New HCP Vault Plus Clusters adds high availability replication of secrets and policies across cloud regions.
We are pleased to announce the availability of new Plus clusters featuring multi-region replication with HashiCorp Cloud Platform (HCP) Vault. These new clusters bring fully-managed performance replication support to customers that need secrets and policies across multiple cloud regions.
HCP Vault enables organizations to get Vault clusters up and running quickly and get access to powerful secrets management and encryption capabilities. With HCP Vault, customers have one multi-cloud workflow, push-button deployment, and a fully managed infrastructure. We have been making steady improvements since announcing the general availability of HCP Vault in April of 2021, including a Development node, a Starter cluster, and a Standard cluster. Now, HCP Vault Plus adds performance replication for syncing secrets between two highly available Vault clusters located in separate regions.
In this post, we will review some of the new features and capabilities introduced since we launched HCP Vault, including cross-region performance replication.
Many organizations rely on infrastructure in geographically distributed Amazon Web Service (AWS) regions to increase service performance and lower request round-trip latency. HashiCorp Vault has long supported replication and we are happy to be bringing that capability to our customers through HCP Vault.
This means you can run a production grade three-node Vault cluster in one AWS region and have it replicated across to another three-node cluster in another AWS region. For example, data in AWS West could be replicated to AWS East. Replication operates using a leader-to-follower model, wherein a leader cluster (known as a primary) is linked to a follower cluster. The primary cluster acts as the system of record and asynchronously replicates most Vault data.
There are a several common use cases when you would consider performance replication:
HCP Vault is generally available in AWS regions in the U.S. (Oregon and Virginia), Europe (Frankfurt, Ireland, and London), Singapore, and Australia (Sydney). We plan to expand to other regions in the future.
HCP Vault offers multiple packages at discrete price points:
As a fully managed service, HCP Vault makes it easier to secure, store, and tightly control access to tokens, passwords, certificates, encryption keys, and other sensitive data. HCP Vault also enables secure secrets management across Amazon EC2, Amazon EKS, AWS Lambda, and many other AWS services.
We designed HCP Vault to minimize the steps necessary to set up Vault within your AWS environments. At a high level, operators need to take four steps to start using HCP Vault:
That’s it; you are ready to connect and use HCP Vault. In practice, these steps will have a range of options when you drill down into them, so we’ve created a series of HashiCorp Learn guides to help you manage the finer details of your setup.
We are very excited about making the HCP Vault Plus cluster with performance replication generally available. We recommend creating an HCP account and trying HCP Vault for yourself. For more information about HCP Vault and pricing, please visit our product page or sign up through the HCP portal.
In this blog post, we’ll look at practical public key certificate management in HashiCorp Vault using dynamic secrets rotation.
Discover how HashiCorp Developer Advocate Rosemary Wang uses HashiCorp Boundary on live streams to automate access to servers and record commands to build into future automation.
Eight new HashiCorp Vault ecosystem integrations extend security use cases for customers.