Vault Enterprise 1.15 adds a beta release of secrets sync, a feature that allows organizations to control secret sprawl and their secrets management lifecycle.
At HashiDays in June, we announced the public beta for a new offering on the HashiCorp Cloud Platform: HCP Vault Secrets is a powerful new tool designed to identify, control, and remediate secrets sprawl and centralize secrets management by synchronizing secrets across platforms.
Secrets are unlike traditional credentials because they are leveraged by developers, applications, services, infrastructure, and platforms to establish trusted identities. As organizations distribute their workloads across more platforms they lose centralized control over identity security and become more exposed to secrets sprawl.
This post reviews the secrets sync beta feature released as part of Vault Enterprise 1.15 and discusses how it will help organizations corral secrets sprawl and regain centralized control and visibility of their secrets.
More and more of the software supply chain is shifting left, giving individual engineers and engineering teams more discretion regarding secrets management. As an organization’s workloads become more distributed across CI/CD tooling and cloud platforms, enterprises report difficulty in maintaining secrets revocation and rotation security policy compliance. This is largely due to the inability of individual platforms to provide unified and centralized visibility into secrets lifecycle management.
Maintaining a centralized view of your secrets lifecycle brings many benefits:
Secrets sync allows users to synchronize secrets when and where they require them and to continually sync secrets from Vault Enterprise to external secrets managers so they are always up to date.
The beta release of Vault Enterprise secrets sync covers some of the most common destinations for secrets:
By adopting Vault Enterprise secrets sync to remediate secrets sprawl, organizations can establish centralized secrets lifecycle management in a single control plane. This eliminates the need for context switching among multiple secrets management platforms.
Secrets sync on Vault Enterprise is now available as a beta feature in the 1.15 release. Learn more about secrets sync in our documentation and learn more about what Vault can do for your organization on our features page.
Do cloud right with The Infrastructure Cloud from HashiCorp. Unlock developer potential while controlling cloud costs and risk.
HCP Vault Radar conducts ongoing reconnaissance of unsecured secrets stored as plain text in code repositories as well as configuration, DevOps, and collaboration tools.
Secrets sync is a new feature in HashiCorp Vault that facilitates centralized management, governance, and control of secrets for multiple external secret managers.