AWS Secrets Manager vs Azure Key Vault comparison

Amazon Web Services (AWS) and Microsoft are both solutions in the Enterprise Password Managers category. Amazon Web Services (AWS) is ranked #4 with an average rating of 9.0, while Microsoft is ranked #1 with an average rating of 8.5. Amazon Web Services (AWS) holds a 16.3% mindshare in EPM, compared to Microsoft’s 17.8% mindshare. Additionally, 100% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 98% of Microsoft users who would recommend it.

AWS Secrets Manager

Read 15 AWS Secrets Manager reviews

7,353 Views
7,353 Comparison Views

100% willing to recommend

Azure Key Vault

Read 52 Azure Key Vault reviews

10,581 Views
9,311 Comparison Views

98% willing to recommend

AWS Secrets Manager

Azure Key Vault

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 11, 2026

AWS Secrets Manager and Azure Key Vault compete in cloud secret management. AWS stands out with better AWS service integration and ease of use, while Azure Key Vault excels in enterprise security and integration within the Azure ecosystem.

Features: AWS Secrets Manager automates secret rotation and provides fine-grained access control, a straightforward interface, and comprehensive API support. Azure Key Vault offers robust cryptographic functionalities, seamless integration with Azure Active Directory, and effective certificate management.

Room for Improvement: AWS Secrets Manager could enhance its integration with non-AWS services, detailing its enterprise capabilities, and reducing its initial costs. Azure Key Vault may improve by streamlining its setup for non-Azure services, enhancing documentation around complex configurations, and offering more user-friendly tools.

Ease of Deployment and Customer Service: AWS Secrets Manager benefits from simple deployment and reliable support within AWS environments. Azure Key Vault is easily deployable within Azure, backed by robust Microsoft support. AWS offers rapid implementation for AWS-centric infrastructures, while Azure Key Vault's integration requires more setup for non-Azure services.

Pricing and ROI: AWS Secrets Manager uses a pay-as-you-go model leading to potentially higher initial costs but strong operational efficiency ROI. Azure Key Vault provides competitive, predictable cost structures appealing to enterprises seeking cost-effective solutions, particularly those integrated with Microsoft's ecosystem.

To learn more, read our detailed AWS Secrets Manager vs. Azure Key Vault Report (Updated: January 2026).

Buyer's Guide

AWS Secrets Manager vs. Azure Key Vault

January 2026

Download the complete report

Helped 881,733 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Secrets Manager

Ranking in Enterprise Password Managers

4th

Ranking in Secrets Management Tools

3rd

Average Rating

8.8

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

No ranking in other categories

Azure Key Vault

Ranking in Enterprise Password Managers

1st

Ranking in Secrets Management Tools

2nd

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Certificate Management Software (1st), Microsoft Security Suite (15th)

Mindshare comparison

As of February 2026, in the Enterprise Password Managers category, the mindshare of AWS Secrets Manager is 16.3%, down from 20.0% compared to the previous year. The mindshare of Azure Key Vault is 17.8%, down from 23.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Enterprise Password Managers Market Share Distribution
Product	Market Share (%)
Azure Key Vault	17.8%
AWS Secrets Manager	16.3%
Other	65.9%

Enterprise Password Managers

Q&A Highlights

Netanya Carmi

Content Manager at PeerSpot

Nov 24, 2021

Which is better - Azure Key Vault or AWS Secrets Manager?

Azure Key Vault is a SaaS solution. You can easily store passwords and secrets securely and encrypt them. Azure Key Vault is a great solution to ensure you are compliant with security and governance regulations. We like that with this solution you can retrieve your user account details from the cloud. Azure Key Vault is easily scalable. We found it easy to use and the GUI is very good too. Azure Key Vault would be more attractive if it would expand endpoints. The addition of mobile devices would be great. It would also be advantageous if Azure Key Vault had better integrations and offerings for companies of all sizes. AWS Secrets Manager is quick to deploy and does a great job. The UI is easy to use and provides a good group of APIs that works well with Java, Python, etc. With AWS Secrets Manager you can rotate secrets safely without code deployments. The solution offers pay-as-you-go pricing. You can easily replicate secrets in multiple AWS regions to support your applications and disaster recovery scenarios. You need to have advanced enterprise support to get the quality assistance you need to handle issues. We would like to see AWS Secrets Manager with more customizable options; currently, it can be very cumbersome. If you are not in the AWS ecosystem, AWS Secrets Manager may not be a good fit for you. Conclusion: AWS Secrets Manager offers flexible pay-as-you-go pricing, but as a whole is a somewhat clunky solution. It is most effective in the AWS ecosystem. Azure Key Vault is very well thought-out and easy to use. We found it to be extremely secure. We like that it is Microsoft-backed and feel that it offers the best processes for encryption and ciphering of keys. As we are heavily committed to the Microsoft ecosystem, Azure Key Vault is a great fit for our organization.

