TrustRadius

AWS Certificate Manager vs. HashiCorp Vault

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
AWS Certificate Manager
Score 7.8 out of 10
N/A
AWS Certificate Manager is a service that lets users provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and internal connected resources.N/A
HashiCorp Vault
Score 8.4 out of 10
N/A
HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.
$0.03
Pricing
AWS Certificate ManagerHashiCorp Vault
Editions & Modules
No answers on this topic
Cloud - HCP Vault
$0.03/hr
Open Source
Free
Enterprise
Contact sales team
Offerings
Pricing Offerings
AWS Certificate ManagerHashiCorp Vault
Free Trial
NoNo
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
AWS Certificate ManagerHashiCorp Vault
User Ratings
AWS Certificate ManagerHashiCorp Vault
Likelihood to Recommend
10.0
(0 ratings)
8.0
(0 ratings)
Likelihood to Renew
-
(0 ratings)
10.0
(0 ratings)
Usability
10.0
(0 ratings)
7.0
(0 ratings)
Support Rating
8.7
(0 ratings)
6.3
(0 ratings)
User Testimonials
AWS Certificate ManagerHashiCorp Vault
Likelihood to Recommend
Ability to upload our clients' private ssl certificates to then be used across other AWS services. Great to integrate with Route53 and be able to generate internal SSL certificates to be used across other services.
Verified User
Anonymous
Read full review
Vault is a reliable and resilient as the Key Management System. It is not for the novice user that does not have a background in information security. It requires a significant time investment into the different key engines that the solution offers to get started. It works very well once implemented and is very flexible in general.
Jeffrey Severance | TrustRadius Reviewer
Jeffrey Severance
Senior Solutions Engineer
Read full review
Pros
  • Easy to use interface
  • Really straight forward functionality
  • Simple and effective
Verified User
Anonymous
Read full review
  • The HTTP API you use to write and read secrets is open and can be used by any application.
  • It keeps our sensitive data/credentials out of our GitLab repositories.
  • Sealing and unsealing the Vault on demand adds an additional layer of security.
Jeffrey Severance | TrustRadius Reviewer
Jeffrey Severance
Senior Solutions Engineer
Read full review
Cons
  • Domain name validation is time consuming, and requires manual effort.
  • Domain name validation could be avoided if the domain provider is AWS, they can validate it internally.
Verified User
Anonymous
Read full review
  • Documentation for the API moves slower than changes in the API itself
  • The database secret engine's API design isn't as elegant as it could be
  • No support for revocation of all secrets under one path
Verified User
Anonymous
Read full review
Likelihood to Renew
No answers on this topic
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
Verified User
Anonymous
Read full review
Usability
AWS historically has had very confusing interfaces. But in recent times they have improved them. AWS Certificate Manager is a clear sample of this. The interface is clear and straightforward, with no useless or cryptic options. Really I can't think of a way the interface could be better with the actual options available.
Verified User
Anonymous
Read full review
We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
Erlon Sousa Pinheiro | TrustRadius Reviewer
Erlon Sousa Pinheiro
DevOps Engineer
Read full review
Support Rating
They do a great job.
Verified User
Anonymous
Read full review
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Jeffrey Severance | TrustRadius Reviewer
Jeffrey Severance
Senior Solutions Engineer
Read full review
Alternatives Considered
Easy to implement within a few clicks, or even from command line, the alternatives doesn't integrate that easy with AWS Application Load Balancers or AWS CloudFront
WJ
Walter Justet
Solutions Architect
Read full review
HashiCorp Vault integrates with a lot of tools and systems, and the documentation was pretty robust with a lot of community help. Because HashiCorp Vault is also older than other solutions, it is already well developed with a lot of features you need for storing secrets and configuration. HashiCorp Vault is also friendlier towards application build and is focused in providing security and a lot of customization for almost any use case scenario. Bitwarden is more limited to password management of enterprise accounts, but for application usage is not that great or easy to integrate. It does not scale well also. AWS Secrets Manager on the other hand is really good but more limited to AWS applications and vendor lock is problematic as well for such a critical piece of infrastructure.
FZ
Fabricio Zubelli
DevOps Engineer
Read full review
Return on Investment
  • We're saving our spent on SSL certificates As it dosen't costs at all.
  • Limited to AWS only, Certificates issued by ACM can be used with AWS managed services only.
  • It doesn't support automatic domain verification with other DNS management systems.
ANurag Tamrakar | TrustRadius Reviewer
ANurag Tamrakar
Software Engineer - DevOps
Read full review
  • Allowed better access control for credentials, passwords, and important keys.
  • After we started using HashiCorp Vault, we were able to base our environment 100% as code.
  • SSH access control that is possible using HashiCorp Vault adds an extra level of security in environments where external remote access is required.
Erlon Sousa Pinheiro | TrustRadius Reviewer
Erlon Sousa Pinheiro
DevOps Engineer
Read full review
ScreenShots

HashiCorp Vault Screenshots

Screenshot of Example of writing a secret to Vault. Secrets are always encrypted and written to backend storage. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-first-secretScreenshot of Secrets menu to manage integrated secrets engines. Secrets Engines are components which store, generate, or encrypt data and are enabled at a path in Vault. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-uiScreenshot of Vault identity has support for groups. A group can contain multiple entities as its members. A group can also have subgroups. To learn more: https://developer.hashicorp.com/vault/docs/concepts/identityScreenshot of HCP Vault provides all of the power and security of Vault, without the complexity and overhead of managing it yourself. To learn more: https://cloud.hashicorp.com/products/vaultScreenshot of View entity client and non-entity client counts.Screenshot of MFA is built on top of the Identity system of Vault. To learn more: https://developer.hashicorp.com/vault/docs/auth/login-mfa