At Banzai Cloud we are building an open source next generation platform as a service, Pipeline - built on Kubernetes. With Pipeline we provision large multi-tenant Kubernetes clusters on all major cloud providers and deploy different workloads to these clusters. We needed to find an industry standards based way for our users to publish and interact with protected endpoints and at the same time provide dynamic secret management for all the different applications we support, all these with native Kubernetes support. After several proof-of-concepts, we chose Hashicorp Vault. In this post we’d like to highlight how we use Vault and provide technical insight into the available options.