Overview
Infisical is the leading open-source secrets management platform designed to securely store, manage, and synchronize application configuration and sensitive information like API keys, database credentials, and environment variables across engineering teams and infrastructure.
Infisical is available both through Infisical Cloud (a hosted SaaS product) as well as Infisical Self-hosted (self-managed on-prem product). Through SOC2 compliance, continuous penetration testing, enterprise uptime guarantee, and support SLAs, Infisical is able to satisfy the hardest security and reliability requirements of global enterprises. As a result, Infisical supports a myriad of Fortune 500 corporations, governmental institutions, as well as the fastest-growing startups in the world.
Infisical's value comes from enabling operational advantage of engineering organizations as well as enhancing organization-wide security posture. To achieve that, Infisical offers a full-fledged set of tools for managing secrets in production environments, efficiently injecting secrets into CI/CD pipelines, enabling local development workflows, preventing secrets leaks, ensuring secure secret sharing, and more!
In addition, Infisical comes with 50+ integration across leading developer and infrastructure tools (e.g., AWS, GitHub Actions, GitLab CI/CD, Jenkins, Kubernetes, Terraform, Ansible, Docker), as well as frameworks such as Next.js, Express, Django, among others.
We recommend speaking to Infisical before purchasing to ensure the best experience. Please contact sales@infisical.com for a private offer.
Highlights
- Unified secret management platform for developers with additional secret scanning and secret sharing capabilities.
- Integrates with all leading developer and infrastructure tools, including Kubernetes, Jenkins, AWS, GitHub Actions, and GitLab CI/CD.
- Available both through a self-hosted on-prem installation as well as a managed Infisical Cloud offering.
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Buyer guide

Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
Identity | Identities are represented by either human or machine users. | $1,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Submit a ticket via support@infisical.com or your dedicated support engineer.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Standard contract
Customer reviews
Secure role-based secret storage has protected our tools and simplifies day-to-day access
What is our primary use case?
My main use case for Infisical is to store secrets for other programs and tools, and I use it for that most often. For example, we had access keys for the local GitLab instance and those were stored inside Infisical and fetched from there. That is mostly what Infisical was used for with other tools as well.
What is most valuable?
In my opinion, the best features Infisical offers are the security aspects, as the security made it difficult to access all the secrets very easily. When I refer to security features, the overall sense of security is mostly what I liked, but I would say the role-based access was very nice.
Infisical has positively impacted my organization, and even though I was an intern, I noticed improvements or benefits after using it as that was part of the assignment.
What needs improvement?
I believe Infisical can be improved by adding more features. I don't think there is a specific feature missing or something I had in mind for improvement; I believe continuing on the current path and expanding what has already been done is the best course of action for Infisical.
For how long have I used the solution?
I have been using Infisical for about five months.
What do I think about the stability of the solution?
I haven't experienced any issues or downtime with Infisical.
What do I think about the scalability of the solution?
I didn't notice any challenges or strengths regarding Infisical's scalability as that wasn't my responsibility.
How are customer service and support?
I have no knowledge about the customer support for Infisical because I didn't have to reach out to them.
Which solution did I use previously and why did I switch?
I haven't used a different solution for secret management before, so I have no basis for comparison.
What other advice do I have?
I would advise others looking into using Infisical to really examine the documentation they provide because it is very useful. Infisical is a nice, modern tool in secret management. I gave this review a rating of 8.
Centralized secrets have secured CI/CD pipelines and prevent password traces in terminals
What is our primary use case?
My main use case for Infisical is to store my CI/CD secret keys, which I use in GitHub .
A quick and specific example of how this integration makes my work easier is that it adds a lot of security in the sense of not using passwords in command prompts. That way, I can send commands directly in GitHub using Infisical 's secret passwords, without having to leave traces in the commands directly in the terminal.
Regarding how Infisical contributes to security or to the management of passwords and commands in my routine, it prevents us from leaving passwords in the command prompts. Alongside GitHub, GitHub does not store passwords. Instead, it accesses Infisical directly through the application without leaving command traces in any prompt. It is excellent regarding security in command prompts, with no password traces.
What is most valuable?
Infisical's best features include the ease I have to store passwords and manage the users who will use those passwords. That helps a lot.
User management through Infisical makes my work easier because I am able to manage the access levels to the types of passwords that I have stored in Infisical. This allows me to have higher access levels with higher-level passwords and deeper levels of access.
Infisical is extremely simple to use, so it is important to emphasize how easy it is to handle the platform as a whole. It is very straightforward and very easy to deal with in terms of how it is laid out.
Infisical has had a positive impact on my organization mainly in the level of security regarding the use of passwords that give direct access to the server. We stopped using passwords directly on personal computers. This ensures a very high level of security for both those in development and those in management. There are possibilities of computers breaking or losing saved passwords. If someone breaks into my personal computer, that person will not have access via prompt to my high-level passwords. This security segregation raises and gives much more credibility to the company as a whole.
I have noticed time savings in access management after adopting Infisical as the main benefit. Regarding leaks, we have not had anything proven related to leaks yet.
What needs improvement?
