HCP Vault Secrets is a managed offering of HashiCorp Vault focusing on secrets management for developers that offers key capabilities including secrets sync.
Today at HashiConf, we are pleased to announce the general availability of HCP Vault Secrets, a new software-as-a-service (SaaS) offering of HashiCorp Vault that focuses on secrets management. Released in beta earlier this year, HCP Vault Secrets lets users onboard quickly and is free to get started. The general availability release of HCP Vault Secrets builds on the beta release with production-ready secrets management capabilities, additional secrets sync destinations, and multiple consumption tiers.
During the public beta period, we worked on improvements and additions to HCP Vault Secrets. Focused on secrets management for developers, these additions will help our users to:
HCP Vault Secrets is a managed Vault offering focusing on secrets management for developers. It sharpens the focus on secrets management with three key benefits:
HCP Vault Secrets centralizes secrets lifecycle management into one place, so users can avoid secret sprawl and context switching between multiple secrets management solutions. HCP Vault Secrets introduces a new domain model based on the concept of applications, which are used to logically group secrets. This structure lets organizations intuitively map their secrets within HCP Vault Secrets and easily scale to meet the growth of secrets under management, while not compromising on the discoverability of secrets.
HCP Vault Secrets offers, for the first time from Vault, the ability to centrally manage secrets and sync them to destinations you may already have in your stack. HCP Vault Secrets improves secrets versioning and access control setup and can ensure secrets are synced across multiple repositories. Currently, three destinations (GitHub Actions, Vercel, and AWS Secrets Manager) are offered, with more slated to be added over time.
In support of today’s release, Lindsey Simon, Vice President of Engineering at Vercel, said, "We are delighted to partner with HashiCorp on the launch of HCP Vault Secrets. Now, Vercel users can quickly and centrally manage their deployment secrets across their local, CI, and Vercel environments while avoiding any drift between them."
Tony Camp, Senior Product Manager at GitHub, said, “By syncing secrets with GitHub Actions, this added functionality to HCP Vault Secrets means users have a centralized management experience without having to compromise security or velocity. This integration expands on our robust partnership with HashiCorp, where together we provide developers and organizations with the tools to build, scale, and deliver secure software.”
Alternatively, users can decide to inject secrets directly into their application runtime as well through the CLI, API, or HashiCorp Terraform, or into Kubernetes via the Vault Secrets Operator.
HCP Vault Secrets is a multi-tenant SaaS offering. Instead of running their own secrets management solutions, organizations can rely on HashiCorp to manage the deployment, updates, scale, reliability, security, compliance, and support of HCP Vault Secrets. The solution is always up to date and in line with security best practices, eliminating the time spent managing manual upgrades so it can be reallocated to more strategic projects.
Over the course of the HCP Vault Secrets beta period, we received overwhelmingly positive feedback from more than 4,000 beta participants. During this time we saw more than 7,500 secrets created and millions of secrets read. Thank you to all who participated and shared their feedback, including Alex Fallenstedt, Senior Software Engineer at New Relic, who said, "HCP Vault Secrets makes it easy to get up and running quickly with secrets management. I went from zero secrets management to a secrets wizard in about 30 minutes."
Organizations and individuals can consume HCP Vault Secrets in two ways. You can choose either our always-free tier to manage up to 25 secrets or our Standard paid tier. The Standard tier offers extended capabilities and is priced based on a combination of secrets created and access API operations used. For more detailed pricing information, check out the HashiCorp Vault pricing page.
A recap of HashiCorp infrastructure and security news and developments on AWS from the past year, from self-service provisioning to fighting secrets sprawl and more.
Vault benchmark is an open source tool that tests the performance of HashiCorp Vault auth methods and secrets engines.
If you’re attending AWS re:Invent in Las Vegas, Nov. 27 - Dec. 1, visit us for breakout sessions, expert talks, and product demos to learn how to accelerate your adoption of a cloud operating model.