HCP Vault Secrets is now generally available
HCP Vault Secrets is a managed offering of HashiCorp Vault focusing on secrets management for developers that offers key capabilities including secrets sync.
Today at HashiConf, we are pleased to announce the general availability of HCP Vault Secrets, a new software-as-a-service (SaaS) offering of HashiCorp Vault that focuses on secrets management. Released in beta earlier this year, HCP Vault Secrets lets users onboard quickly and is free to get started. The general availability release of HCP Vault Secrets builds on the beta release with production-ready secrets management capabilities, additional secrets sync destinations, and multiple consumption tiers.
During the public beta period, we worked on improvements and additions to HCP Vault Secrets. Focused on secrets management for developers, these additions will help our users to:
- Boost security across clouds and machines: Centralize where secrets are stored and minimize context switching between multiple solutions to reduce the risk of breaches caused by human error.
- Increase productivity: Improve security posture without expending additional time and effort.
- Enhance visibility of secrets activity across teams: Understand when secrets are modified or accessed — including by whom, when, and from where — with advanced filtering and storage.
- Comply with security best practices: Eliminate manual upgrade requirements with fully managed deployment to keep your instance up to date and in line with security best practices.
- Last-mile secrets availability for developers: Centralize secrets in HCP Vault Secrets while syncing secrets to existing platforms and tools so developers can access secrets when and where they need them.
» HCP Vault Secrets expedites secrets management
HCP Vault Secrets is a managed Vault offering focusing on secrets management for developers. It sharpens the focus on secrets management with three key benefits:
- Centralized secrets management
- Secure secrets when and where you need them
- Get up and running in minutes, for free
» Centralized secrets management
HCP Vault Secrets centralizes secrets lifecycle management into one place, so users can avoid secret sprawl and context switching between multiple secrets management solutions. HCP Vault Secrets introduces a new domain model based on the concept of applications, which are used to logically group secrets. This structure lets organizations intuitively map their secrets within HCP Vault Secrets and easily scale to meet the growth of secrets under management, while not compromising on the discoverability of secrets.
» Secure secrets when and where you need them
HCP Vault Secrets offers, for the first time from Vault, the ability to centrally manage secrets and sync them to destinations you may already have in your stack. HCP Vault Secrets improves secrets versioning and access control setup and can ensure secrets are synced across multiple repositories. Currently, three destinations (GitHub Actions, Vercel, and AWS Secrets Manager) are offered, with more slated to be added over time.
In support of today’s release, Lindsey Simon, Vice President of Engineering at Vercel, said, "We are delighted to partner with HashiCorp on the launch of HCP Vault Secrets. Now, Vercel users can quickly and centrally manage their deployment secrets across their local, CI, and Vercel environments while avoiding any drift between them."
Tony Camp, Senior Product Manager at GitHub, said, “By syncing secrets with GitHub Actions, this added functionality to HCP Vault Secrets means users have a centralized management experience without having to compromise security or velocity. This integration expands on our robust partnership with HashiCorp, where together we provide developers and organizations with the tools to build, scale, and deliver secure software.”
Alternatively, users can decide to inject secrets directly into their application runtime as well through the CLI, API, or HashiCorp Terraform, or into Kubernetes via the Vault Secrets Operator.
» Get up and running in minutes, for free
HCP Vault Secrets is a multi-tenant SaaS offering. Instead of running their own secrets management solutions, organizations can rely on HashiCorp to manage the deployment, updates, scale, reliability, security, compliance, and support of HCP Vault Secrets. The solution is always up to date and in line with security best practices, eliminating the time spent managing manual upgrades so it can be reallocated to more strategic projects.
Over the course of the HCP Vault Secrets beta period, we received overwhelmingly positive feedback from more than 4,000 beta participants. During this time we saw more than 7,500 secrets created and millions of secrets read. Thank you to all who participated and shared their feedback, including Alex Fallenstedt, Senior Software Engineer at New Relic, who said, "HCP Vault Secrets makes it easy to get up and running quickly with secrets management. I went from zero secrets management to a secrets wizard in about 30 minutes."
Organizations and individuals can consume HCP Vault Secrets in two ways. You can choose either our always-free tier to manage up to 25 secrets or our Standard paid tier. The Standard tier offers extended capabilities and is priced based on a combination of secrets created and access API operations used. For more detailed pricing information, check out the HashiCorp Vault pricing page.
To get started, sign up for HCP Vault Secrets for free and check out the HCP Vault Secrets documentation on HashiCorp Developer.
Sign up for the latest HashiCorp news
More blog posts like this one
Vault integrations with MongoDB, Private Machines, and walt.id strengthen customer security
Three new HashiCorp Vault ecosystem integrations extend security use cases for customers.
HashiCorp at re:Invent 2024: Security Lifecycle Management with AWS
A recap of HashiCorp security news and developments on AWS from the past year, for your security management playbook.
HCP Vault Dedicated adds secrets sync, cross-region DR, EST PKI, and more
The newest HCP Vault Dedicated 1.18 upgrade includes a range of new features that include expanding DR region coverage, syncing secrets across providers, and adding PKI EST among other key features.