HashiCorp Cloud Platform adds new AWS region support for HCP Vault and HCP Consul in the U.S. as well as regions in Canada and Japan for the first time.
HashiCorp Cloud Platform (HCP) is a popular way to get up and running on HashiCorp’s solutions without the overhead of installation, scaling, or lifecycle management. Today, HCP Vault, an identity-based cloud security solution, and HCP Consul, a cloud service networking and service mesh offering, are now available in new Amazon Web Services (AWS) regions around the globe, for the first time including Canada and Japan. In addition, HCP Vault recently gained multi-region replication support.
Many organizations rely on infrastructure in geographically distributed AWS regions to increase service performance and lower request round-trip latency. The supported AWS regions now include:
For a full list of the AWS regions we support, see the HCP documentation.
In addition to new regional support for single region deployments, customers who want to streamline operations for multi-region support can now take advantage of our new multi-region replication support for HCP Vault.
Using Vault as an example, multi-region support means that you can run a production-grade three-node Vault cluster in one AWS region and have it replicated to another three-node cluster in a different AWS region. For example, data in AWS Europe North 1 (Stockholm) could be replicated to AWS Europe West 2 (London). This can help lower latency between Vault and geographically dispersed applications in multi-region deployments.
Replication operates using a leader-to-follower model, in which a leader cluster (known as a primary) is linked to a follower cluster. The primary cluster acts as the system of record and asynchronously replicates most Vault data.
See our documentation for more information on multi-region replication for HCP Vault.
For many of our customers, the first service they start using on HCP is Vault, particularly to centralize secrets management for ephemeral resources like Kubernetes managed containers. HCP Vault also enables secure secrets management across Amazon EC2, Amazon EKS, AWS Lambda, and many other AWS services.
As a fully managed service, HCP Vault makes it easier to secure, store, and tightly control access to tokens, passwords, certificates, encryption keys, and other sensitive data. It also serves as an identity-based security platform for applications, network services (with HCP Consul), and human users seeking secure remote access to infrastructure (with HCP Boundary).
We designed HCP Vault to minimize the steps necessary to set up Vault within your AWS environments. At a high level, operators need to take four steps to start using HCP Vault:
That’s it; you are ready to connect and use HCP Vault. In practice, these steps will have a range of options to meet the needs of your infrastructure, so we’ve created a series of HashiCorp Learn guides to help you manage the finer details of your setup.
HCP Vault and HCP Consul are both available with hourly and annual pricing. Get started and see pricing today.
A recap of HashiCorp infrastructure and security news and developments on AWS from the past year, from self-service provisioning to fighting secrets sprawl and more.
Vault benchmark is an open source tool that tests the performance of HashiCorp Vault auth methods and secrets engines.
HCP Consul Central’s new observability features were recently used by a customer to help troubleshoot an issue with assistance from HashiCorp engineers.