Depot vs the alternatives
S3 and MinIO access without handing out master credentials
The AWS S3 console requires AWS credentials for every user. Desktop S3 browsers require per-user credentials too. Depot flips it: credentials live in environment variables on the backend, and people log in with Bearer tokens to see exactly the buckets and actions they are allowed to see — download, rename, delete can be toggled per-environment.
The dimensions that matter
| Option | Pricing model | Scaling | Data residency | Customization | Lock-in |
|---|---|---|---|---|---|
| Depot Self-hosted | Flat per-container licence | Stateless — scale as needed | Lives in your bucket | Per-env permission matrix | Low — it's a viewer |
| AWS S3 Console Cloud | Free | Managed | AWS | IAM policies | Medium — AWS-only |
| Cyberduck / Transmit Desktop | Free or one-time | Per-user desktop | Your bucket | Per-user creds | Low |
| MinIO Console Open-source | Free | Bundled with MinIO | Your MinIO | Bucket policies | Low |
What each alternative is good at — and where it falls short
Every tool here is excellent. Read the strengths. Then read where it stops fitting your situation.
AWS S3 Console
CloudStrength
Native, free (you already pay for AWS), full feature parity with the bucket.
Where it falls short
Every user needs an IAM identity. Fine-grained permissions are powerful but tedious to maintain. Non-AWS buckets (MinIO, Azure) are unreachable. No per-environment permission toggles.
Pricing model
Free (included with AWS).
Cyberduck / Transmit
DesktopStrength
Mature desktop UIs, comfortable for power users, support for many protocols.
Where it falls short
Every user has credentials on their laptop. No browser access. Hard to audit. No environment-level permission switches — once a user has keys, they have keys.
Pricing model
Free (Cyberduck) / one-time licence (Transmit).
MinIO Console
Open-sourceStrength
Operator-focused admin console bundled with MinIO — bucket policies, IAM, events.
Where it falls short
Built for MinIO operators, not for letting QA and support teams verify uploads. S3 and Azure support requires workarounds. Permissions are IAM-style, not per-user action toggles.
Pricing model
Free (MinIO OSS).
If QA and support need a file browser but shouldn't have the master keys, Depot is the short answer — browser access, environment-scoped permissions, signed URLs instead of credentials.
The principles behind self-hosting
These apply across every comparison on this site — not just this one.
Flat-rate cost model
A self-hosted container costs the same whether it processes 100 jobs or 10 million. SaaS and cloud alternatives meter per request, minute, or connection — costs scale linearly with usage.
Your data stays in your VPC
No cross-border data transfer. No vendor data-processing agreements. Compliance, residency, and audit are simpler when data never leaves.
No vendor lock-in
Every service speaks open standards — MQTT 5, OpenAPI, OCI Distribution, Redis protocol, S3 API. Migrating away is a DNS change, not a rewrite.
One contract across your stack
One platform contract. Once your team learns one service, onboarding the next is an afternoon. Compare to mastering AWS IoT and Document Intelligence and MediaConvert separately.
Scale on the boxes you already have
Every service is stateless HTTP plus a worker pool. Helm charts ship with every image. If you have a Kubernetes cluster, you already have the platform.
Extend without asking permission
Need a custom task, a new notification driver, or a bespoke integration? The source is yours to modify. No vendor roadmap. No feature request backlog.
Try Depot. See the difference.
One Docker container. One live demo. Five minutes to see it running on your stack.