HCP Vault Secrets is a new SaaS-based secrets management platform that enables developers to centrally store, access, and sync secrets when and where they need them.
Today at HashiDays, we launched the public beta for a new offering on the HashiCorp Cloud Platform: HCP Vault Secrets. HCP Vault Secrets is a new Software-as-a-Service (SaaS) offering of HashiCorp Vault that focuses primarily on secrets management, enables users to onboard quickly, and is free to get started.
In this post, we’ll look at the customer feedback that led to the creation of HCP Vault Secrets and we’ll cover some of its unique features and differences compared to HCP Vault.
As organizations have grown their usage of cloud and SaaS services, they face new challenges around managing security. In dynamic environments, there are more systems to manage, more endpoints to monitor, more networks to connect, and more people who need access. The potential for a breach increases significantly — making the need to adopt the right security posture while maintaining development agility even more important.
We have heard from our customers that secret sprawl and improving security posture while still maintaining developer agility are the biggest challenges they face. Different teams end up using different tools to store and manage secrets across multiple environments, creating challenges around common access management, remediating leaked secrets quickly, and not having a unified view of the secret lifecycle.
We created HCP Vault Secrets as a SaaS service to enable development teams to centralize their secrets management and set up a unified view of their secrets and applications in minutes, while still maintaining their development workflows with their existing cloud secrets managers, CI systems, and deployment services. HCP Vault Secrets is focused solely on secrets management, allowing centralized platform engineering teams to focus on strengthening their secrets management security posture without compromising on development agility.
HCP Vault Secrets offers both a pull model and a push model for getting secrets into the development workflow. With the push model, platform teams can set up secret synchronization from HCP Vault Secrets, and application development teams can continue iterating with their existing workflows without major interruptions. With the pull model, development teams can inject application secrets into their local application deployment workflows ensuring all secrets, including local development secrets, are centralized in HCP Vault Secrets.
HCP Vault Secrets is a managed Vault offering focusing on secrets management for developers across three key areas:
HCP Vault Secrets centralizes secrets lifecycle management into one place, so users can eliminate context switching between multiple secrets management applications. We are introducing a new domain model with the concept of applications that are used to logically group secrets. This structure allows organizations to intuitively map their secrets within HCP Vault Secrets as well as easily scale the growth of secrets, while not compromising on the discoverability of secrets.
With secrets sync, users can synchronize secrets when and where they need them and continually sync secrets from HCP Vault Secrets to external secrets managers like AWS Secrets Manager so they are always up to date. HCP Vault Secrets will initially integrate with AWS Secrets Manager, with more integrations planned for later in the public beta period.
We built HCP Vault Secrets to prioritize developer flexibility. With HCP Vault Secrets, developers can fetch secrets from any interface (CLI, TF, API, or UI), inject secrets into applications at runtime without code changes, and use the native HCP authentication methods across all interfaces.
The centralized secrets lifecycle management enabled by HCP Vault Secrets lets developers:
HCP Vault Secrets is fully managed by HashiCorp and available on the HashiCorp Cloud Platform, allowing users to get up and running quickly — they can sync their first secret in minutes.
Try HCP Vault Secrets today and begin centralizing your secrets in minutes. To get started, sign up for HCP Vault Secrets for free and check out our HCP Vault Secrets documentation on HashiCorp Developer. And be sure to watch the video demo of HCP Vault Secrets from HashiDays, below:
HashiCorp Vault 1.15 contains a range of updates from UI updates and PKI enhancements to betas for Enterprise secrets sync, Enterprise seal high availability, and event monitoring.
Learn about the ACME protocol for PKI, the common problems it solves, and why it should be part of your certificate management roadmap.
New HashiCorp Vault ecosystem integrations extend security use cases for customers.