Manage Secrets and Protect Sensitive Data 

Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.

Secure dynamic infrastructure across clouds and environments

The shift from static, on-premise infrastructure to dynamic, multi-provider infrastructure changes the approach to security. Security in static infrastructure relies on dedicated servers, static IP addresses, and a clear network perimeter. Security in dynamic infrastructure is defined by ephemeral applications and servers, trusted sources of user and application identity, and software-based encryption.

Static Infrastructure

Datacenters with inherently high-trust networks with clear network perimeters.

Traditional Approach

  • High trust networks
  • A clear network perimeter
  • Security enforced by IP Address

Dynamic Infrastructure

Multiple clouds and private datacenters without a clear network perimeter.

Vault Approach

  • Low-trust networks in public clouds
  • Unknown network perimeter across clouds
  • Security enforced by Identity

Vault Principles


Use policy to codify, protect, and automate access to secrets

  1. $ curl \
  2. --header "X-Vault-Token: ..." \
  3. --request POST \
  4. --data @payload.json \

Secure with any identity

Seamlessly integrate any trusted identity provider

  • AWS Logo
  • Microsoft Azure Logo
  • Google Cloud  Logo
  • Okta Logo
  • Cloud Foundry Logo
  • Alibaba Cloud Logo
  • SSH Logo
  • Kubernetes Logo
  • GitHub Logo

Extend and integrate

Securely manage secrets and access through a centralized workflow

  • MySQL Logo
  • Cassandra Logo
  • Oracle Logo
  • AWS Logo
  • MongoDB Logo
  • Consul Logo
  • Microsoft SQL Server Logo
  • PostgreSQL Logo
  • Microsoft Azure Logo

Open Source and Enterprise

Vault Open Source addresses the technical complexity of managing secrets by leveraging trusted identities across distributed infrastructure and clouds. Vault Enterprise addresses the organizational complexity of large user bases and compliance requirements with collaboration and governance features.