Amazon Cognito is a mobile identity product that allows users to add user sign-up and sign-in to mobile and web apps, and authenticate users through social identity providers.
$0.01
Per MAU
HashiCorp Vault
Score 8.9 out of 10
N/A
HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
Amazon Cognito has a bit of a learning curve. You need to learn its concepts and terminology. The documentation does not describe some topics comprehensively.
Some Console screens would benefit from improved search and filtering options.
When another AWS product (e.g., SageMaker) configures Cognito on your behalf, it is not clear what you're getting. For example, the expiration of a temporary password was configured but never communicated.
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
Amazon Cognito is easy to use and implement if you don't need to implement custom policies. But if your security team requires something outside the box, then implementation becomes complicated and you risk wasting time. There is no option for customizable regex for passwords, which is a major deficiency. The standard password policy, allow to choose the length of the password, if it should contains at least one number, one special character, one uppercase letter and one lowercase letter.
We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
Community support is excellent, many times even better and quicker then the offical AWS support. I really cannot recommend community support enough! Apart from that the service is relativily easy to use and does not have a huge learning curve. Examples are easy to follow and will help you start using the service.
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
They are ideal tools to create a secure and unique login experience for our applications. Thanks to its API authorization, Amazon Cognito ensures connections to applications that are secure.It is easy to use and provides easy access to files and applications that you need to complete your goal.
