KeyLease

KeyLease is a web app (with optional lightweight CLI) that automates just-in-time, short-lived credentials for cloud and on-prem services. Instead of long-lived API keys and shared secrets sitting in repos, wikis, and CI variables, users request access that is approved by policy and issued as an expiring token (minutes to hours). It integrates with AWS IAM Roles Anywhere, Azure Entra ID, and HashiCorp Vault to mint ephemeral credentials, then automatically revokes them and logs every issuance for audit. The product focuses on the unglamorous reality: most teams won’t rip-and-replace their KMS/Vault, but they will adopt a thin layer that reduces key sprawl fast. It includes detection for “secret drift” (keys that quietly spread across systems) and guided remediation playbooks. This is a traditional app with a small AI component for remediation suggestions and policy linting.