Akeyless
Cloud-native SaaS platform for unified secrets management and machine identity security
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Universal CLI secret manager for seamless developer workflows
Teller lets developers fetch, inject, and manage secrets from any vault directly in the terminal, eliminating hard‑coded credentials and simplifying CI/CD, Docker, and local workflows.
Teller is a command‑line tool that centralises secret access for developers. By defining providers such as HashiCorp Vault, AWS Secrets Manager, Google Secret Manager, or simple dotenv files in a .teller.yml configuration, you can retrieve and inject secrets without ever leaving the terminal.
Teller can run subprocesses with environment variables populated (teller run), expose variables to the current shell (teller sh), generate Docker‑compatible env files, scan codebases for hard‑coded secrets, redact secrets from logs and process output, populate custom templates, and copy or sync data between providers. It integrates with CI pipelines via teller scan --error-if-found and can be used as a shift‑left security gate.
Install Teller by downloading a binary from the releases page or building from source with Cargo. After running teller new to create a starter configuration, edit .teller.yml to map provider paths and keys. The tool runs on any system that supports the binary, making it suitable for local development, CI runners, and containerised environments.
When teams consider Teller, these hosted platforms usually appear on the same shortlist.
Cloud-native SaaS platform for unified secrets management and machine identity security
Managed service for securely storing, retrieving, and rotating application secrets (credentials, API keys, etc.)
Cloud service for secure storage and management of cryptographic keys, secrets, and certificates
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Run a local application with Vault secrets
The app starts with environment variables populated directly from HashiCorp Vault, avoiding any credential files on disk.
CI pipeline secret sprawl detection
`teller scan --error-if-found` fails the build when hard‑coded secrets are detected, enforcing security best practices.
Docker container environment injection
A one‑liner supplies an env‑file to `docker run`, keeping secrets out of the image and command history.
Real‑time log redaction
Streaming logs through `teller redact` automatically masks secret values before they are stored or displayed.
Download a pre‑built binary from the releases page or build from source using Cargo (`cargo install --path .`).
Run `teller new` to generate a starter `.teller.yml`, then edit the file to define providers, maps, and key mappings.
Yes, providers that support write operations can be used with `teller write` and multi‑write commands.
Absolutely; use `teller scan` to detect hard‑coded secrets and `teller env` or `teller run` to inject secrets during builds.
Teller fetches the current value each time it runs, so rotated secrets are automatically used on the next execution.
Project at a glance
DormantLast synced 4 days ago