25 KiB
Open-source, end-to-end encrypted tool to manage secrets and configs across your team, devices, and infrastructure.
Slack | Infisical Cloud | Self-Hosting | Docs | Website
Read this in other languages: 
Infisical is an open source, end-to-end encrypted secret manager which you can use to centralize your API keys and configs. From Infisical, you can then distribute these secrets across your whole development lifecycle - from development to production . It's designed to be simple and take minutes to get going.
- User-Friendly Dashboard to manage your team's secrets and configs within projects
- Language-Agnostic CLI that pulls and injects esecrets and configs into your local workflow
- Complete control over your data - host it yourself on any infrastructure
- Integrations with CI/CD and production infrastructure
- Infisical API - manage secrets via HTTPS requests to the platform
- Secret Versioning to view the change history for any secret
- Audit Logs to record every action taken in a project
- Point-in-time Secrets Recovery for rolling back to any snapshot of your secrets
- Role-based Access Controls per environment
- 🔜 Dynamic Secrets
- 🔜 Automatic Secret Rotation
🚀 Quick start: Inject secrets into your application
There are several methods for integrating Infisical secrets into your application. You can sync secrets to third-party services using integrations like AWS Secrets Manager, GCP, Render, and others. Additionally, you can use Infisical SDKs to retrieve secrets directly via code. For Kubernetes users, utilize the secrets operator for seamless integration. Lastly, our CLI allows you to inject secrets directly into your application as environment variables.
Install Infisical CLI
MacOs
Use brew package manager
brew install infisical/get-cli/infisical
Windows
Use Scoop package manager
scoop bucket add org https://github.com/Infisical/scoop-infisical.git
scoop install infisical
Debian/Ubuntu
curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' \
| sudo -E bash
sudo apt-get update && sudo apt-get install -y infisical
Install CLI on other platforms
Authenticate
After installing the CLI on your system, you'll need to authenticate with your Infisical credentials. If you're developing locally, you can log in directly using infisical login. However, if you're in a non-development environment, you can authenticate using a service token.
Inject secrets into your application process
To feed secrets from Infisical into your application process, you can start your appliciaon with Infisical CLI. By starting your application with the Infisical CLI, the secrets are injected into your application process as environment variables, enabling your application to access them from the environment.
## Inject secrets into a single command ##
infisical run -- [your application start command]
# Example
infisical run -- npm run start
## Inject secrets into multiple commands ##
infisical run [options] --command [string command]
# Example
infisical run [options] --command "npm run bootstrap && npm run dev start; other-bash-command"
View all available commands for Infisical CLI here
Self host Infisical
To meet various compliance requirements, you may want to self-host Infisical instead of using Infisical Cloud. Self-hosted Infisical allows you to maintain your sensitive information within your own infrastructure and network, ensuring complete control over your data.
One click EC2 deployment
Kubernetes Helm deployment
🔥 What's cool about this?
Infisical makes secret management simple and end-to-end encrypted by default. We're on a mission to make it more accessible to all developers, not just security teams.
According to a report, only 10% of organizations use secret management solutions despite all using digital secrets to some extent.
If you care about efficiency and security, then Infisical is right for you.
We are currently working hard to make Infisical more extensive. Need any integrations or want a new feature? Feel free to create an issue or contribute directly to the repository.
🔌 Integrations
We're currently setting the foundation and building integrations so secrets can be synced everywhere. Any help is welcome! :)
| Platforms | Frameworks | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
💚 Community & Support
- Slack (For live discussion with the community and the Infisical team)
- GitHub Discussions (For help with building and deeper conversations about features)
- GitHub Issues (For any bugs and errors you encounter using Infisical)
- Twitter (Get news fast)
🏘 Open-source vs. paid
This repo is entirely MIT licensed, with the exception of the ee directory which will contain premium enterprise features requiring a Infisical license in the future. We're currently focused on developing non-enterprise offerings first that should suit most use cases.
🛡 Security
Looking to report a security vulnerability? Please don't post about it in GitHub issue. Instead, refer to our SECURITY.md file.
🚨 Stay Up-to-Date
Infisical officially launched as v.1.0 on November 21st, 2022. There are a lot of new features coming very frequently. Watch releases of this repository to be notified about future updates:
🌱 Contributing
Whether it's big or small, we love contributions ❤️ Check out our guide to see how to get started.
Not sure where to get started? You can:
- Book a free, non-pressure pairing sessions with one of our teammates!
- Join our Slack, and ask us any questions there.
🦸 Contributors
🌎 Translations
Infisical is currently available in English, Korean, French, and Portuguese (Brazil). Help us translate Infisical to your language!
You can find all the info in this issue.