When comparing StackExchange Blackbox vs Amazon Key Management Service, the Slant community recommends StackExchange Blackbox for most people. In the question“What are the best shared secret managers?” StackExchange Blackbox is ranked 6th while Amazon Key Management Service is ranked 9th. The most important reason people chose StackExchange Blackbox is:
Since the secrets file is stored in the remote VCS server, anyone that has access to it (team members) also have access to the secrets file.
Ranked in these QuestionsQuestion Ranking
Pro Easily share secrets with other team members
Pro Free and open source
StackExchange Blackbox is free and open source. It's released under the MIT license and its source code is freely available on GitHub.
Pro Uses a VCS repo to store the secrets
SE Blackbox works with Git, Mercurial, Subversion and Perforce to store encrypted secrets file in a repository. Files are automatically encrypted and decrypted using GNU Privacy Guard.
Pro Extremely secure
Amazon has used a lot of techniques to harden the process of storing and securing keys in its service. For example, keys are not stored on disk, nor are they allowed to persist in memory.
Amazon employees can not access a user's secret keys physically and the keys themselves are stored in the same geographical region as the application they belong to.
Pro Easy to use from a single dashboard
AWS Key Management Service offers a single unified dashboard that teams can use to manage and store their secrets used in applications hosted on AWS services. In the dashboard users can create keys, retrieve them and audit key usage through detailed information offered to them
Con Does not generate certificates
KMS does not generate certificates, in order to generate them you have to roll out your own solution.