HCP Vault and HCP Consul add new Canada, Japan, and US AWS regions

HashiCorp Cloud Platform (HCP) is a popular way to get up and running on HashiCorp’s solutions without the overhead of installation, scaling, or lifecycle management. Today, HCP Vault, an identity-based cloud security solution, and HCP Consul, a cloud service networking and service mesh offering, are now available in new Amazon Web Services (AWS) regions around the globe, for the first time including Canada and Japan. In addition, HCP Vault recently gained multi-region replication support.

Many organizations rely on infrastructure in geographically distributed AWS regions to increase service performance and lower request round-trip latency. The supported AWS regions now include:

»United States

• North Virginia
• New: Ohio
• Oregon

»Canada

• New: Central

»Europe

• Frankfurt
• Ireland
• London

»Asia-Pacific

• New: Tokyo
• Singapore
• Sydney

For a full list of the AWS regions we support, see the HCP documentation.

»Multi-Region Support for AWS Regions

In addition to new regional support for single region deployments, customers who want to streamline operations for multi-region support can now take advantage of our new multi-region replication support for HCP Vault.

Using Vault as an example, multi-region support means that you can run a production-grade three-node Vault cluster in one AWS region and have it replicated to another three-node cluster in a different AWS region. For example, data in AWS Europe North 1 (Stockholm) could be replicated to AWS Europe West 2 (London). This can help lower latency between Vault and geographically dispersed applications in multi-region deployments.

Replication operates using a leader-to-follower model, in which a leader cluster (known as a primary) is linked to a follower cluster. The primary cluster acts as the system of record and asynchronously replicates most Vault data.

See our documentation for more information on multi-region replication for HCP Vault.

»HCP Vault: A Gateway to Zero Trust

For many of our customers, the first service they start using on HCP is Vault, particularly to centralize secrets management for ephemeral resources like Kubernetes managed containers. HCP Vault also enables secure secrets management across Amazon EC2, Amazon EKS, AWS Lambda, and many other AWS services.

As a fully managed service, HCP Vault makes it easier to secure, store, and tightly control access to tokens, passwords, certificates, encryption keys, and other sensitive data. It also serves as an identity-based security platform for applications, network services (with HCP Consul), and human users seeking secure remote access to infrastructure (with HCP Boundary).

We designed HCP Vault to minimize the steps necessary to set up Vault within your AWS environments. At a high level, operators need to take four steps to start using HCP Vault:

1. Create an account: Sign up for a HashiCorp Cloud Platform account.
2. Deploy a cluster: Select HCP Vault from the dashboard. This quickstart deployment guide will walk you through the process of creating your HashiCorp Virtual Network (HVN) and a Vault cluster.
3. Set up your first secret: Use our template for key/value secrets stores to get up and running quickly.
4. Peer with AWS: Once you have deployed your HVN and cluster, you need to peer that network with your existing AWS environments.

That’s it; you are ready to connect and use HCP Vault. In practice, these steps will have a range of options to meet the needs of your infrastructure, so we’ve created a series of HashiCorp Learn guides to help you manage the finer details of your setup.

»Next Steps

HCP Vault and HCP Consul are both available with hourly and annual pricing. Get started and see pricing today.