See all answers

Featured Reviews

Mahadev Metre

DevOps Engineer at Paydoh

Consistent security and efficiency improvements optimize IT infrastructure with effective management

When creating AWS Secrets Manager, it should be automated using tools such as Terraform, Puppet, or Ansible. With Terraform code, you specify the encryption key, secret name, rotation policy, and secret replication. Human error occurs when feeding secret values manually, especially with large amounts of secrets to input. Secrets should never be protected only by IAM. They should be protected by multiple layers, such as IAM and one or two KMS keys. Additional security measures could be beneficial if necessary. The rotation policy is crucial because some secrets may become obsolete, require updates, or get compromised. With a weekly rotation policy, if unauthorized access occurs, the exposure is limited to seven days. The rotation policy can be customized according to needs.

Read full review

Rajthilak BS

Associate Vice President (Data Security & Protection - Confidential AI) at Standard Chartered Bank

Have addressed compliance challenges but still struggle with seamless integration of certificate issuance between environments

In terms of Azure Key Vault improvements, we have to compare the competitor. If we consider AWS, our bank has Microsoft PKI, which is a Microsoft product, for the entire digital certificate infrastructure. Even in the cloud, when it is AWS, the internal certificates are MS PKI. When we had a problem, users had to come to on-premise to get a certificate and import it to AWS Certificate Manager and assign it. We wondered why we could not issue the certificate directly from the cloud for cloud users. There was a simple way in AWS. They have a Private Certificate Authority (PCA) and Amazon Certificate Manager. Private Certificate Authority issues certificates to Amazon services. They also provide Amazon Certificate Manager to store and deploy certificates. These are two neat components - one is an issuer and another is storage and deployment solutions for certificates. With PCA, I can directly enable it and get certificates from AWS itself. AWS can issue SSL/TLS certificates if you enable it directly. If you consider Azure, it is not very clear. Even the naming convention, Key Vault, might not suggest that this is a PKI or certificate manager. You cannot issue certificates directly. They have app certificates and did not have a clear-cut certificate management solution in the cloud when I worked at that time. I am not sure whether they have updated Azure Key Vault as a full-fledged PKI solution now. From what I saw, it was not a full-fledged PKI solution. We are not majorly using Azure Key Vault because it is only for storing secrets. If some solutions can provide guidance on how we can maximize leverage, we can immediately look forward to doing that. We already have some business problems we want to solve. While our primary focus is AWS, many of the services such as ADO are running on Azure, and the secondary services are growing bigger.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The API is fine and works well."

"The most valuable feature is the management of credentials."

"The most valuable feature is security."

"I would highly recommend AWS Secrets Manager for secret management in AWS."

"The most valuable feature of AWS Secrets Manager is its seamless integration with various AWS services."

"AWS Secrets Manager is used for storing secret information that has to be a secret from your customer and your employees."

"The product is easy to use and is inexpensive."

"AWS Secrets Manager plays a significant role in optimizing IT infrastructure security and efficiency."

More AWS Secrets Manager pros

"The GUI was quite easy for me to use."

"The platform provides straightforward integration with most of the other Azure services."

"Stability is very good."

"Azure Key Vault's performance is excellent. It makes infrastructure management easier."

"All its features are really valuable. It's really well thought-out. It's a complete turnkey solution that has all the concerns taken care of, such as access control and management. You can use it in infrastructure as code to create key vaults, APIs, PowerShells, CLIs, even Terraform."

"One of the most valuable features of Microsoft Azure Key Vault is its ease of use."

"The most valuable features are ease of use and enabling our clients to manage keys."

"Among the features that have helped improve our security posture are storing secrets in a secure location to create a trusted situation, trusted resources, and incorporating identity access management so that we know who has access to what."

More Azure Key Vault pros

Cons

"It would be good if the AWS Secrets Manager were more customizable."

"AWS Secrets Manager could support hybrid infrastructure."