I have not encountered any limitation in Infisical. I use the free version and have not had any limitations. It is excellent. In the way we are using it as a test, it will certainly be used as an indispensable tool in any CI/CD operation in GitHub and servers.
Infisical already fully meets my needs at the moment.
For how long have I used the solution?
I have been using Infisical for a year.
What do I think about the stability of the solution?
Infisical is stable, as I never experienced any instability. I never had any problems with it.
What do I think about the scalability of the solution?
Infisical's scalability works well when there is an increase in the volume of users or data. With the increase in the number of users, I did not feel any difference because the CI/CD I use is for a small company. The number of developers using the CI/CD platform, where Infisical is embedded, is not stressed enough.
How are customer service and support?
I have not needed to contact Infisical's customer support because, as I mentioned, it is highly resilient and sustainable regarding its configurations.
Which solution did I use previously and why did I switch?
I previously tried to use a different solution before Infisical, but it was extremely complex and did not work out. I do not remember the name, but it is one of the best on the market as well. I found it extremely complex. I decided to migrate to Infisical because I saw some friends saying it was good.
How was the initial setup?
My experience with Infisical's pricing, setup costs, and licensing is excellent. Even using the free version, it fits perfectly for small solutions for small companies. It is very worthwhile.
What was our ROI?
I have obtained a return on investment using Infisical, with a reduction in time of up to 15 minutes when using manual passwords. We stopped using manual passwords and started using Infisical's application layer. This reduced those 15 minutes of waiting time to practically instantaneous. We no longer have to wait for the terminal to finish the process so we can focus on other things.
What's my experience with pricing, setup cost, and licensing?
My experience with Infisical's pricing, setup costs, and licensing is excellent. Even using the free version, it fits perfectly for small solutions for small companies. It is very worthwhile.
Which other solutions did I evaluate?
Before choosing Infisical, I evaluated other options, specifically HashiCorp. With this company, I had extreme difficulty configuring the panel, and I found Infisical very intuitive.
What other advice do I have?
The advice I would give to others considering using Infisical is to test it, because these other tools that exist, such as HashiCorp, are extremely expensive and extremely complex. Infisical brings exactly this ease for the end user to be able to do a good job with quality and at an extremely affordable price. I would rate my overall experience with Infisical a 10 out of 10.
Secure secret sharing has streamlined environment management for multiple cloud applications
What is our primary use case?
I primarily use Infisical for keeping the environment values that are used in our applications. We also use Infisical for secret sharing with our developers and clients using Infisical's secret sharing feature. We integrate Infisical to use environment values in our Dockerfile.
What is most valuable?
We use self-hosted Infisical in our AWS ECS cluster as a Docker container, primarily for secret sharing and keeping secrets in a very secure manner. We can give Infisical access to our developers so they can update and delete secrets when required for our dev and staging environments. For the production environment, we keep our environment values in Secrets Manager instead.
Infisical has improved security significantly. It helps developers to update environment variables in Infisical because as members of Infisical, they can login as users. All developers have access to Infisical, making it very easy for them to update, delete, and restore environment variables or secrets. Infisical's secret sharing feature is the best feature where we can set time limits for how many times and for how long a developer or any other entity can access that link to get the environment variables.
It saves considerable time because updating environment variables to other platforms like AWS or other secrets managers requires logging in and then updating the secrets, which takes more time. Storing environment variables in Infisical is very easy, and since we have self-hosted Infisical, all data and everything resides on our premises only. We plan to continue using Infisical long term because it is more secure than Infisical cloud.
What needs improvement?
When I use Infisical CLI tool, which is created via Go language as a Go binary, sometimes the Go binary is not updated. When we scan Infisical using the Trivy vulnerability scanning tool, we found issues with Infisical CLI Go binaries that are not updated with the latest version. Due to that, Trivy vulnerability scanning fails. Our solution is to bypass the Go binary during Infisical vulnerability scanning steps. I suggest that the Infisical team update the Go binaries in their Infisical CLI.
For how long have I used the solution?
I have been using Infisical for the last two years with a self-hosted Infisical instance in our AWS cloud.
Which solution did I use previously and why did I switch?
We previously used AWS S3 bucket to keep our environment variables. We switched because storing environment variables in S3 bucket was very time-consuming. Whenever we needed to update an environment variable, we had to download the environment files, change them, and then upload them back to the S3 bucket, which was very time-consuming and hectic.
What's my experience with pricing, setup cost, and licensing?
The setup cost was very minimal for us at around twenty dollars.
What other advice do I have?
I suggest every organization to use Infisical unless you are using Trivy for vulnerability scanning, otherwise your pipeline will be blocked. I strongly suggest Infisical to update their Go binaries in their Infisical CLI tool. I give this product a rating of eight out of ten.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Centralized secrets management has reduced errors and enables fast sharing across development teams
What is our primary use case?
My main use case for Infisical is to manage my environment variables in Docker containers. When a container goes up, I hydrate the container with the values at runtime.
In a recent project for software for organizational wellness, I have an entry point where I have Infisical CLI installed in the container. When the application comes up, I invoke Infisical CLI with a service token, and with that, I hydrate the container with the corresponding environment variables.
