Overview
Vault (HashiCorp) is a centralized secrets management and encryption platform for cloud-native and enterprise environments, providing unified key storage, dynamic credentials, data encryption/decryption, and auditing, with both open-source and enterprise-grade features.
Core features and highlights
- Unified secrets engines: Supports secrets engines like
kv,transit,pki,database, etc. - Dynamic credentials and leases: Generates database and cloud service credentials on demand and automatically revokes them to reduce the risk of long-lived credential leaks.
- Multiple auth methods and policies: Supports auth methods like
AppRole, Kubernetes, AWS, LDAP, GitHub, combined with fine-grained ACL policies to enforce least privilege. - Enterprise reliability and security: Supports auto-unseal (
auto-unseal), HSM integration, audit logging, replication, and high-availability deployments.
Vault is well suited for SREs, DevOps, platform engineers, and security teams, and is especially useful in microservices, CI/CD, cloud migrations, and compliance/audit scenarios. Its main benefits include centralized management, dynamic credentials and key rotation, an extensible secrets engine ecosystem, and comprehensive auditing and access control, helping reduce credential leakage risk and improving operational and security efficiency.