We just came across a pretty interesting developer tool, Keystok. Keystok is a service for developers that stores encrypted secrets in the cloud and gives you a central place to manage, share and revoke them. Christian Fruehwirth, a member of the Keystok team, told us a bit more about the service in an email:

App configs contain a lot of sensitive information, like AWS secrets, APIkeys, etc. Its a pain for developers to manage, share and update configs when they are spread all over the place: in SCM (Github), YML files, environmental variables, you name it.

The company lists four main benefits that they provide to developers. Cleaning up code: “Keep you code crisp and tidy. Replace local config files with and hard coded config parameters with one simple key store.”¹ Quick and easy changes to code: “Easily replace config parameter, like API keys, Analytics IDs, etc. without touching application code or configuration files. Keystok lets you change config parameters right in the web interface. Changes are effortless can be deployed any time.”² Easy teamwork: Keystok lets you easily share a parameter or a whole key set with a large team. Improved security: “Keystok only stores encrypted data. Neither we nor the NSA will ever be able to read your configs. All parameters are encrypted locally, in the client library or browser, before they are stored in Keystok.”³

What’s more, the service is incredibly affordable. Check out Keystok.com for more info.