Skip to main content
TrustRadius
HashiCorp Vault

HashiCorp Vault

Overview

What is HashiCorp Vault?

HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.

Read more
Recent Reviews

One of a Kind

10 out of 10
January 21, 2019
Incentivized
We have looked into HashiCorp Vault as a solution to generate, store, and manage secrets in a container-oriented production platform. …
Continue reading
Read all reviews
Return to navigation

Pricing

View all pricing

Cloud - HCP Vault

$0.03/hr

Cloud

Open Source

Free

Cloud

Enterprise

Contact sales team

Cloud

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.hashicorp.com/products/vaul…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Details

What is HashiCorp Vault?

HashiCorp Vault is an identity-based secrets and encryption management system. A secret is anything that one wants to tightly control access to, such as API encryption keys, passwords, and certificates.

Vault provides encryption services that are gated by authentication and authorization methods. Using Vault’s UI, CLI, or HTTP API, access to secrets and other sensitive data can be securely stored and managed, tightly controlled (restricted), and auditable.

HashiCorp Vault Features

  • Supported: Secrets Management
  • Supported: Database Credential Rotation
  • Supported: Advanced Data Protection

HashiCorp Vault Screenshots

Screenshot of Example of writing a secret to Vault. Secrets are always encrypted and written to backend storage. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-first-secretScreenshot of Secrets menu to manage integrated secrets engines. Secrets Engines are components which store, generate, or encrypt data and are enabled at a path in Vault. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-uiScreenshot of Vault identity has support for groups. A group can contain multiple entities as its members. A group can also have subgroups. To learn more: https://developer.hashicorp.com/vault/docs/concepts/identityScreenshot of HCP Vault provides all of the power and security of Vault, without the complexity and overhead of managing it yourself. To learn more:  https://cloud.hashicorp.com/products/vaultScreenshot of View entity client and non-entity client counts.Screenshot of MFA is built on top of the Identity system of Vault. To learn more: https://developer.hashicorp.com/vault/docs/auth/login-mfa

HashiCorp Vault Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.

CyberArk Privileged Access Management, ARCON PAM, and Delinea Secret Server are common alternatives for HashiCorp Vault.

Reviewers rate Support Rating highest, with a score of 6.3.

The most common users of HashiCorp Vault are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(19)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Users have made a few common recommendations based on their experiences with Vault.

Firstly, they recommend defining roles and policies at the beginning of the setup process. This helps save time and ensures cost-effectiveness by clearly establishing access levels and permissions.

Secondly, users advise investing time in careful planning before going into production with Vault. This includes defining paths, naming conventions, and policies to streamline the implementation process and prevent potential issues.

Lastly, users emphasize the importance of exploring learning resources such as documentation, user groups, and other knowledge-sharing platforms. These resources offer valuable insights into best practices, troubleshooting tips, and real-world use cases.

Overall, users believe that while Vault is a comprehensive and powerful tool, it may require some initial effort in terms of setup and planning. They also mention that additional user features could further improve its competitiveness. However, users encourage others to research and evaluate Vault for its affordability and data security benefits, as they believe it won't disappoint.

Attribute Ratings

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
Incentivized
HashiCorp Vault is our go-to for secrets management in our cloud implementation. Having used many other HashiCorp products, it was easy enough for us to translate that into the use of Vault. We also use it in a limited capacity with Chef, used in conjunction with encrypted data bags. HashiCorp Vault has allowed us to securely use secrets across applications without the need to expose those secrets. It has also made it easier to implement sane key rotation and achieve automation.
  • HashiCorp Vault manages secrets extremely well.
  • It works well as a cloud-agnostic or multi-cloud solution.
  • HashiCorp Vault works extremely well with other HashiCorp products.
  • Vault integrates with other systems very well because everything is API driven.
  • It doesn't have an interface. This isn't entirely bad because of the purpose it serves, but it does make the barrier to entry a little difficult.
  • Unlike many other HashiCorp products, the documentation feels like it leaves some steps out. Step by step documentation lowers the barriers to entry a little bit, and going through even the installation documentation and setup leaves a little bit of the caveats out.
  • It needs a fair bit of supporting infrastructure. You cannot just have a Vault instance. Having a HashiCorp Vault instance means also having a consul cluster for the backend.
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
I'm rating this a 7 purely because of the barriers to entry with a lack of a user interface. This makes it more difficult to pick up and go because you have to understand how to interact with it via terminal. This is not a huge problem to most, but there will always be those that are simply more comfortable operating with a user interface. Their command-line interface is great, and once you get the hang of it it's relatively straight forward. It's just getting there that's a little bit of a speed bump.
HashiCorp is very responsive on GitHub if you have issues with their products. They also have a very active community. For actual HashiCorp support though, I do not have enough information to give them a solid rating. Historically, pricing has been a concern with HashiCorp support (their paid plan is a bit on the higher end of pricing), so there haven't been any scenarios where I've interacted with them as a whole outside of community channels. Simply having a well versed and accessible community goes a long way for support though as they are a great avenue.
As mentioned before, HashiCorp Vault really is the best in its class. Having used other secrets management tools, HashiCorp has really made Vault the easiest to use in a cross-compatibility function, in a multi-cloud/hybrid environment, and in multiple fashions. Many other tools simply solve a single problem (like encrypted data bags within Chef) but do not help with cross-application compatibility. Using HashiCorp Vault, it's easy to integrate everything through it so you do not have any secrets being exposed. It also gives you a single standardized process so there isn't much guesswork. That alone can aid in making your environment more secure.
Users are all technical, spanning both development and operations teams. Because we're using HashiCorp Vault as a defacto standard for secrets management, it has been critical ensuring everyone that is in a technical role is up to speed on how to use this tool.
Each team that uses HashiCorp manages their own instance, with a centralized instance being supported as well for cross-team secrets. That requires all teams that are using secrets to have the knowledge and understand of how to administer the tool. As we ensure everything is automated, that has made maintenance of Vault instances much easier, but everyone still needs to know how to do it. In order to administer this tool, in particular, you have to understand how not only Vault works, but how Consul works as well because ultimately you will be maintaining a Consul cluster if you follow HashiCorp's supported set up and recommendations.
  • Secrets Mangement
  • Key Rotation
  • Security
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
Return to navigation