Use cases

HashiCorp Vault brokers identity across your ecosystem to automate secure access to secrets, data, and systems.

Let Vault do the work

Create and secure access to tokens, passwords, certificates, and encryption keys.

Use Vault and Kubernetes to securely inject secrets into your application stack

Vault provides a variety of options for leveraging Kubernetes to securely introduce secrets into applications and infrastructure. Instead of sharing credentials and tokens across pods and services, Vault allows each service to uniquely authenticate and request its own unique credentials.

Get up to speed

Start learning the basics and see what Vault can make possible for your projects.


Further your Vault knowledge and learn how to use Vault to centrally store, access, and deploy secrets.

Secrets storage

Securely store and manage access to secrets and systems based on trusted sources of application and user identity.

Dynamic secrets

Generate time-based access credentials dynamically based on policies and revoke access when the lease expires.

Automate credential rotation

Reduce risk of secret exposure by automating how long secrets live and rotating secrets across your entire fleet.

Encryption key rolling

Automatically update and rotate encryption keys without code changes, configuration updates, or re-deploys.


Understand the main concepts of Vault, what problems it can solve, and how to get going quickly.

KV secrets engine

A generic Key-Value store used to store arbitrary secrets within the configured physical storage for Vault.

Database credentials

Generate database credentials dynamically based on configured roles.

Kubernetes secrets

Deploy Vault into Kubernetes using the official HashiCorp Vault Helm chart.

Transit secrets engine

Apply cryptographic functions on data in-transit. Sign and verify data, generate hashes and HMACs of data, and act as a source of random bytes.

Next steps

Vault simplifies cloud security automation on fully managed infrastructure. Get started for free, and pay only for what you use.