When comparing Conjur vs Amazon Key Management Service, the Slant community recommends Conjur for most people. In the question“What are the best shared secret managers?” Conjur is ranked 5th while Amazon Key Management Service is ranked 10th. The most important reason people chose Conjur is:
If a company uses more than a cloud service on which they run their platform, you don't need to use a different service to manage secrets for each of them, instead Conjur bundles all of them in a simple to use user interface.
Ranked in these QuestionsQuestion Ranking
Pros
Pro Can bundle different cloud services into a single interface
If a company uses more than a cloud service on which they run their platform, you don't need to use a different service to manage secrets for each of them, instead Conjur bundles all of them in a simple to use user interface.
Pro Easy setup
Setting up Conjur is pretty easy. All a user has to do is install the client, set up an account and through the guidance of the user interface, choose the operations with which the developers will use to control their data and servers.
Pro Provides tools for monitoring activity
Conjur provides detailed information on activity of all users and changes within the secret storage. It also provides graphs and comes with a warning system to make monitoring easier.
Pro Extremely secure
Amazon has used a lot of techniques to harden the process of storing and securing keys in its service. For example, keys are not stored on disk, nor are they allowed to persist in memory.
Amazon employees can not access a user's secret keys physically and the keys themselves are stored in the same geographical region as the application they belong to.
Pro Easy to use from a single dashboard
AWS Key Management Service offers a single unified dashboard that teams can use to manage and store their secrets used in applications hosted on AWS services. In the dashboard users can create keys, retrieve them and audit key usage through detailed information offered to them
Cons
Con Does not generate certificates
KMS does not generate certificates, in order to generate them you have to roll out your own solution.