Third Party Services

Community Open Source

Open Source EnvKey relies on no third party services. It does require a host to run on, a Mysql 8.0 database, and an SMTP endpoint to send email. No configuration or secrets data is ever sent to the host in plaintext. The host does store client-side encrypted configuration and secrets data, as well user names, emails, organization names, and organization metadata. Authentication tokens are sent by email, but these aren't used to decrypt configuration or secrets data.

Business Self-Hosted

EnvKey Business Self-Hosted is designed to run on AWS, which is the only third party service it relies on. No configuration or secrets data is ever sent to AWS in plaintext. AWS does store client-side encrypted configuration and secrets data, as well user names, emails, organization names, and organization metadata.

Cloud

EnvKey Cloud runs on AWS, which is the only third party service it relies on. No configuration or secrets data submitted to any EnvKey client is ever sent to AWS in plaintext. AWS does store client-side encrypted configuration and secrets data, as well user names, emails, organization names, and organization metadata.

AWS Services

EnvKey's Cloud and Business Self-Hosted products use the following AWS services: VPC, Aurora, Fargate, S3, Lambda, SES, WAF, Secrets Manager, Systems Manager Parameter Store, CloudFormation, CodeBuild, CloudWatch, SNS, and PrivateLink. No configuration or secrets data submitted to any EnvKey client is ever sent to any AWS service in plaintext.

Code Storage

All EnvKey code is stored on Github. No EnvKey user data is shared with Github, and it has no access any configuration or secrets data in any form.

Releases

EnvKey releases are stored on AWS S3.

Website Hosting

EnvKey's website is hosted by Netlify. No EnvKey user data is shared with Netlify, and it has no access any configuration or secrets data in any form.

Documentation Hosting

EnvKey's docs are hosted by Readme. No EnvKey user data is shared with Readme, and it has no access any configuration or secrets data in any form.

Billing

EnvKey uses Stripe for PCI-compliant billing. No EnvKey user data is shared with Stripe, and it has no access any configuration or secrets data in any form.