Infisical Secret Management

My main use case for Infisical is to store secrets for other programs and tools, and I use it for that most often. For example, we had access keys for the local GitLab instance and those were stored inside Infisical and fetched from there. That is mostly what Infisical was used for with other tools as well.

In my opinion, the best features Infisical offers are the security aspects, as the security made it difficult to access all the secrets very easily. When I refer to security features, the overall sense of security is mostly what I liked, but I would say the role-based access was very nice.

Infisical has positively impacted my organization, and even though I was an intern, I noticed improvements or benefits after using it as that was part of the assignment.

I believe Infisical can be improved by adding more features. I don't think there is a specific feature missing or something I had in mind for improvement; I believe continuing on the current path and expanding what has already been done is the best course of action for Infisical.

I have been using Infisical for about five months.

I haven't experienced any issues or downtime with Infisical.

I didn't notice any challenges or strengths regarding Infisical's scalability as that wasn't my responsibility.

I have no knowledge about the customer support for Infisical because I didn't have to reach out to them.

I haven't used a different solution for secret management before, so I have no basis for comparison.

I would advise others looking into using Infisical to really examine the documentation they provide because it is very useful. Infisical is a nice, modern tool in secret management. I gave this review a rating of 8.

My main use case for Infisical is to store my CI/CD secret keys, which I use in GitHub.

A quick and specific example of how this integration makes my work easier is that it adds a lot of security in the sense of not using passwords in command prompts. That way, I can send commands directly in GitHub using Infisical's secret passwords, without having to leave traces in the commands directly in the terminal.

Regarding how Infisical contributes to security or to the management of passwords and commands in my routine, it prevents us from leaving passwords in the command prompts. Alongside GitHub, GitHub does not store passwords. Instead, it accesses Infisical directly through the application without leaving command traces in any prompt. It is excellent regarding security in command prompts, with no password traces.

Infisical's best features include the ease I have to store passwords and manage the users who will use those passwords. That helps a lot.

User management through Infisical makes my work easier because I am able to manage the access levels to the types of passwords that I have stored in Infisical. This allows me to have higher access levels with higher-level passwords and deeper levels of access.

Infisical is extremely simple to use, so it is important to emphasize how easy it is to handle the platform as a whole. It is very straightforward and very easy to deal with in terms of how it is laid out.

Infisical has had a positive impact on my organization mainly in the level of security regarding the use of passwords that give direct access to the server. We stopped using passwords directly on personal computers. This ensures a very high level of security for both those in development and those in management. There are possibilities of computers breaking or losing saved passwords. If someone breaks into my personal computer, that person will not have access via prompt to my high-level passwords. This security segregation raises and gives much more credibility to the company as a whole.

I have noticed time savings in access management after adopting Infisical as the main benefit. Regarding leaks, we have not had anything proven related to leaks yet.

I have not encountered any limitation in Infisical. I use the free version and have not had any limitations. It is excellent. In the way we are using it as a test, it will certainly be used as an indispensable tool in any CI/CD operation in GitHub and servers.

Infisical already fully meets my needs at the moment.

I have been using Infisical for a year.

Infisical is stable, as I never experienced any instability. I never had any problems with it.

Infisical's scalability works well when there is an increase in the volume of users or data. With the increase in the number of users, I did not feel any difference because the CI/CD I use is for a small company. The number of developers using the CI/CD platform, where Infisical is embedded, is not stressed enough.

I have not needed to contact Infisical's customer support because, as I mentioned, it is highly resilient and sustainable regarding its configurations.

I previously tried to use a different solution before Infisical, but it was extremely complex and did not work out. I do not remember the name, but it is one of the best on the market as well. I found it extremely complex. I decided to migrate to Infisical because I saw some friends saying it was good.

My experience with Infisical's pricing, setup costs, and licensing is excellent. Even using the free version, it fits perfectly for small solutions for small companies. It is very worthwhile.

I have obtained a return on investment using Infisical, with a reduction in time of up to 15 minutes when using manual passwords. We stopped using manual passwords and started using Infisical's application layer. This reduced those 15 minutes of waiting time to practically instantaneous. We no longer have to wait for the terminal to finish the process so we can focus on other things.

My experience with Infisical's pricing, setup costs, and licensing is excellent. Even using the free version, it fits perfectly for small solutions for small companies. It is very worthwhile.

Before choosing Infisical, I evaluated other options, specifically HashiCorp. With this company, I had extreme difficulty configuring the panel, and I found Infisical very intuitive.

The advice I would give to others considering using Infisical is to test it, because these other tools that exist, such as HashiCorp, are extremely expensive and extremely complex. Infisical brings exactly this ease for the end user to be able to do a good job with quality and at an extremely affordable price. I would rate my overall experience with Infisical a 10 out of 10.

My main use case for Infisical is to manage my environment variables in Docker containers. When a container goes up, I hydrate the container with the values at runtime.

