A common request we’ve had with HashiCorp Vault Enterprise is to protect application secrets stored in external untrusted or semi-trusted systems. The result of these efforts is called Transform.
Get hands on using this learn Guide with Vault Enterprise’s Transform secrets engine which handles secure data transformation and tokenization against the provided secrets.
The Transform secrets engine handles secure data transformation and tokenization against provided input value. Transformation methods may encompass NIST vetted cryptographic standards FF3-1, but can also be masking.
Vault 1.4 introduced a new feature called Transform. Transform is a Secrets Engine that allows Vault to encode and decode sensitive values residing in external systems such as databases or file systems.
In this brief we’ll explain how Transform allows Vault to encode and decode sensitive values residing in external systems such as databases or file systems.
Walk through a step-by-step Hands on Lab using the Transform secrets engine. You’ll learn how to set it up, and learn the basics of using Transform to do transformations.
Want to learn the difference between the Transform Secrets Engine and the Transit Secrets Engine? We’ll outline what it is, when to use it, and why it’s different from existing engines. We’ll also give you a quick demo to see it in action.
This is a recording of the HashiCorp Vault product announcement live stream. You’ll see a deep-dive and demonstration of the new features including the Transform Secret Engine.
This post shows you how to implement Transform secrets into a simple API; source code is provided for both the Java and Go programming languages.
Vault Open Source addresses the technical complexity of managing secrets by leveraging trusted identities across distributed infrastructure and clouds.