HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
HashiCorp Cloud Platform
HashiCorp Cloud Platform Home

HCP Vault Radar IDE extension overview

Beta feature

This feature is currently available as beta. The beta functionality is stable but possibly incomplete and subject to change. We strongly discourage using beta features in production.

Committing secrets to version control is a common mistake that can lead to security breaches and data leaks.

Managing, triaging, and remediating leaked secrets can be a time-consuming process, and often requires significant manual effort.

HashiCorp's HCP Vault Radar service identifies and helps you remediate leaked secrets from your version control, or documentation systems.

The HCP Vault Radar IDE extension helps you identify and remove secrets from your application source code and infrastructure as code files before you commit the secrets to version control.

After you install the extension, it will automatically scan for and highlight secrets when you open or save the file in your IDE. When supported by the IDE, you will also see alerts in other information panels, or logs.

When used in conjunction with HashiCorp Vault, you can correlate secrets detected by the plugin with secrets stored in Vault, or copy secrets not already stored to the Vault cluster. Once you copy secrets to Vault, you can update the source code to reference the secret rather than embedding the secret in the source code.