In a recent project for software for organizational wellness, I have an entry point where I have Infisical CLI installed in the container. When the application comes up, I invoke Infisical CLI with a service token, and with that, I hydrate the container with the corresponding environment variables.

The best feature that Infisical offers is the self-host mode, which lets you have your own hosted service because you have control of everything at that point.

The user interface is an additional feature that I have found especially useful.

Infisical has had a positive impact on my organization because it has helped me manage secrets in a much faster way, and all the people in the mobile or web development departments can integrate with the ecosystem quickly thanks to its SDK.

The concrete result I have observed thanks to the integration of Infisical is a very high reduction in errors because we now have a very short time for modifying a secret and sharing it among teams. It is very easy to modify a secret and have that value distributed across all the applications of the other teams.

According to my experience, I see Infisical as very complete and a quite useful tool. I have no suggestions for possible improvements they could implement.

I have been working for four years, but in my area, I have been for more than six years. I have been using Infisical for three years.

I consider Infisical to be very stable. I rarely see incidents, and it is very stable.

I rate the scalability of Infisical as 100 out of 100. It is really very scalable and easy to implement in varied teams.

I did not use any other tool before Infisical.

I have seen a return on investment with Infisical through optimized time.

My experience with Infisical's pricing, installation costs, and licensing was good. I had no cost because I have it hosted myself.

Before choosing Infisical, I did not evaluate other options.

My advice to other professionals who are thinking about using Infisical is that they should use it because it helps you save a lot of time.

Infisical was conceived as a proof of concept for a secret manager tool designed for applications and environment variables. The primary appeal was based on how it integrates with development workflows. We implemented the tool via CLI for developers and deployed a self-hosted solution to integrate into applications in production.

We implemented an agent in our Kubernetes cluster and ran applications locally via CLI, integrating directly with the self-hosted instance.

Since this was a proof of concept, using Infisical did not have significant impact, but it provided strong evidence of the tool's capabilities and was quite positive overall.

Infisical had a positive impact on my organization, even in its proof-of-concept phase, because it integrated more seamlessly into the development environment. Starting a project with Infisical meant reducing risks compared to using .env files. The integration via CLI and the ability to configure granular access allowed us to move faster. We could begin the project knowing exactly what our responsibilities were and could fetch secrets directly without taking on as much risk as we would have with a .env file.

Infisical's best features are the ability to integrate via CLI in a very simple and easy manner. I have experience with other tools serving the same purpose, such as AWS Secrets Manager, which is more complicated to configure via CLI because you need access keys and more granular access within the cloud environment itself, given its direct contact with other resources. Having this functionality separated in Infisical and configured simply is a very strong point. The ability to integrate into a cluster in a straightforward way with agents and operators makes the configuration process very simple.

The access granularity within the platform is also relevant. You can configure solid RBAC for access to Infisical and you have the possibility of granularizing the secrets themselves through folders, allowing for more organized configuration. These are also very positive points.

Infisical could be improved by having a solution to integrate with cloud providers. This would be interesting because sometimes people hesitate to leave their cloud environment for an open-source solution due to lack of trust. If the decision had depended solely on me, we would have adopted Infisical. However, it was a joint business decision regarding a tool we did not know well, and because we already had contracted other solutions with built-in secret manager capabilities, we ended up choosing those other options. Infisical is already a very strong tool.

Better documentation is needed. When implementing the agent in Kubernetes, I had to search quite a bit to adapt it to my specific cluster. Clearer and more up-to-date documentation would greatly help in the process of integrating the tool with other solutions already in place.

I have been using Infisical for about three months.

Infisical is stable in my experience. It demonstrated stability during use.

Infisical has high scalability because it has the possibility of integrating into the cluster and offers a self-hosted solution. You can organize the space with several projects and several folders for each project, manage access, and other configurations, making it quite scalable.

Before choosing Infisical, I evaluated other options, including HashiCorp Vault and AWS Secrets Manager.

I did not acquire Infisical through the AWS Marketplace.

We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.

We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.

My experience with Infisical's pricing, configuration costs, and licensing is that initially, people thought it was a bit expensive, which is why we opted for the self-hosted alternative. Because of that, we conducted the proof of concept with self-hosted, understood that there was already a solution on AWS for this purpose, and continued with the AWS solution.

The possibility of integrating with clouds also contributed to my rating.

We used AWS as the private cloud provider in the proof of concept.

My advice for other people thinking about using Infisical is to conduct a proof of concept to determine if it fits your organizational structure. My review rating for Infisical is eight out of ten.

Infisical is primarily used to maintain secret variables or environment variables across different environments. When working on the development environment, environment variables that have been predefined are directly fetched. For example, if environment variables have been placed into an API folder in the development environment, they can be quickly fetched from dev/API. In the same way, if environment variables need to be fetched from staging or production, the particular command attached to that environment can be used to fetch the environmental variables associated with those environments.

