Likelihood to Recommend I would always recommend AWS Certificate Manager for anyone using AWS cloud services. The perfect scenario would be with your domain managed by AWS Route 53 as you can obtain auto renewal of certificates with really good security for all your public facing application that uses CloudFront, ALB or API Gateway.
Read full review HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
Read full review Pros easy to generate ssl certificates free ssl certificates ability to import private ssl certificates integrates well with other AWS services Read full review The HTTP API you use to write and read secrets is open and can be used by any application. It keeps our sensitive data/credentials out of our GitLab repositories. Sealing and unsealing the Vault on demand adds an additional layer of security. Read full review Cons It doesn't support automatic domain verification with other domain name services. Limited to AWS only, Certificates issued by ACM can be used with AWS managed services only. If you are having multi-region infrastructure then you'll need to issue an SSL certificate for a domain in each region. Read full review Session Management is terrible to manage Monitoring is hard and not enough information User management Configuration is too complex More user friendly UI Read full review Likelihood to Renew HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
Read full review Usability AWS historically has had very confusing interfaces. But in recent times they have improved them. AWS Certificate Manager is a clear sample of this. The interface is clear and straightforward, with no useless or cryptic options. Really I can't think of a way the interface could be better with the actual options available.
Read full review We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
Read full review Support Rating They do a great job.
Read full review Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Read full review Alternatives Considered Easy to implement within a few clicks, or even from command line, the alternatives doesn't integrate that easy with AWS Application Load Balancers or AWS CloudFront
Read full review HashiCorp Vault is way better than
Azure Key Vault ; it has more features and it goes beyond a key-value secret store.
Read full review Return on Investment switching from paid expensive SSL certificates to free ones generated by ACM quick deployment and validation of certificates integration with other AWS services Read full review Helped us reach our security compliance goals. Helped us strengthen our security position in our infrastructure by improving on poor secret management practices. Read full review ScreenShots HashiCorp Vault Screenshots