AnnouncementHCP Vault Starter Tier is now available and we're sending HashiCorp Swag to our first 500 sign-ups! Get Started Today!

Advanced Data Protection with Vault

Manage Secrets and Protect Sensitive Data

Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.

The shift to managing secrets and protecting data in dynamic infrastructure

Static Infrastructure

Datacenters with inherently high-trust networks with clear network perimeters.

»Traditional Approach

  • High trust networks
  • A clear network perimeter
  • Security enforced by IP Address

Dynamic Infrastructure

Multiple clouds and private datacenters without a clear network perimeter.

»Vault Approach

  • Low-trust networks in public clouds
  • Unknown network perimeter across clouds
  • Security enforced by Identity

HCP Vault

Available on AWS

HCP Vault provides all of the power and security of Vault, without the complexity and overhead of managing it yourself. Access Vault’s best-in-class secrets management and encryption capabilities instantly and onboard applications and teams easily.

HCP Vault
How Vault Works

How Vault Works

Vault tightly controls access to secrets and encryption keys by authenticating against trusted sources of identity such as Active Directory, LDAP, Kubernetes, CloudFoundry, and cloud platforms. Vault enables fine grained authorization of which users and applications are permitted access to secrets and keys.

Vault Case Study


Using Vault to securely handle 100 trillion transactions

Securing transactions used by millions of people across the world is not a small task. Read how HashiCorp Vault helps secure sensitive information at dramatic scale.

Read Case Study

Companies that trust Vault

  • Adobe Logo
  • Barclays Logo
  • GM Cruise Logo
  • Hulu Logo
  • Vodafone Logo
  • F5 Logo
  • Athena Health Logo
  • Shopify Logo
  • Equifax Logo
  • SAP Ariba Logo
  • AstraZeneca Logo
  • Tractor Supply Co Logo

Vault Principles

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
$ curl \    --header "X-Vault-Token: ..." \    --request POST \    --data @payload.json \

API Driven

Enable automation and CI/CD use cases while enabling policy to codify, protect, and govern access to secrets.

Microsoft Azure
Google Cloud
Alibaba Cloud

Secure with any Identity

Leverage any trusted identity provider, such as cloud IAM platforms, Kubernetes, Active Directory, to authenticate into Vault. Identity is scale independent, unlike IP addresses, which require complex firewall rules and frequent updates.

Microsoft Azure

Extend and Integrate

Request secrets for any system through one consistent, audited, and secured workflow. Vault supports public clouds and private datacenters, and a broad range of endpoint systems including databases, cloud platforms, messaging queues, SSH, and more.

Vault Open Source and Enterprise Features

Learn more about secrets management and data protection features with Vault Open Source and collaboration, governance, and multi-datacenter features with Vault Enterprise.