Vault is a platform for centralized secrets management, encryption as a service, and identity-based access.

Vault 1.8 offers a new Vault Diagnose command, Key Management secrets engine AWS GA support, updates to Integrated Storage Autopilot, and more.

Announcing HashiCorp Vault 1.8

Explore the pros and cons of five different ways to manage credentials and other secrets in Terraform Cloud & Enterprise.

Managing Credentials in Terraform Cloud & Enterprise

Several new partners have had their integrations validated for cloud-managed HCP Vault.

GitHub, F5, and Okta Among New HCP Vault Integrations

Learn how Vault can help you build zero trust security on Microsoft Azure with five common use cases and five best practices.

HashiCorp Vault Use Cases and Best Practices on Azure

Learn our best and worst practices for secure introduction, and step through using HashiCorp Vault’s AppRole authentication method for this purpose.

How (and Why) to Use AppRole Correctly in HashiCorp Vault

Get a clear picture of modern data protection and encryption methods, their tradeoffs, and see HashiCorp Vault’s feature matrix to identify which method is the right fit for you.

How to Choose a Data Protection Method

Try out the new and enhanced features introduced in Vault 1.8 with step-by-step tutorials on HashiCorp Learn. 

New Vault Tutorials: Vault 1.8 Release Highlights

Learn how secrets management in Kubernetes compares to HashiCorp Nomad, and see why HashiCorp Vault is a powerful solution for both.

A Kubernetes User's Guide to HashiCorp Nomad Secret Management

Learn how to fetch secrets from Vault with a custom Chrome extension in the latest HashiCorp Learn tutorial.

Vault Secrets in a Browser Plugin

Secrets management with HashiCorp Vault can use Microsoft Azure managed identities to ease the operational burden of Vault cluster availability: Part 2 in a series.

Azure Managed Identities with the HashiCorp Stack: Part 2

HCP Vault Starter — now generally available on AWS — offers a production-grade 3-node cluster at a reduced price point.

Announcing HCP Vault Starter

Get helpful resources on a recent change to product license deployments and learn how to navigate this change.

Navigating the New HashiCorp Enterprise License Deployment Process

Learn how to build scalable, role-based SSH access with SSH certificates and HashiCorp Vault.

Managing SSH Access at Scale with HashiCorp Vault

The HashiCorp Vault Helm chart has achieved Red Hat OpenShift Certification to help OpenShift users more readily deploy secrets management on Kubernetes.

HashiCorp Vault Achieves Red Hat OpenShift Helm Certification

Learn how to build an automated HashiCorp Vault onboarding system with Terraform using sensible naming standards, ACL policy templates, pre-created application entities, and workflows driven by VCS and CI/CD.

Onboarding Applications to Vault Using Terraform: A Practical Guide

HashiConf Europe speakers from Starbucks and Roblox share how they leverage HashiCorp Vault, Consul, and Boundary to create a zero trust security model.

5 Zero Trust Security Takeaways From HashiConf Europe

Watch all 30+ videos HashiConf Europe 2021 with these on-demand videos of all the keynotes, sessions, and customer presentations.

HashiConf Europe 2021 Recap and Videos

 The HashiCorp Cloud Platform (HCP) now has expanded capabilities for networking, single sign-on, and more. HCP will also support new configurations of HashiCorp Consul and HashiCorp Vault in the coming months.

HashiCorp Cloud Platform Adds Transit Gateway, Okta Support, New Packages

HashiConf Europe 2021 is coming June 8-11. Here are some of the highlights that you don’t want to miss, from customer stories to product deep-dives. 

The HashiConf Europe Highlights You Don’t Want to Miss

The CNCF End User Technology Radar for secrets management reveals HashiCorp Vault has the broadest adoption across many companies and industries.

CNCF Technology Radar Highlights HashiCorp Vault’s Broad Multi-Cloud Adoption

Learn how to use CSI to expose secrets on a volume within a Kubernetes pod and retrieve them using our beta Vault Provider for the Kubernetes Secrets Store CSI Driver. 

Retrieve HashiCorp Vault Secrets with Kubernetes CSI

The new Snowflake database secrets engine for Vault supports static and dynamic roles as well as root credential rotation. 

Announcing the Snowflake Secrets Engine 

Leading candidate interviewing platform uses HashiCorp Vault to secure backend systems and sensitive personal information for a safe, seamless recruitment process.

