Centrally store, access, and distribute dynamic secrets such as tokens, passwords, certificates, and encryption keys
Advanced Data Protection with Vault
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.
Datacenters with inherently high-trust networks with clear network perimeters.
Multiple clouds and private datacenters without a clear network perimeter.
Vault tightly controls access to secrets and encryption keys by authenticating against trusted sources of identity such as Active Directory, LDAP, Kubernetes, CloudFoundry, and cloud platforms. Vault enables fine grained authorization of which users and applications are permitted access to secrets and keys.
Enable automation and CI/CD use cases while enabling policy to codify, protect, and govern access to secrets.
- $ curl \
- --header "X-Vault-Token: ..." \
- --request POST \
- --data @payload.json \
Leverage any trusted identity provider, such as cloud IAM platforms, Kubernetes, Active Directory, to authenticate into Vault. Identity is scale independent, unlike IP addresses, which require complex firewall rules and frequent updates.
Request secrets for any system through one consistent, audited, and secured workflow. Vault supports public clouds and private datacenters, and a broad range of endpoint systems including databases, cloud platforms, messaging queues, SSH, and more.