https://www.youngju.dev/blog 천천히 올바르게. AI Researcher & DevOps Engineer Youngju's tech blog. GPU/CUDA, LLM, MLOps, Kubernetes AI workloads, distributed training, and data engineering. ko fjvbn2003@gmail.com (Youngju Kim) fjvbn2003@gmail.com (Youngju Kim) Sat, 16 May 2026 00:00:00 GMT https://www.youngju.dev/blog/culture/2026-05-16-devops-secrets-management-2026-doppler-infisical-hashicorp-vault-aws-secrets-manager-1password-sops-age-deep-dive.en https://www.youngju.dev/blog/culture/2026-05-16-devops-secrets-management-2026-doppler-infisical-hashicorp-vault-aws-secrets-manager-1password-sops-age-deep-dive.en A complete map of the DevOps secrets management ecosystem as of May 2026. Covers cloud-native SaaS (Doppler, Infisical, HCP Vault Secrets), enterprise vaults (HashiCorp Vault after the IBM acquisition, CyberArk Conjur, Akeyless), cloud-managed services (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager), file-based GitOps (SOPS, age, git-crypt, Sealed Secrets, External Secrets Operator, Vault Secrets Operator), developer workflow tooling (1Password CLI, Bitwarden Secrets Manager, dotenv-vault, doppler run, direnv), secret scanning (GitGuardian, TruffleHog, gitleaks, GitHub push protection), workload identity (SPIFFE/SPIRE, GitHub OIDC, AWS IAM OIDC), and adoption patterns in Korea (NAVER Cloud, KAKAOENT) and Japan (Sakura Cloud, Mercari), plus real incidents from Uber 2022, Microsoft AI 38TB, and CircleCI 2023. Sat, 16 May 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) secrets-managementdopplerinfisicalhashicorp-vaultaws-secrets-manager1passwordbitwardensopsagedevopssecurityenglish https://www.youngju.dev/blog/culture/2026-05-16-devops-secrets-management-2026-doppler-infisical-hashicorp-vault-aws-secrets-manager-1password-sops-age-deep-dive.ja https://www.youngju.dev/blog/culture/2026-05-16-devops-secrets-management-2026-doppler-infisical-hashicorp-vault-aws-secrets-manager-1password-sops-age-deep-dive.ja 2026年5月時点のDevOpsシークレット管理エコシステムを一気通貫で整理。Doppler・Infisical・HashiCorp Vault（IBM買収後）・AWS Secrets Manager・Azure Key Vault・GCP Secret Manager・Akeyless・CyberArk Conjurといった商用ソリューション、SOPS・age・git-crypt・Sealed Secrets・External Secrets Operator（ESO）・Vault Secrets Operatorといったオープンソース、1Password CLI・Bitwarden Secrets Manager・dotenv-vault・doppler run・direnvといった開発ワークフロー統合、GitGuardian・TruffleHog・gitleaks・GitHub push protectionによるシークレットスキャン、SPIFFE/SPIRE・GitHub OIDC・AWS IAM OIDCといったワークロードアイデンティティ、そしてNAVER Cloud・KAKAOENT・Sakura Cloud・Mercariなどの韓国/日本での採用事例、Uber 2022・Microsoft AI 38TB・CircleCI 2023の実際のインシデントまで一本に集約しました。 Sat, 16 May 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) secrets-managementdopplerinfisicalhashicorp-vaultaws-secrets-manager1passwordbitwardensopsagedevopssecurity日本語 https://www.youngju.dev/blog/culture/2026-05-16-devops-secrets-management-2026-doppler-infisical-hashicorp-vault-aws-secrets-manager-1password-sops-age-deep-dive https://www.youngju.dev/blog/culture/2026-05-16-devops-secrets-management-2026-doppler-infisical-hashicorp-vault-aws-secrets-manager-1password-sops-age-deep-dive 2026년 5월 기준 DevOps 시크릿 관리 생태계를 한 번에 정리합니다. Doppler·Infisical·HashiCorp Vault(IBM 인수 이후)·AWS Secrets Manager·Azure Key Vault·GCP Secret Manager·Akeyless·CyberArk Conjur 같은 상용 솔루션, SOPS·age·git-crypt·Sealed Secrets·External Secrets Operator(ESO)·Vault Secrets Operator 같은 오픈소스, 1Password CLI·Bitwarden Secrets Manager·dotenv-vault·doppler run·direnv 같은 개발 워크플로 통합, GitGuardian·TruffleHog·gitleaks·GitHub push protection 시크릿 스캐닝, SPIFFE/SPIRE·GitHub OIDC·AWS IAM OIDC 워크로드 신원, 그리고 NAVER Cloud·KAKAOENT·Sakura Cloud·Mercari 같은 한국/일본 도입 사례, Uber 2022·Microsoft AI 38TB·CircleCI 2023 실제 사고까지 한 글에 담았습니다. Sat, 16 May 2026 00:00:00 GMT fjvbn2003@gmail.com (Youngju Kim) secrets-managementdopplerinfisicalhashicorp-vaultaws-secrets-manager1passwordbitwardensopsagedevopssecurity