Introduction to Vault
This guide covers what Vault is, what problems it can solve, and how to quickly get started.
Use case
Secrets management
Centrally store, access, and deploy secrets across applications, systems, and infrastructure.
Challenge
Eliminate hard-coded credentials, keys, and tokens across different clouds and environments
Infrastructure has become both ephemeral and elastic, IP addresses are dynamic, and the network perimeter is no longer distinct. This strains traditional network-based approaches to security. Instead, modern security posture assumes a “low trust” network, where it's assumed a network breach will occur.
This new posture pushes for a more integrated approach to security, where access to systems and endpoints is explicitly managed, instead of implicitly granted by virtue of being on a private network. Instead of using IPs as a unit of access, applications are given an identity that allows us to handle the ephemeral and elastic nature of cloud infrastructure.
Solution
In a low-trust network, it becomes critical to manage secrets that provide access to applications, systems, and endpoints. Application data must also be protected, and not stored in plaintext in databases or other network-attached storage. This drives the need for centralized secret management and application middleware for key management and data encryption.
To learn more about how development teams can get started with centralized secrets lifecycle management, check out our HCP Vault Secrets offering, now in public beta.
Customer case study
Using Vault to protect Adobe's secrets and user data across clouds and datacenters
Securing secrets and application data is a complex task for globally distributed organizations. For Adobe, managing secrets for over 20 products across 100,000 hosts, four regions, and trillions of transactions annually requires a different approach altogether.
100
trillion transactions with HashiCorp Vault
100K
hosts globally
12
Vault clusters globally
Resources
Docs
Explore all
Tutorials
Explore all
Introduction to Vault
Vault comes with pluggable components called secrets engines and authentication methods allowing you to integrate with external systems.
Your first secret
Key/Value secrets engine is a generic key-value store used to store arbitrary secrets within the configured physical storage for Vault.
Dynamic secrets
Dynamic secrets do not exist until they are read, so there is no risk of someone stealing them or another client using the same secrets.
Introduction to HashiCorp Vault
In this whiteboard video, Armon Dadgar, HashiCorp's Co-Founder and CTO, explains what is Vault and how it works.
Armon Dadgar
CO-FOUNDER & CTO