I've looked at vault (https://hashicorp.com/blog/vault.html) which seems ideal but still in production.

Also AWS's Key Management system (KMS)(https://aws.amazon.com/kms/) seems promising but only provides ways to store native AWS keys. Would I then create a database which held the keys encrypted using KMS keys and SQL access keys?