Announcing Vault on the HashiCorp Cloud Platform
Try HashiCorp Vault as a managed cloud service by signing up for the HCP Vault private beta.
We are excited to announce the private beta for HashiCorp Vault running on the HashiCorp Cloud Platform (HCP), which is a fully managed cloud offering to automate the deployment of HashiCorp products. HCP Vault allows organizations to get up and running quickly, providing immediate access to Vault’s best-in-class secrets management and encryption capabilities, with the platform providing the resilience and operational excellence needed so you do not have to manage Vault yourself
HashiCorp products are used and operated by many community members and customers, but managing cluster health and performing day-to-day monitoring, scaling, backups, and the like, can still be complicated and costly. HCP Vault enables a team to manage secrets and protect sensitive data in the cloud faster with fewer resources in order to meet today’s challenges.
» HCP Vault on AWS
HCP Vault is available on the platform today for private beta access. HCP Vault currently supports AWS running in us-west-2, and will support additional regions as well as cloud providers in the future. We are currently onboarding customers and community members into the private beta to provide valuable feedback on how they would use a managed offering of HashiCorp Vault. If you would like to join the beta program, please sign up for early access.
As a fully managed service, HCP Vault is the easiest way to secure, store, and tightly control access to tokens, passwords, certificates, encryption keys, and other sensitive data. HCP Vault also enables secure networking for workloads across EKS, EC2, AWS Lambda, and many other AWS services.
» Push-Button Deployments
During the private beta, HCP Vault enables a user to deploy a dedicated, highly available cluster running Vault Enterprise, for automatically getting applications up and running in the cloud quickly. HCP Vault clusters are created within a network and compute environment that is isolated on a per-customer basis. While only one cluster size is available during the private beta, additional configurations will be made available shortly, including those meant to handle scaled-out workloads, and smaller developer services.
Once the Vault cluster is deployed by HCP, customers can interact with it using a generated admin level token. Once the token is generated, Vault will work similarly to a normal customer-managed version of Vault. The same binaries are used in HCP as are available in the Enterprise version.
» Fully-Managed Infrastructure
After the initial deployment, your Vault cluster is fully managed by HashiCorp. We look after the overall health, backups, monitoring, and a host of other operational tasks, all of which are handled in the background by the engineering teams that build and maintain the core Vault product. This enables customers to focus on supporting their cloud-native applications that depend on HCP Vault rather than on operating Vault itself. Operational issues can be resolved efficiently since logs, telemetry, and debug information are all readily available to operators, avoiding the back-and-forth required for customer-managed deployments. Cloud provider maintenance events that often cause virtual machines to be decommissioned are also automatically dealt with on the customer’s behalf.
» Multi-Cloud Flexibility
HCP Vault also enables a customer to standardize on a unified workflow and a single set of APIs to deploy against. A key component of the HashiCorp Cloud Platform is the HashiCorp Virtual Network (HVN), which offers a common abstraction across cloud providers around an isolated single-tenant network. Each HVN can have multiple services deployed within it, and enable customers to establish direct network peering arrangements. In the future, the HVN mechanism will also enable peering across cloud providers and cross-provider clustering for our products.
Each HCP Organization (i.e. tenant) is isolated into a separate AWS account. HCP then deploys a single tenant VPC for each HashiCorp Virtual Network (HVN). All HCP resources are deployed into that HVN, which ensures tenant isolation.
» Next Steps
We are excited to be launching HCP Vault into private beta and delivering this fully managed cloud offering to automate the deployment of HashiCorp Vault is a significant milestone. We are now onboarding beta users and if you want to participate, please sign up for early access.
Sign up for the latest HashiCorp news
More blog posts like this one
Fix the developers vs. security conflict by shifting further left
Resolve the friction between dev and security teams with platform-led workflows that make cloud security seamless and scalable.
HashiCorp at AWS re:Invent: Your blueprint to cloud success
If you’re attending AWS re:Invent in Las Vegas, Dec. 2 - Dec. 6th, visit us for breakout sessions, expert talks, and product demos to learn how to take a unified approach to Infrastructure and Security Lifecycle Management.
HCP Vault Secrets adds enterprise capabilities for auto-rotation, dynamic secrets, and more
HCP Vault Secrets focuses on making a fast and easy path for secure development with key new features including auto-rotation (GA), dynamic secrets (beta), a new secret sync destination, and more.