Skip to content


Microservices are great, but your growing service footprint means configuration management just got a lot harder. Here are a few ways Figgy can help!

Out of the box, Figgy comes with all of these features:

Figgy CLI#

  • A custom built CLI integrated with AWS ParameterStore that addresses many ParameterStore limitations.
  • Easily manage configurations across many different AWS Accounts.
  • Add / Update / Delete / Edit configurations and more
  • Promote configs from lower to higher environments
  • Share secrets directly to the code that needs them. Cut out handing secrets to a middle-man to go put them somewhere.
  • Browse a log that tracks all config changes over time, even for deleted configs.
  • Roll back any configuration, or hierarchy of configurations to any point in time (to the second) in the past.
  • Combat config sprawl. Figgy will tell you if you have a config in ParameterStore that you aren't using anymore.

Simplify your Development Workflow#

  • Easily integrate your CICD process with Figgy
    • Break your CICD build if the deploying application is missing a required config in its targeted environment.
    • Give Developers confidence their apps will properly deploy and bootstrap if Figgy gives the 👍.
  • Cultivate configuration clarity.
    • Following Figgy best-practices means you'll easily know what configurations your services are using at any point-in-time.
    • Figgy's configuration trees clarify application dependencies
  • Let your code inform your configuration.
    • Figgy shared libraries can auto-generate your application's dependent configurations from your code.
    • The FiggyCLI will then let you know what's missing and what's no longer used in each environment.


  • Abandon long-lived access keys
    • Figgy only uses temporary AWS sessions and can help you abandon your long-lived credentials by adopting Single Sign-on.
  • SSO Integrations with Google Admin Console, OKTA, and AWS
    • MFA supported for all SSO integrations
  • Easy to manage role-based access control (RBAC)
    • Easily assign different user types access to different sections of your ParameterStore tree.
    • Figgy makes it easy to properly scope IAM policies for your applications' secrets and configurations
  • Securely maintain, rotate, and share secrets to applications
  • Provision and allocate access to as many KMS encryption keys as you want. Figgy will hide the complexity and simplify secret encryption.
  • Get more visibility into your configuration stack. Know what's being changed, where, and when.
  • Abandon long-lived AWS Access Keys, all sessions are temporary, and Figgy can help you generate temporary credentials for local development.
  • No more LastPass, one-time urls, secrets sent over Slack, email, encrypted files, or any of those annoying or insecure secret management hoops

No 3rd Parties#

  • Figgy is free, open source, and installs directly in your environment.
  • No SaaS or 3rd parties here, just a serverless application deployed directly in your AWS account.

The Figgy Lockbox#

  • Figgy only generates temporary sessions to AWS, encrypts them, and stores them in a local "Figgy Vault"
  • These temporary credentials can be used for local development by decrypting & pulling them from the "Figgy Vault"

Figgy integrations#

  • Get automated Slack notifications when secrets are changed or updated, and know who made them.
  • SSO Integrations with Google, OKTA, and AWS with more to come!
  • And more to come!