Secrets Management
Learn how to securely store, access, and manage sensitive application secrets.
Hanzo KMS provides a flexible platform for managing secrets such as API keys, database credentials, and application configuration across every stage of the development lifecycle — from local development to production. It enables teams to eliminate hardcoded secrets, enforce fine-grained access controls, deliver secrets across their infrastructure, and adopt secure workflows like secret rotation and dynamic secrets.
The short video below provides a guided overview of Hanzo KMS's secrets management capabilities and key concepts, helping you build the right mental model before diving into the rest of the documentation.
Hanzo KMS's core secrets management capabilities include:
- Secret Stores: Secure, versioned storage scoped by project, environment, and path.
- Access Control: Fine-grained, identity-aware permissions for users and machines
- Secret Delivery: Access secrets via CLI, SDKs (Go, Node.js, Python, etc.), HTTP API, agents, Kubernetes Operator, External Secrets Operator (ESO), and more.
- Lifecycle Automation: Automate secret rotation, generate dynamic secrets, and enforce approval-based workflows.
- Secrets Syncs: Push secrets to external services like GitHub, GitLab, AWS Secrets Manager, Vercel, and more.
How is this guide?
Last updated on