How HireVue Uses HashiCorp Vault to Enable Faster, More Secure Candidate Recruitment

Gain a deeper understanding of HashiCorp tools and products with 90-minute hands-on workshops at HashiConf Europe: Thursday and Friday, June 10 and 11, 2021.

HashiConf Europe Workshops: Key Takeaways and How to Book 

Autopilot for Integrated Storage is taking the operator experience to the next level.

Autopilot: Simplifying the Integrated Storage Experience with HashiCorp Vault

HCP Vault is now generally available on AWS. HCP Vault gives you the power and security of HashiCorp Vault, without the complexity and overhead of managing it yourself.

Announcing HCP Vault General Availability

Watch these highlighted talks on HashiCorp Vault from our 2021 HashiTalks community event.

HashiTalks 2021 Highlights: Vault

Try out the new features introduced in Vault 1.7 with step-by-step tutorials on Hashicorp Learn.

New Vault Tutorials: Vault 1.7 Release Highlights

This release features a new Integrated Storage Autopilot feature along with production readiness for Tokenization via Transform and the Key Management Secrets Engine.

Announcing HashiCorp Vault 1.7

Read our recap of the recent updates to HCS on Azure and the latest integrations between Azure services and HashiCorp Consul, Terraform, and Vault.

HashiCorp Highlights for Microsoft Ignite

We have developed a baseline SELinux policy for securing Vault on Red Hat-based Linux Distributions

Hardening HashiCorp Vault with SELinux

Check out the latest updates and new additions to our collection of tutorials for deploying Vault on Kubernetes. 

Updates to the HashiCorp Learn's Vault-Kubernetes Collection

Sentinel 0.17 provides the ability to return non-boolean data within a policy. See examples of how to use this new functionality to improve compliance reporting capabilities.

Using Rich Return Types and Map Expressions in Sentinel 0.17

HashiCorp Vault is now available on HashiCorp Cloud Platform in public beta.

Announcing HCP Vault Public Beta

The cryptography and key management protecting HashiCorp Vault secrets is designed to stand up to concerted attacks from well-resourced, skilled adversaries. Here's how it works.

When the Levee Breaks: Protecting Vault Against Advanced Adversaries and Internal Threats

A new Couchbase secrets engine is available for HashiCorp Vault.

Announcing the Couchbase Secrets Engine

Two AWS quick start guides for HashiCorp Vault on EKS and EC2 are now updated for compatibility with Vault 1.6.

HashiCorp and AWS Launch Quick Start Guides for Vault 1.6 on Amazon EKS and EC2

Building on our security foundation, HashiCorp has obtained our first SOC II Type II report and ISO 27001 certificate for many of our enterprise products. 

HashiCorp Compliance Program Updates 

Learn how to secure your Consul agents and access to data with Vault integrations. We also have new Consul 1.9 tutorials.

New Learn Tutorials: Secure Consul with Vault's Secret Engines

New step-by-step tutorials to demonstrate the use of Vault C# client library to leverage HashiCorp Vault in your .NET applications.

Use HashiCorp Vault C# Client with .NET Core

This blog is a summary of HashiCorp activities at AWS re:Invent 2020. 

HashiCorp at AWS re:Invent 2020

We will be organizing a HashiCraft Holidays Hackstravaganza where you and your fellow tinkerers can use your creativity to showcase one or more of our products in creative and unexpected ways.

Announcing the HashiCraft Holidays Hackstravaganza

In this blog, we round-up all of the KubeCon related activities HashiCorp will be doing this week at the virtual conference and adjacent to it. 

HashiCorp and KubeCon North America Virtual

New step-by-step tutorials demonstrate the features introduced in Vault 1.6. 

Vault Learning Resources: Vault 1.6 Release Highlights

This release features Integrated Storage enhancements, a new Key Management Secrets Engine, Transform Secrets Engine updates, and more.

Announcing HashiCorp Vault 1.6

New Sentinel HTTP import capabilities in Vault Enterprise 1.5 enable new sophisticated governance policies. See it in action.

Using Sentinel's HTTP Import in HashiCorp Vault Enterprise

Try HashiCorp Vault as a managed cloud service by signing up for the HCP Vault private beta.

Announcing Vault on the HashiCorp Cloud Platform

Developers no longer have to make their Lambda functions Vault-aware. 

Use AWS Lambda Extensions to Securely Retrieve Secrets From HashiCorp Vault

Use Vault-generated dynamic credentials to provision infrastructure. Learn how to inject secrets into your Terraform configuration using the Vault provider.

