Vault
Why use Vault?
Modern software works because of secrets. Secrets are sensitive, discrete pieces of information like credentials, encryption keys, authentication certificates, and other critical pieces of information your applications need to run consistently and securely.
Use Vault to centralizing secret management and harden your application deployments.
| Manage 3rd-party secretsManage 3rd-party secrets by integrating Vault with the other elements of your development environment. Generate and revoke on-demand credentials for database systems and cloud providers like AWS, and control access to external information like encryption keys and cloud credentials. |
| Manage certificatesManage certificates by configuring Vault to work with certificate authorities like KMIP and PKI to manage certificate life cycles and authenticate clients. |
| Manage identities and authenticationManage identities and authentication and control client access to sensitive information with managed entities, identity tokens, OIDC workflows, and workload identity federation (WIF). |
| Manage static secretsManage static secrets by storing and rotating arbitrary secrets in Vault with the Key/Value and Cubbyhole plugins. Vault encrypts data before writing out to persistent storage, so accessing the raw storage is insufficient to access the information. |
| Secure sensitive dataSecure sensitive data by defining custom parameters to encrypt or tokenize sensitive data in transit and at rest without storing the data in Vault. |
| Support regulatory complianceSupport regulatory compliance by configuring Vault as part of an HSM solution, FIPS compliant architecture, or PKCS11 authN workflow. |