Kamus

An open source, GitOps-friendly, secrets encryption and decryption solution for Kubernetes.

Overview

Kamus is a Kubernetes-native secrets management tool that allows you to encrypt secrets that can only be decrypted by a specific application (service account) in your cluster. This helps enforce the principle of least privilege for secrets.

✨ Key Features

Application-specific encryption
GitOps-friendly
Integrates with various KMS providers
Open-source

🎯 Key Differentiators

Application-specific encryption tied to Kubernetes service accounts
Focus on least privilege for secrets
Kubernetes-native design

Unique Value: Provides a strong security model for Kubernetes secrets by encrypting them for a specific application, ensuring that other applications in the cluster cannot access them.

🎯 Use Cases (3)

Encrypting secrets for individual microservices in Kubernetes Storing encrypted secrets in Git Ensuring that only the intended application can access a secret

            ✅ Best For
            Encrypting a database password so that only the database-accessing application can decrypt it

💡 Check With Vendor

Verify these considerations match your specific requirements:

Organizations that need a centralized UI for managing secrets or advanced features like rotation

🏆 Alternatives

Sealed Secrets SOPS

Offers a more granular, application-specific encryption model compared to Sealed Secrets, which encrypts secrets for the entire cluster.

💻 Platforms

CLI

✅ Offline Mode Available

🔌 Integrations

Kubernetes Google KMS Azure Key Vault AWS KMS

💰 Pricing

Contact for pricing

Free Tier Available

Free tier: Completely free and open-source.

Visit Kamus Website →

Kamus

Overview

✨ Key Features

🎯 Key Differentiators

🎯 Use Cases (3)

✅ Best For

💡 Check With Vendor

🏆 Alternatives

💻 Platforms

🔌 Integrations

💰 Pricing

🔄 Similar Tools in K8s Secrets Management

HashiCorp Vault

AWS Secrets Manager

Google Cloud Secret Manager

Azure Key Vault

Akeyless Vault Platform

CyberArk Conjur