Skip to main content
HashiTalks 2025 Learn about unique use cases, homelab setups, and best practices at scale at our 24-hour virtual knowledge sharing event. Register
Demo

Encryption-as-a-Service with Vault's Transit Secret Engine

Learn two methods for integrating Vault's Transit Secrets Engine into your application using the HVAC Python library for code-level integration or through the Vault API with the Requests Python library.

Security and encryption should always be the number one priority when dealing with user data. With the amount of data companies get daily, storing it encrypted should always be the default standard. This prevents anyone, even users handeling the data, the abilty to see any confidential information.

Using Vault's Transit Secrets Engine essentially removes the burden of having to integrate encryption in their code from developers. Developers can now focus on writing quality code and let Vault handle the encryption. Transmit provides multiple types of encryption including AES-256, RSA-4096, etc.

What You'll Learn

This demo will go through standing up the Transit Secrets Engine in Vault and demo a full workflow of how developers can integrate Transit into their code through the HVAC Python Library or directly through the Vault API with the Requests Python Library.

After this session, attendees will have insight on how to incorporate this workflow into their current applications.

Slides and GitHub Repo

Find the slides and demo code for this talk in this GitHub repo

More resources like this one

4/11/2024FAQ

Introduction to HashiCorp Vault

Vault identity diagram
12/28/2023FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

3/14/2023Article

5 best practices for secrets management

2/3/2023Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones