Multi-Vault Support
Supports AWS SSM and Secrets Manager currently, with more providers planned.
KeepSecret Management Made Simple
Collaborative, secure management of secrets across applications, environments, and teams.
Skip to content
Quick Example
bash
# Configure your project
keep init
# Add a vault
keep vault:add
# Set secrets
keep set DB_PASSWORD "super-secret" --env=production
# List secrets
keep list --env=staging
# Compare environments
keep diff --env=staging,production
# Export to .env
keep export --env=production --output=.env
# Use templates
keep export --template=.env.template --env=production --output=.envInteractive Shell
Launch the Keep shell for faster secret management with tab completion:
bash
# Start the interactive shell
keep shell
# In the shell, use shortcuts and tab completion
>>> env production # Switch to production environment
>>> get DB_<TAB> # Tab completes secret names
>>> set NEW_SECRET "value" # Set secrets instantly
>>> diff staging production # Compare environments
>>> exit # Exit when doneWeb UI
Launch a modern browser-based interface for visual secret management:
bash
# Start the web server
keep server
# The UI provides:
# - Visual diff matrix comparing environments
# - Drag-and-drop import with conflict resolution
# - Real-time search and filtering
# - Export in multiple formats with preview
# - Settings management for vaults and environmentsRuntime Injection
Execute processes with secrets injected as environment variables - no files written to disk:
bash
# Laravel: inject secrets during config caching
keep run --vault=ssm --env=production -- php artisan config:cache
# Node.js: run build or start with injected secrets
keep run --vault=ssm --env=production -- npm run build
keep run --vault=ssm --env=production -- npm start
# Any command with secrets available as env vars
keep run --vault=ssm --env=production -- ./deploy.shGet started with our installation guide, explore the interactive shell, try the Web UI, or see all CLI commands.