HashiCorp Vault is a tool for securely accessing secrets. It provides a unified interface for managing secrets, encryption keys, and certificates with tight access control and audit logging.
📑 Table of Contents
Key Features
- Dynamic Secrets: Generate secrets on-demand
- Encryption as Service: Transit encryption backend
- Secret Engines: Multiple storage backends
- Authentication: Many auth methods supported
- Audit Logging: Complete access tracking
Installation
Install Vault on Ubuntu:
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install vaultUsage Examples
Vault operations:
# Start dev server
vault server -dev
# Store secret
vault kv put secret/myapp username="admin" password="secret123"
# Read secret
vault kv get secret/myapp
# Enable auth method
vault auth enable userpass
# Create policy
vault policy write myapp-policy - <Benefits
Vault centralizes secret management with enterprise security features. Dynamic secrets and encryption services reduce exposure while audit logging ensures compliance.
Was this article helpful?