Learn to Inject Secrets Into HashiCorp Terraform Configuration using Vault

Get Terraform, Packer, Vault, Consul, and Nomad up and running even faster on macOS with our new official Homebrew Tap.

Announcing HashiCorp’s Homebrew Tap

Learn about a Vault SlackBot made by DigitalOnUs.

Vault AIDE: A ChatOps Bot for HashiCorp Vault

When multiple teams use Consul, it becomes difficult to correlate manually managed policies with the identity accessing it. In this blog, we'll show you an automated method to ensure least-privilege access to Consul using Terraform and Vault. 

Managing HashiCorp Consul Access Control Lists (ACLs) with Terraform & Vault

We are happy to announce that we have an officially supported HashiCorp Vault GitHub Action. GitHub Actions allow you to easily automate your CI/CD developer workflows to run actions against repositories based on triggers within GitHub. The Vault GitHub Action allows you to take advantage of secrets sourced from your HashiCorp Vault infrastructure for things like static and dynamic secrets and inject these secrets into your GitHub workflows.

Automate Secret Injection into CI/CD Workflows with the GitHub Action for Vault

Today, the Sentinel team is pleased to announce the release of the Sentinel Playground. We have built the Playground so that new and existing customers have access to a zero-install development environment. Now, practitioners can learn and experiment with policy as code in minutes without having to install and maintain runtime environments on their own machines.

Announcing the Sentinel Playground

We are excited to announce that HashiCorp Vault is now validated on Google Cloud Platform’s Confidential Computing service. Confidential Computing allows HashiCorp Vault to operate in environments with resilient host based security that adds additional protection through the use of memory encryption.

Using HashiCorp Vault with Google Confidential Computing

Ample Organics, a global leader in tech infrastructure and services for the cannabis industry, shares how HashiCorp Nomad and Consul has helped them create an agnostic platform that makes it possible to ship 125 client deployments per day with zero downtime and 10% reduction in operating costs.

How HashiCorp Nomad Helps Relax Cannabis Compliance and Kubernetes Complexity

Here is a closer look at the HashiConf talk with Sky Betting & Gaming that shows the HashiCorp Vault features they use to mitigate user errors.

How HashiCorp Vault Helps Minimize the Impact of User Error

Learn from nearly 20 free, interactive, hands-on tutorials as presented at HashiConf Digital.

Learn From 20 Free Interactive Tutorials As Presented At HashiConf Digital

Today we’re happy to announce HashiCorp’s official Linux repository, a source of Debian and RPM packages for HashiCorp products. These packages will provide Linux users with a better installation and upgrade experience.

Announcing the HashiCorp Linux Repository

We are excited to announce new step-by-step tutorials to demonstrate the features introduced in Vault 1.5, which was just released on July 21st. In addition, the Performance Tuning guide and Monitor Telemetry guide are now available.

Vault Learning Resources: Vault 1.5 features and more

We are pleased to announce the launch of our Splunk app to help you with the out-of-the-box HashiCorp Vault monitoring experience. The app helps you understand how Vault is doing from an operational and security perspective in a multi-tenant environment, and comes with pre-built dashboards and reports that span various monitoring use cases.

Splunk App for Monitoring HashiCorp Vault

With Vault 1.5, we added a new feature called Resource Quotas, which allows you to protect your Vault environment's stability and resource consumption in a predictable way from runaway application through the use of request rate limiting and counters.

Announcing HashiCorp Vault Resource Quotas

We are excited to announce the HashiCorp Vault Helm chart has been updated with RedHat OpenShift 4.X support. We have extended the existing Helm chart to support installing and running Vault Enterprise on OpenShift.

Announcing OpenShift Support Via the HashiCorp Vault Helm Chart

In Vault 1.5, we redesigned the replication UI to create dashboards that are easy to read, and make problems easier to see and troubleshoot. We are excited to share our redesigned dashboards with you.

HashiCorp Vault Replication UI Redesign

We are excited to announce the general availability of HashiCorp Vault 1.5 Vault is a tool which provides secrets management, data encryption, and identity management for any application on any infrastructure.

Announcing HashiCorp Vault 1.5

Today we are pleased to announce the HashiCorp Cloud Platform (HCP), a fully managed cloud offering to automate deployment of HashiCorp products on any cloud provider.

Our first HCP service — HCP Consul — is now in private beta with support for AWS. HCP Vault will follow next. Get early access here.

