Add to Chrome
Add to Edge
Add to Firefox
Add to Opera
Add to Brave
Add to SafariWhen comparing Ansible Vault vs Thycotic Secret Server, the Slant community recommends Ansible Vault for most people. In the question“What are the best shared secret managers?” Ansible Vault is ranked 1st while Thycotic Secret Server is ranked 12th. The most important reason people chose Ansible Vault is:
The official documentation of Ansible vault does a great job at explaining how Ansible Vault works and how to use the easy UI for encrypting, decrypting, and re-keying your secrets for storing in source control.
Question Ranking
Pros
Pro The documentation does a good job on explaining how to use it
The official documentation of Ansible vault does a great job at explaining how Ansible Vault works and how to use the easy UI for encrypting, decrypting, and re-keying your secrets for storing in source control.
Pro Allows keeping encrypted data in ansible playbooks easily
Ansible uses configuration files called playbooks which are used to describe a policy that the remote system needs to follow. Though there is often a need to keep data from these configurations files encrypted when using source control.
Doing this in Ansible's Vault is pretty easy, simply running: ansible-playbook site.yml --ask-vault-pass will run a playbook which uses encrypted data.
Pro Free Version Available
NB: Free edition does not have all features. See comparison chart: https://thycotic.com/products/secret-server/features/
Pro Geo-Replication
Pro Clustering (HA)
Pro Unlimited Admin / Break Glass
Pro Custom Ticket System Integration
Pro SSH Dependencies
Pro SQL Dependencies
Pro PowerShell Dependencies
Pro PowerShell Password Changing
Pro Application API
Pro Web Services API
Pro SSH Key Management
Pro Unix SUPM
Pro Keystroke Logging
Pro Session Monitoring
Pro Session Recording
Pro Proxying RDP & SSH
Pro HSM Integration
Pro SAP Integration
Pro IBM z/OS Integration
Pro SIEM Integration
Pro SAML Integration
Pro CRM Integration
Pro Vulnerability Scanning Integration
Pro Workflow: Native Ticket System Integration
Pro Workflow: Checkout (OTP)
Pro Workflow: DoubleLock
Pro Workflow: Request Access
Pro Workflow: Require Comment
Pro FIPS Compliance
Pro Custom Reports
Pro Scheduled Reports
Pro Event Subscriptions
Pro Dual Control
Pro Discover and Manage Service Accounts
Pro Discovery Rules
Pro Discover Local Accounts
Pro Automated Distributed Engine
Pro Automated Secret Policy
Pro Automated Heartbeat
Pro Automated Changing of Network Passwords
Pro IP Address Restrictions
Pro Automatic Backups
Pro Email Notifications
Pro Auditing & Reports
Pro Password “Hiding”
Pro Smartphones and Devices
Pro Import / Export
Pro Web Password Filler
Pro RDP/PuTTY Support
Pro Active Directory Integration
Pro File Attachments
Pro Folders & Permissions
Pro Role Based Access Control
Pro Two Factor Authentication
Pro AES 256 Encryption
Uses a recognised secure encryption protocol.
Cons
Con No way of exposing just the key in the key-value pair
Ansible vault files are encrypted YAML key-value stores. The entire file is encrypted, and so it's impossible to indicate which keys are defined within the vault without also viewing values.
Con Prices are not published
To gain a quote, you need to contact Thycotic Sales; prices are not published openly on their site.
You can obtain a quote via: https://thycotic.com/products/request-a-quote/
Con More advanced features incur a cost
See https://thycotic.com/products/secret-server/features/ for comparison of editions.
