ShellYard

Cloud sync

Pro+ syncs vault, connections, snippets, HTTP, documents, IPAM, saved queries to DynamoDB. Bounded fan-out + retry-with-backoff so bulk saves don't overwhelm API Gateway.

Pro and above writes resources to ShellYard’s shellyard-prod DynamoDB under the user’s Cognito sub. Local SQLite acts as a cache.

What syncs

  • Vault credentials
  • Connections (saved hosts)
  • Snippets + snippet folders
  • HTTP collections / environments / requests / folders
  • Documents and IPAM (Team+)
  • Saved DB queries

Conflict policy

Last-write-wins by updated_at. Local mutations push to the cloud immediately after the local write succeeds; reads fall back to the cache when offline.

Operational details

  • Bounded fan-out — a semaphore (depth 8) caps concurrent pushes so a bulk save doesn’t fill the API Gateway quota.
  • Retry with backoff — 503 responses retry at 200ms, 500ms, then 1200ms before giving up.
  • Seen-set reconciliationGET /me/resources returns the full set the cloud holds for the current identity. Local reconciliation diffs against that set so cross-scope deletes don’t show up as ghost resources after a Space switch.
  • Reconcile skip gate — once a full reconcile completes, the next 10 minutes skip the pull to prevent a tight loop on bursty mutation events.
  • Pagination/spaces/{id}/audit paginates via LastEvaluatedKey so a long history doesn’t truncate.

Cloud-side encryption

  • Pro — Personal credentials and HTTP environment secrets envelope-encrypted with a shared AWS KMS CMK in ShellYard’s AWS account; EncryptionContext={userSub} binds each row to your Cognito identity so kms:Decrypt fails for any other user. Not zero-knowledge — we hold the CMK.
  • Team — Same shared CMK + per-user EncryptionContext for Personal credentials, plus a dedicated per-Space customer-managed CMK for credentials shared into a Shared Space and a Group DEK gate for Group-scoped credentials. See Vault storage by tier and Shared credentials.
  • Enterprise — Identical crypto to Team. Adds per-Space audit-log filtering, larger storage caps, unlimited version retention, and cryptographic erasure on offboarding wrapped in custom contracts and security review.

Free

Free has no cloud sync — vault and all other resources are local-only.