Announcing the HashiCorp Cloud Platform

We are excited to announce that HashiCorp Vault Enterprise has successfully completed product compatibility validations for both VMware vSphere and NetApp ONTAP. Vault Enterprise can be used as a flexible, very cost-effective, and scalable external key manager solution using the built in Key Management Interoperability Protocol (or KMIP) standard for securing and encrypting the storage systems.

Securing VMware and NetApp Data with HashiCorp Vault

Vault 1.4 Enterprise introduced a new secrets engine called Transform. This post shows you how to implement Transform secrets into a simple API; source code is provided for both the Java and Go programming languages.

Encrypting Data while Preserving Formatting with the Vault Enterprise Transform Secrets Engine

In this article, we will see how to automate the creation and management of the lifecycle of TLS certificates in a Kubernetes environment with HashiCorp Vault and its PKI secret engine as well as JetStack cert-manager.

Kubernetes Traffic Ingress with HashiCorp Vault PKIaaS and JetStack Cert-Manager

Introducing the HashiCorp Cloud Engineering Certification program, for cloud engineers to demonstrate their knowledge, capability, and expertise working with the de facto standard open source multi-cloud automation tools from HashiCorp

Announcing HashiCorp Cloud Engineering Certifications 

HashiCorp has created a Vault 1.4 Release Highlights section on HashiCorp Learn to list all guides that are specific to Vault 1.4 features. Start exploring those new features today.

Vault Learning Resources: Vault 1.4 features

Kubernetes users can now bring Vault into their Kubernetes environment using the Vault Helm chart to manage secrets. Get started with hands-on tutorials that demonstrate operating Vault in a variety of modes within Kubernetes.

Learn How to Run Vault on Kubernetes

We are excited to announce the general availability of the Integrated Storage backend for Vault with support for production workloads. Integrated Storage exists as a purely Vault internal storage option and eliminates the need to manage a separate storage backend.

HashiCorp Vault Announces Integrated Storage General Availability

Transform is a Secrets Engine that allows Vault to encode and decode sensitive values residing in external systems such as databases or file systems. This capability allows Vault to ensure that when an encoded secret’s residence system is compromised, such as when a database is breached and its data is exfiltrated, that those encoded secrets remain uncompromised even when held by an adversary.

Vault Transform: Protecting Secrets in External Systems

We are excited to announce the general availability of HashiCorp Vault 1.4. Vault is a tool which provides secrets management, data encryption, and identity management for any application on any infrastructure.

Announcing HashiCorp Vault 1.4

HashiCorp Learn now features embedded interactive experiences powered by Katacoda. Use these in-page tutorials to have an immediate hands-on experience with HashiCorp products.

Get Hands-on Experience with HashiCorp Products in Your Browser

We are excited to announce a new Kubernetes integration that allows applications with no native HashiCorp Vault logic built-in to leverage static and dynamic secrets sourced from Vault.

Injecting Vault Secrets Into Kubernetes Pods via a Sidecar

In this blog post, we will look at how the Vault integration for Kubernetes allows an operator or developer to use metadata annotations to inject dynamically generated database secrets into a Kubernetes pod. The integration automatically handles all the authentication with Vault and the management of the secrets, the application just reads the secrets from the filesystem.

Dynamic Database Credentials with Vault and Kubernetes

We are excited to announce new guides to demonstrates the features introduced in Vault 1.3, which was just released: Active Directory Check-in/Check-out, Entropy Augmentation, and the Vault debug tool. In addition, a new Katacoda scenario is now available.

Vault Learning Resources: Vault 1.3 features and more

We are excited to announce the public availability of HashiCorp Vault 1.3. Vault is a tool to provide secrets management, data encryption, and identity management for any infrastructure and application.

Announcing HashiCorp Vault 1.3

This week we're releasing an updated version of the Helm Chart for Vault. The Helm Chart greatly reduces the complexity of running Vault on Kubernetes, and allows for Vault clusters to be up and running in just minutes.

Releasing HashiCorp Vault Helm Chart 0.2.0

As quantum computers grow in power and reliability, we at HashiCorp have been asked a number of questions about how we plan on protecting Vault against quantum threats.

Quantum Security and Cryptography in HashiCorp Vault

We're excited to announce multiple features that deeply integrate HashiCorp Vault with Kubernetes. This post will share the initial set of features that will be released in the coming months.

What's Next for Vault and Kubernetes

Become proficient with new Vault features including the Database Static Roles and Credential Rotation, KMIP Secrets Engine, and Integrated Storage.

