Use cases

Automate and secure access to secrets, data, and systems across your network

Centrally store, access, and distribute secrets

Vault helps platform and security teams eliminate secrets sprawl by centrally storing, accessing, rotating, and distributing dynamic secrets such as tokens, passwords, certificates, and encryption keys. By centralizing secrets management workflows users can increase security across their environment and reduce operational overhead. With secrets management from Vault, organizations can:  

  • Securely inject secrets into applications

  • Sync secrets workflows across Kubernetes, databases, and cloud providers

  • Set expiration policies and automate rotation workflows for secrets

For customers interested in quickly standing up secrets management in a SaaS environment, check out HCP Vault Secrets, now in beta

Get up to speed

Start learning the basics and see what Vault can make possible for your projects.


Further your Vault knowledge and learn how to use Vault to centrally store, access, and deploy secrets.

Secrets storage

Securely store and manage access to secrets and systems based on trusted sources of application and user identity.

Dynamic secrets

Generate time-based access credentials dynamically based on policies and revoke access when the lease expires.

Automate credential rotation

Reduce risk of secret exposure by automating how long secrets live and rotating secrets across your entire fleet.

Encryption key rolling

Automatically update and rotate encryption keys without code changes, configuration updates, or re-deploys.


Understand the main concepts of Vault, what problems it can solve, and how to get going quickly.

KV secrets engine

A generic Key-Value store used to store arbitrary secrets within the configured physical storage for Vault.

Database credentials

Generate database credentials dynamically based on configured roles.

Kubernetes secrets

Deploy Vault into Kubernetes using the official HashiCorp Vault Helm chart.

Transit secrets engine

Apply cryptographic functions on data in-transit. Sign and verify data, generate hashes and HMACs of data, and act as a source of random bytes.

Next steps

Vault simplifies cloud security automation on fully managed infrastructure. Get started for free, and pay only for what you use.