What is most valuable?
The best feature that Infisical offers is the self-host mode, which lets you have your own hosted service because you have control of everything at that point.
The user interface is an additional feature that I have found especially useful.
Infisical has had a positive impact on my organization because it has helped me manage secrets in a much faster way, and all the people in the mobile or web development departments can integrate with the ecosystem quickly thanks to its SDK.
The concrete result I have observed thanks to the integration of Infisical is a very high reduction in errors because we now have a very short time for modifying a secret and sharing it among teams. It is very easy to modify a secret and have that value distributed across all the applications of the other teams.
What needs improvement?
According to my experience, I see Infisical as very complete and a quite useful tool. I have no suggestions for possible improvements they could implement.
For how long have I used the solution?
I have been working for four years, but in my area, I have been for more than six years. I have been using Infisical for three years.
What do I think about the stability of the solution?
I consider Infisical to be very stable. I rarely see incidents, and it is very stable.
What do I think about the scalability of the solution?
I rate the scalability of Infisical as 100 out of 100. It is really very scalable and easy to implement in varied teams.
Which solution did I use previously and why did I switch?
I did not use any other tool before Infisical.
What was our ROI?
I have seen a return on investment with Infisical through optimized time.
What's my experience with pricing, setup cost, and licensing?
My experience with Infisical's pricing, installation costs, and licensing was good. I had no cost because I have it hosted myself.
Which other solutions did I evaluate?
Before choosing Infisical, I did not evaluate other options.
What other advice do I have?
My advice to other professionals who are thinking about using Infisical is that they should use it because it helps you save a lot of time.
Centralized secrets management has improved development workflows and simplifies granular access control
What is our primary use case?
Infisical was conceived as a proof of concept for a secret manager tool designed for applications and environment variables. The primary appeal was based on how it integrates with development workflows. We implemented the tool via CLI for developers and deployed a self-hosted solution to integrate into applications in production.
We implemented an agent in our Kubernetes cluster and ran applications locally via CLI, integrating directly with the self-hosted instance.
Since this was a proof of concept, using Infisical did not have significant impact, but it provided strong evidence of the tool's capabilities and was quite positive overall.
Infisical had a positive impact on my organization, even in its proof-of-concept phase, because it integrated more seamlessly into the development environment. Starting a project with Infisical meant reducing risks compared to using .env files. The integration via CLI and the ability to configure granular access allowed us to move faster. We could begin the project knowing exactly what our responsibilities were and could fetch secrets directly without taking on as much risk as we would have with a .env file.
What is most valuable?
Infisical's best features are the ability to integrate via CLI in a very simple and easy manner. I have experience with other tools serving the same purpose, such as AWS Secrets Manager , which is more complicated to configure via CLI because you need access keys and more granular access within the cloud environment itself, given its direct contact with other resources. Having this functionality separated in Infisical and configured simply is a very strong point. The ability to integrate into a cluster in a straightforward way with agents and operators makes the configuration process very simple.
The access granularity within the platform is also relevant. You can configure solid RBAC for access to Infisical and you have the possibility of granularizing the secrets themselves through folders, allowing for more organized configuration. These are also very positive points.
What needs improvement?
Infisical could be improved by having a solution to integrate with cloud providers. This would be interesting because sometimes people hesitate to leave their cloud environment for an open-source solution due to lack of trust. If the decision had depended solely on me, we would have adopted Infisical. However, it was a joint business decision regarding a tool we did not know well, and because we already had contracted other solutions with built-in secret manager capabilities, we ended up choosing those other options. Infisical is already a very strong tool.
Better documentation is needed. When implementing the agent in Kubernetes , I had to search quite a bit to adapt it to my specific cluster. Clearer and more up-to-date documentation would greatly help in the process of integrating the tool with other solutions already in place.
For how long have I used the solution?
I have been using Infisical for about three months.
What do I think about the stability of the solution?
Infisical is stable in my experience. It demonstrated stability during use.
What do I think about the scalability of the solution?
Infisical has high scalability because it has the possibility of integrating into the cluster and offers a self-hosted solution. You can organize the space with several projects and several folders for each project, manage access, and other configurations, making it quite scalable.
Which solution did I use previously and why did I switch?
Before choosing Infisical, I evaluated other options, including HashiCorp Vault and AWS Secrets Manager .
How was the initial setup?
I did not acquire Infisical through the AWS Marketplace .
We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.
What was our ROI?
We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.
What's my experience with pricing, setup cost, and licensing?
My experience with Infisical's pricing, configuration costs, and licensing is that initially, people thought it was a bit expensive, which is why we opted for the self-hosted alternative. Because of that, we conducted the proof of concept with self-hosted, understood that there was already a solution on AWS for this purpose, and continued with the AWS solution.
Which other solutions did I evaluate?
The possibility of integrating with clouds also contributed to my rating.
We used AWS as the private cloud provider in the proof of concept.
What other advice do I have?
My advice for other people thinking about using Infisical is to conduct a proof of concept to determine if it fits your organizational structure. My review rating for Infisical is eight out of ten.