Vault Learning Resources: Vault 1.2 Feature Introduction

This week we're releasing an official Helm Chart for Vault. Using the Helm Chart, you can start a Vault cluster running on Kubernetes in just minutes. This Helm chart will also be the primary mechanism for setting up future roadmapped Vault and Kubernetes features. By using the Helm chart, you can greatly reduce the complexity of running Vault on Kubernetes, and it gives you a repeatable deployment process in less time (vs rolling your own).

Announcing the HashiCorp Vault Helm Chart

We are excited to announce the public availability of HashiCorp Vault 1.2. Vault is a tool to provide secrets management, data encryption, and identity management for any infrastructure and application.

Announcing HashiCorp Vault 1.2

HashiCorp will be a sponsor at the AWS re:Inforce conference in Boston happening June 25-26, 2019. In this blog, we explore how HashiCorp Vault helps secure AWS environments using principles from the Cloud Operating Model.

Ahead of re:Inforce: Security in the Cloud Operating Model with AWS and HashiCorp

Become proficient with new Vault features including the Transit Secrets Engine, the OpenID Connect Auth Method, Vault Agent, and Vault Auto-Unseal.

Vault Learning Resources: Transit Secrets Engine, OpenID Connect Auth Method

We are excited to announce the public availability of HashiCorp Vault 1.1. Vault is a tool to provide secrets management, data encryption, and identity management for any infrastructure and application. Vault 1.1 is focused on building a foundation of new infrastructure for delivering a host of advanced platform features for upcoming releases of Vault and Vault Enterprise.

Vault 1.1

Learn to use features of Vault 1.1 including agent caching, replication, auto-unseal, and Kubernetes integration.

Vault Learning Resources: 1.1, Caching, Kubernetes, Unseal, Azure, Replication

Today, HashiCorp announced the formation of a new professional services program for enterprise customers. HashiCorp customers are now able to purchase additional professional services packages as a part of their enterprise agreements. HashiCorp has brought on highly skilled individuals to serve on its “virtual consulting bench” who will deliver these services. The purpose of this blog is to explain why we have decided to start offering professional services and explain more about what the program entails.

Introducing the HashiCorp Professional Services Program

In addition to providing for more rapid deployments, Terraform has features for securing those deployments and lowering risk.This blog will cover the features you can use to improve the security posture of your infrastructure: Sentinel policy as code, Terraform module registry, and HashiCorp Vault integration.

Using Terraform to Improve Infrastructure Security Posture

Learn from hands-on labs to build proficiency with Vault 1.0, auto-unseal, Kubernetes, and other secrets management features.

Vault Learning Resources: 1.0, Auto-unseal, Agent, Kubernetes

In this blog post, we’ll look at practical public key certificate management in Vault, which uses a dynamic secrets approach.

X.509 Certificate Management with Vault

Vault 1.0 is focused on renovating Vault's infrastructure to support high performance, scalable workloads.

HashiCorp Vault 1.0

As a follow-up to the HashiCorp Consul plus Kubernetes blog series, this blog highlights our recent work to provide first-class support for Kubernetes across HashiCorp product line.

Announcing First-Class Kubernetes Support for HashiCorp Products

Today at HashiConf 2018 in San Francisco, we are announcing major updates across our entire suite of open source and enterprise products. Our mission is to allow users to run applications on any infrastructure, cloud or on-premises, using a modern infrastructure as code approach. This blog is a summary of the announcements being made at the event.

HashiCorp Product Announcements at HashiConf 2018

The HashiCorp learn platform is focused on HashiCorp product education for practitioners. The platform is self-guided, so you can follow along at your own pace and schedule. The courses start with beginner introductions and progressively go through intermediate and advanced topics.

Announcing the HashiCorp Learn Platform for HashiCorp Vault

To highlight the growing support for Terraform and Vault, Microsoft invited HashiCorp to participate in a series of technical videos for IT practitioners. Anubhav Mishra, developer advocate for HashiCorp, and Zachary Deptawa, cloud developer advocate for Microsoft, created four videos to introduce and educate users on how these tools work together and what challenges they address.

Microsoft Publishes Video Series on HashiCorp Terraform and Vault

We are excited to announce the release of HashiCorp Vault 0.11! Vault is a security tool for secrets management, data encryption, and identity-based access among other features.

The 0.11 release of Vault delivers new features to streamline the management of tokens for applications and users attempting to access Vault, provide secure multi tenancy for multiple teams and organizations using a single Vault installation, and other features focused on enhancing system performance and automation.