Secure Credentials Storage and Distribution

Latest on Hackage:0.0.2

This package is not currently in any snapshots. If you're interested in using it, we recommend adding it to Stackage Nightly. Doing so will make builds more reliable, and allow to host generated Haddocks.

LicenseRef-OtherLicense licensed by Brendan Hay
Maintained by Brendan Hay

This library provides a unified interface for managing secure, shared credentials. It uses Amazon Key Management Service (KMS) for master key management, locally encrypts and decrypts secrets, which are then stored in any of the supported storage backends. (Currently DynamoDB.)

The use-case is to avoid storing sensitive information such as passwords and connection strings in plaintext in places such as source control or on developers' machines. Instead you can securely administer and distribute secrets, leveraging Amazon's IAM policies for access control and permissions to ensure limited read-only permissions from production/deployed hosts. You can embed this library into projects such as web applications to securely retrieve sensitive information such as database passwords or private keys on startup.

A complementary CLI for management of credentials can be installed via credentials-cli.

You can read more about other use-cases and prerequisites here.


Change Log

Released: 10 August, 2016, Compare: 0.0.1


  • TemplateHaskell is no longer used to derive Prisms, they are now hand written.


Released: 9 August, 2016

Initial Release

comments powered byDisqus