"There is room for improvement in terms of integrating with certain other platforms."

"The price of the solution could improve."

"There is a potential improvement in connecting AWS Secrets Manager to Jenkins CI/CD pipeline to automatically reflect changes in production."

"There is a need for better environmental implementation, such as having a security fund as a solution."

"If you don't have enterprise support, then you will not be able to get through to them to get the help. It is not only applicable to AWS Secrets Manager. It is also applicable to any service on AWS."

"There is room for improvement in the pricing model."

More AWS Secrets Manager cons

"The integration with Thales HSM is complex and is not out-of-the-box. Uploading the keys was quite a tedious process."

"The whole problem of password rotation could be improved. My security area wants to rotate passwords every day, every week, or every month, depending on the services."

"One of my previous clients was one of the big banks here in the Netherlands and the EU courts have stated that Microsoft Azure Key Vault is not, according to their perspective, secure due to the fact that Microsoft has access to Key Vault."

"Azure needs to provide versions of Key Vault that are suitable for different sizes of companies."

"They should improve its policies, which sometimes reapplied but don't sync properly between the Key vault and the role-based access. When I put some roles on the user side, it sometimes misses the end data to secure."

"While the solution already does a great job of managing keys, the solution could probably look at maybe expanding more into mobile devices and endpoints."

"If I consider how some people complain that a solution to store information should be available at a low cost, I would say that Azure Key Vault's price should be made cheaper."

"I would like more code examples."

More Azure Key Vault cons

Pricing and Cost Advice

"We purchase a monthly license for the product."

"We've observed that AWS Secrets Manager pricing is based on a per-secret-per-month model. As a result, we prefer to divide our secrets into individual pieces to increase security and grant specific access permissions to certain secrets, systems, or individuals. However, this approach results in higher costs. Therefore, we have been exploring ways to combine our secrets into groups to reduce expenses and simplify management. Nonetheless, we acknowledge that this issue may not be related to the secret manager's functionality."

"I don't believe there is a license cost for the solution."

"The cost is somewhat high."

"The solution is expensive."

"The product costs much less compared to other vendors."

"The product has good pricing."

"I give the price of the solution a ten out of ten."

"It is a cheap option."

"I rate the solution's pricing a four out of ten."

"The price of the product is okay for my company."

"You don't need to pay for a license for Azure Key Vault. It is billed on a pay-as-you-go basis."

"Azure Key Vault is an affordable solution."

More Azure Key Vault pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.

See recommendations

881,733 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

13%

Computer Software Company

11%

Manufacturing Company

Comms Service Provider

Financial Services Firm

12%

Computer Software Company

12%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	8
Large Enterprise	8

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	11
Large Enterprise	27

Questions from the Community

Which is better - Azure Key Vault or AWS Secrets Manager?

See all answers

Which is better - HashiCorp Vault or AWS Secrets Manager?

HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic sol...

See all answers

What needs improvement with AWS Secrets Manager?

See all answers

What do you like most about Microsoft Azure Key Vault?

With Azure Key Vault, we can generate our own keys and then import them inside the system, which provides a higher level of security than provider-managed keys.

See all answers

What is your experience regarding pricing and costs for Microsoft Azure Key Vault?

The pricing of Azure Key Vault is nominal, not that expensive.

See all answers

What needs improvement with Microsoft Azure Key Vault?

Based on my three years of experience, I believe there have been no updates to Azure Key Vault. I think the product needs upgrades in terms of access control and certification improvements. While A...

See all answers

Comparisons

HashiCorp Vault vs AWS Secrets Manager

Compared 3% of the time

1Password Business vs AWS Secrets Manager

Compared 3% of the time

Bitwarden vs AWS Secrets Manager

Compared 2% of the time

CyberArk Privileged Access Manager vs AWS Secrets Manager

Compared 2% of the time

Delinea Secret Server vs AWS Secrets Manager

Compared 2% of the time

More AWS Secrets Manager Competitors

AWS Certificate Manager vs Azure Key Vault

Compared 4% of the time

1Password Business vs Azure Key Vault

Compared 3% of the time

Delinea Secret Server vs Azure Key Vault

Compared 3% of the time

Bitwarden vs Azure Key Vault

Compared 2% of the time

Microsoft Entra ID vs Azure Key Vault

Compared 2% of the time

More Azure Key Vault Competitors

Product Reports

Buyer's Guide

Enterprise Password Managers

January 2026

Download AWS Secrets Manager product report

Buyer's Guide

Azure Key Vault

February 2026

Download Azure Key Vault product report

Also Known As

No data available

Microsoft Azure Key Vault, MS Azure Key Vault

Overview

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

Amazon Web Services (AWS)

Microsoft Azure Key Vault is a cloud-based data security and storage service that allows users to keep their secrets safe from bad actors.

