQL databases, Vault is able to generate secrets automatically. HashiCorp Vault is able to generate AWS keypairs with all the appropriate permissions when necessary, and when the approved time expires, will nullify them.

  • Secure secret storage: Any type of value or key secrets can be stored in the Vault. The Vault automatically encrypts the desired secrets before recording them into persistent storage, keeping them safe and secure. Users can record data using HCP Vault’s Consul service or disk, or choose from other options.

  • Nullification: Vault is able to nullify single secrets or all secrets from a particular group or specific user. This process is integral in securing systems in the event of an attack or inappropriate access.

Reviews from Real Users

The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive. The lifecycle of a key is so easy to manage in terms of rotating, revoking, and issuing. They have different auth methods, and I tried all different auth methods. It is seamless.”- Project Manager at a comms service provider.

“The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud-agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp. “ - Mohamed A., Lead DevOps Engineer at Etisalat.

 

Sample Customers

Autodesk, Clevy, Stackery
Adobe, SAP Ariba, Citadel, Spaceflight, Cruise
Buyer's Guide
AWS Secrets Manager vs. HashiCorp Vault
May 2024
Free Report: AWS Secrets Manager vs. HashiCorp Vault
Find out what your peers are saying about AWS Secrets Manager vs. HashiCorp Vault and other solutions. Updated: May 2024.
DOWNLOAD NOW
787,061 professionals have used our research since 2012.
See our AWS Secrets Manager vs. HashiCorp Vault report.
See our list of best Enterprise Password Managers vendors.

We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.