HCP Vault Dedicated is a fully managed secrets management solution that organizations rely on for authentication, dynamic secrets, and encryption workflows. As a core piece of security infrastructure, the cost of downtime is too high to leave recovery to chance. HCP Vault Dedicated already supports regional disaster recovery (DR) to protect against large-scale infrastructure outages, but cluster-specific incidents require a different kind of readiness.
Today, we’re introducing cluster disaster recovery (cluster DR) in public preview, available as a support-enabled feature for HCP Vault Dedicated customers. This capability adds a critical new layer of resilience by enabling cluster-level failover and DR testing, so teams can rehearse incident response before real outages occur.
»Extending recovery beyond regional failures
Regional DR protects against failures like cloud provider outages, regional networking disruptions, and large-scale infrastructure incidents. However, it still assumes that the Vault cluster remains healthy. Cluster DR complements that model by focusing on cluster-level continuity and operational recovery drills. This lets teams intentionally test failover behavior for Vault-cluster-specific scenarios and verify runbooks, recovery coordination, and service continuity under controlled conditions.
»Cluster DR enables operational resilience
Cluster DR allows teams to fail over an individual Vault cluster even when the primary region remains available. During the public preview, the feature is available for production-tier clusters with DR enabled. Customers can request failover and failback through HashiCorp support. Requests submitted within 16 hours of the incident are routed to the on-call Vault team, which will perform the operation and help validate the recovery workflow.
»Support security response workflows
When teams detect a potential compromise, recovery actions often need to happen quickly. Cluster DR enables them to isolate the affected cluster, promote the DR secondary cluster, and restore service continuity in a controlled environment.
This provides a recovery option for cluster-level security events that regional DR alone was not designed to address.
»Supporting enterprise hybrid cloud operations
Enterprises that operate across hybrid and multi-cloud environments depend on Vault as a critical control plane for security and application delivery. Vault enables authentication, issues dynamic secrets, and powers encryption services across modern application environments.
When Vault is unavailable, teams don’t just lose access to secrets — they risk halting deployments, breaking service connectivity, and disrupting production workloads.
Cluster DR helps enterprises:
Maintain continuous access to secrets and authentication services
Reduce operational risk during upgrades and configuration changes
Minimize downtime across distributed environments
Strengthen resilience across complex hybrid and multi-cloud systems
In complex hybrid environments, teams must design for both infrastructure-level and service-level failures. Cluster DR ensures they can handle both.
»Combining cluster DR with regional DR
Teams achieve the strongest resilience by combining both recovery strategies. Regional DR protects where Vault runs. Cluster DR protects how Vault operates.
Together, these approaches ensure that teams can respond effectively to infrastructure outages and application-level failures without compromising availability.
»Prepare for a broader range of failure scenarios
As enterprises scale their use of Vault, they must address the reality that most disruptions originate from software, operational, or security issues, not full regional outages.
Cluster DR empowers teams to respond to these challenges directly, giving them confidence that their secrets platform can withstand failures in both infrastructure and application layers.
»Get started with the public preview
Cluster DR is now offered as a public preview feature for HCP Vault Dedicated customers. To ensure a smooth rollout and gather meaningful feedback, we’re making it available as a support-enabled feature.
To request a failover test, submit a support ticket with:
· Cluster details (name, organization ID)
· Failover window (within 16 hours)
The Vault team will support the failover and failback process.
This collaborative rollout ensures teams can adopt cluster DR with confidence while helping us refine the experience.
To join the public preview, contact the support team and start strengthening your HCP Vault Dedicated resilience strategy today.
