Command Palette

Search for a command to run...

position in category
#48

Open-source platform for secrets management, encryption as a service, and privileged access management. Securely stores and controls access to tokens, passwords, certificates, and encryption keys through a unified interface exposed via UI, CLI, and HTTP API.

Part of the HashiCorp ecosystem, Vault is widely adopted by enterprises for infrastructure secrets. Differentiates by combining static and dynamic secrets in one system: credentials can be generated on demand with automatic rotation and revocation, reducing blast radius compared to static credential sprawl.

Key capabilities:

  • Key-value secrets engine for storing arbitrary credentials and configuration
  • Database secrets engine that generates short-lived credentials for PostgreSQL, MySQL, MongoDB, and many others
  • Transit secrets engine for encryption as a service, including encrypt and decrypt APIs without storing keys in application code
  • PKI secrets engine for certificate issuance and management
  • Pluggable auth methods and policy engine for fine-grained access control, with integrations for AWS, Kubernetes, LDAP, and OIDC

Teams rely on Vault for application secrets injection in CI/CD and runtime, database credential lifecycle management with automatic rotation, and encrypting sensitive data in transit and at rest. The HTTP API and native SDKs integrate with container orchestration, service meshes, and cloud platforms, fitting into zero-trust and infrastructure-as-code workflows.

GitHub Repositories
8
-11.1%
Trending down this week
Removed in 1 repo