Integration with Vercel has been implemented on the deployed environment. In that instance, environmental variables also need to be maintained, so the same Infisical environments are used on the Vercel deployed environment as well, depending on the environment, which could be development, staging, or production.

Managing environmental variables in Infisical is straightforward because there is no need to specifically care about maintaining them locally on .env files or putting them into a gitignore file and maintaining them separately. With local .env file management, there is a higher security vulnerability where environmental variables could be breached. Additionally, if environmental variables are accidentally pushed to a Git repository, that would cause problems. Managing something on Infisical helps to maintain security because it has very prominent security precautions in place.

Infisical has prevented issues in that no issues have been encountered after using it in the first place. Security features have specifically prevented issues, and according to my perspective, none of those security-related situations were encountered in the first place. The integration is smooth for other applications when using Infisical. No matter what, if the proper credentials are available, access can be obtained from anywhere at any time.

The main positive impact is that it saves a lot of time because there is no need to worry about security vulnerabilities that can occur. When it comes to workflow collaboration and efficiency, collaboration is improved because a particular organization can be created inside Infisical. Once a particular organization is created and access is given to particular people in the organization, collaboration becomes very easy. Another plus point is that everybody does not need to maintain a .env file separately. On the collaboration side, everybody can access it seamlessly since it is a central hub with separate access controls. That is really efficient because if something is changed, everybody sees it immediately, which is very valuable.

Creating multiple organizations at the same time with the pricing plan, instead of creating a very limited amount of organizations, would be a plus point for improvement. There is a limitation on how many people can be given access for a particular organization or project, which is another area that could be improved. From a features perspective, there is a little lag when running projects and importing particular secret variables. Requests to log in occur in quick succession, where sometimes it happens every five days or every ten days, which does occur from time to time, though not that frequently.

Continuous logins take place after using or importing secret variables multiple times, and that is one area for improvement. Another improvement needed is the limited number of people that can be added to a particular organization to access the secret variables.

I have used Infisical for one year.

Infisical is quite stable in my experience, and there have been no downtime or reliability issues encountered.

Scalability has been important because when scaling occurs, many secret variables are stored underneath. In that instance, scalability is present because many secret variables are now counted, stored, and handled. In that instance, it plays a crucial role.

The support team has not been encountered because there have been no issues with Infisical in the first place. In that instance, there was no chance or need to interact with their customer support to configure any problem.

Prior to Infisical, the main dependence was on .env files. No third-party solutions or API integrations were used before. This is actually the initial integration or the initial implementation for this particular topic.

There is a noticeable reduction in setup time because several tasks on the .env file previously needed to be completed, and security features had to be ensured. When particular access is given to a person in the organization who needs to access the secret variables on a particular project, it saves a lot of time because all that needs to be done is give them the particular access, and then they can log in with their GitHub account or any organization credentials. When it comes to deployment as well, using Vercel, it is quick because once anything is changed on Infisical, it would automatically change on the Vercel environmental variables as well, depending on the particular environment. A rough estimate of time saved has not been measured on a pinpoint basis, but a lot of time is saved, and it is easy to use.

There is not much idea about the pricing and setup cost because a separate team handles those matters. From my perspective, there is nothing called a setup cost, but there is a subscription that is ongoing. The pricing seemed acceptable.

A lot of time is saved, and whenever a new employee or a new member is coming to the organization, it would be very seamless to integrate the new member or the developer. The most important return on investment would be the time saved and the seamless integration.

There is not much idea about the pricing and setup cost because a separate team handles those matters. From my perspective, there is nothing called a setup cost, but there is a subscription that is ongoing. The pricing seemed acceptable.

Doppler was tried when evaluating other options. When going through that evaluation, Infisical was performing well with the metrics.

Most of the topics have been covered, starting from what Infisical is to customer support and improvements. The review rating for this product is 9 out of 10.

The process was straightforward. I obtained the Infisical token and used it to log in to Infisical from the cloud machine to obtain all the secrets. The secrets were divided based on the project, so for different projects, I obtained different secrets and injected them into the environment file.

I found the process of managing and rotating tokens in Infisical easy to use. The tokens were divided into three phases: development, staging, and production, so it was very easy to rotate any token at any time in any stage.

Infisical has positively impacted my organization by helping us transition from deploying everything manually, where we had to copy-paste all the environment variables into the environment files in the cloud. Infisical helped tremendously by dynamically injecting all the tokens and secrets into the workflow, which was very fast and saved a lot of time.

I would like to add more about needed improvements. One feature that I would like to see, or that is actually already a feature, is permission management. Permission management is a bit confusing in Infisical, and it took us a lot of time to clear out the permission issues. I faced many permission issues, so I had to go back and forth with my founder to get all the permissions required for building the CI/CD pipeline and injecting the tokens into it.

I have additional thoughts about Infisical before we wrap up. If you fix the issue that I have discussed, where the system was not able to communicate with Infisical, then it would be a very good tool. I give this product a rating of eight out of ten.