Benefits of Microsoft Azure Key Vault

Some of the benefits of using Microsoft Azure Key Vault include:

Secure your secrets in a single central location, enabling you to control how your information is disseminated.

Keep your data away from bad actors. Application administrators can store their application’s security information away from the actual application. Microsoft Azure Key Vault reduces the chance that a bad actor will be able to leak an application’s secrets. Because the data is not stored in the code of the application, hackers will be unable to steal the security information.

Retrieve your information securely. When the information is needed, the application can securely retrieve it by using a uniform resource identifier (URI) to connect to Microsoft Azure Key Vault.

Securely store your digital keys and secrets. Microsoft Azure Key Vault stores data behind layers of security protocol. No one can access the information stored in a Microsoft Azure Key Vault without first obtaining the necessary authentication and authorization. The authentication process allows the system to figure out who is trying to access the vault in question. This process is performed by Azure’s Active Directory. After the person or entity is authenticated, Microsoft Azure Key Vault then assigns them a level of authorization. This determines what sort of actions they will be able to perform.

Choose from two different authorization options. The level of a user’s authorization can be either role-based or dictated by a policy that the administrator sets. Azure’s role-based access control (Azure RBAC) enables users to both manage and access stored data. A key vault access policy limits users to data access.

Secure your data in the way that best fits your needs. Your data can be protected by either industry-standard algorithm software or hardware security modules (HSMs). Your data is even safe from Microsoft, as the vaults are designed so that not even Microsoft can get in and access the information.

Easily monitor who accesses your vault(s). Microsoft Azure Key Vault enables administrators to keep a close eye on their secrets. Users can activate a vault-logging feature that will track every piece of information. It will record who accessed the vault, when they accessed it, and other pertinent details.

Choose how you want to store your logs. Users can store logs in multiple ways. These logs can be archived, sent to the Azure monitor logs area, or streamed to an events hub. The logs can be secured to prevent unauthorized viewing and deleted when they are no longer needed.

Reviews from Real Users

Microsoft Azure Key Vault stands out among their competitors for a number of reasons. Two major ones are the overall robustness of the solution and its ability to protect and manage many different digital asset types. The many features that the solution offers allows users to tailor their experience to meet their specific needs. Its flexibility enables users to accomplish a wide variety of security and identity management related tasks. It empowers users to secure a wide array of assets. Users can keep many different types of secrets away from bad actors.

A cloud architect at a marketing services firm writes, “All its features are really valuable. It's really well thought-out. It's a complete turnkey solution that has all the concerns taken care of, such as access control and management. You can use it in infrastructure as code to create key vaults, APIs, PowerShells, CLIs, even Terraform. You can also use it in different services across the board. If you have app services, or virtual machines, Kubernetes, or Databricks, they can all use Key Vault effectively. In my opinion, in a DevSecOps, DevOps, or even in a modern Azure implementation, you have to use Azure Key Vault to make sure you're addressing security and identity management concerns. By "identity" I mean usernames, passwords, cryptography, etcetera. It's a full-blown solution and it supports most breeds of key management: how you store keys and certify.”

Roger L., the managing director of Cybersecurity Architecture at Peloton Systems, says, “The most valuable aspect of the product is its ability to keep our admin password accounts for keys and a lot of our high-value assets. It can manage those types of assets. So far, the product does a great job of managing keys.”

Microsoft

Sample Customers

Autodesk, Clevy, Stackery

Adobe, DriveTime, Johnson Controls, HP, InterContinental Hotels Group, ASOS

Buyer's Guide

AWS Secrets Manager vs. Azure Key Vault

January 2026

Free Report: AWS Secrets Manager vs. Azure Key Vault

Find out what your peers are saying about AWS Secrets Manager vs. Azure Key Vault and other solutions. Updated: January 2026.

DOWNLOAD NOW

881,733 professionals have used our research since 2012.

See our AWS Secrets Manager vs. Azure Key Vault report.

See our list of best Enterprise Password Managers vendors and best Secrets Management Tools vendors.

We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.