open-vault/website/source/guides/secret-mgmt/index.html.md

52 lines
2.3 KiB
Markdown
Raw Normal View History

---
layout: "guides"
2018-02-01 17:50:59 +00:00
page_title: "Secrets Management - Guides"
New Docs Website (#5535) * conversion stage 1 * correct image paths * add sidebar title to frontmatter * docs/concepts and docs/internals * configuration docs and multi-level nav corrections * commands docs, index file corrections, small item nav correction * secrets converted * auth * add enterprise and agent docs * add extra dividers * secret section, wip * correct sidebar nav title in front matter for apu section, start working on api items * auth and backend, a couple directory structure fixes * remove old docs * intro side nav converted * reset sidebar styles, add hashi-global-styles * basic styling for nav sidebar * folder collapse functionality * patch up border length on last list item * wip restructure for content component * taking middleman hacking to the extreme, but its working * small css fix * add new mega nav * fix a small mistake from the rebase * fix a content resolution issue with middleman * title a couple missing docs pages * update deps, remove temporary markup * community page * footer to layout, community page css adjustments * wip downloads page * deps updated, downloads page ready * fix community page * homepage progress * add components, adjust spacing * docs and api landing pages * a bunch of fixes, add docs and api landing pages * update deps, add deploy scripts * add readme note * update deploy command * overview page, index title * Update doc fields Note this still requires the link fields to be populated -- this is solely related to copy on the description fields * Update api_basic_categories.yml Updated API category descriptions. Like the document descriptions you'll still need to update the link headers to the proper target pages. * Add bottom hero, adjust CSS, responsive friendly * Add mega nav title * homepage adjustments, asset boosts * small fixes * docs page styling fixes * meganav title * some category link corrections * Update API categories page updated to reflect the second level headings for api categories * Update docs_detailed_categories.yml Updated to represent the existing docs structure * Update docs_detailed_categories.yml * docs page data fix, extra operator page remove * api data fix * fix makefile * update deps, add product subnav to docs and api landing pages * Rearrange non-hands-on guides to _docs_ Since there is no place for these on learn.hashicorp, we'll put them under _docs_. * WIP Redirects for guides to docs * content and component updates * font weight hotfix, redirects * fix guides and intro sidenavs * fix some redirects * small style tweaks * Redirects to learn and internally to docs * Remove redirect to `/vault` * Remove `.html` from destination on redirects * fix incorrect index redirect * final touchups * address feedback from michell for makefile and product downloads
2018-10-19 15:40:11 +00:00
sidebar_title: "Secrets Management"
sidebar_current: "guides-secret-mgmt"
description: |-
A very common use case of Vault is to manage your organization's secrets from
storing credentials and API keys to encrypting passwords for user signups.
Vault is meant to be a solution for all secret management needs.
---
2018-02-01 17:50:59 +00:00
# Secrets Management
Vault is a tool for securely accessing secrets. A secret is anything that you
want to tightly control access to, such as API keys, passwords, certificates,
and more. Vault provides a unified interface to any secret while providing
tight access control and recording a detailed audit log.
2018-02-01 17:50:59 +00:00
Secrets Management guides demonstrate features in Vault to securely store your
secrets.
- [Static Secrets](/guides/secret-mgmt/static-secrets.html) guide walks you
through the steps to write secrets in Vault, and control who can access them.
- [Versioned KV Secret Engine](/guides/secret-mgmt/versioned-kv.html) guide
demonstrates the secret versioning capabilities provided by KV Secret Engine v2.
- [Secret as a Service: Dynamic Secrets](/guides/secret-mgmt/dynamic-secrets.html)
guide demonstrates the Vault feature to generate database credentials
on-demand so that each application or system can obtain its own credentials,
and its permissions can be tightly controlled.
- [Database Root Credential Rotation](/guides/secret-mgmt/db-root-rotation.html)
guide walks you through the steps to enable the rotation of the database root
credentials for those managed by Vault.
- [Cubbyhole Response Wrapping](/guides/secret-mgmt/cubbyhole.html) guide
demonstrates a secure method to distribute secrets by wrapping them where only
the expecting client can unwrap.
- [One-Time SSH Password](/guides/secret-mgmt/ssh-otp.html) guide demonstrates
the use of SSH secrets engine to generate a one-time password (OTP) every time a
client wants to SSH into a remote host.
- [Build Your Own Certificate Authority](/guides/secret-mgmt/pki-engine.html)
guide walks you through the use of the PKI secrets engine to generate dynamic
X.509 certificates.
- [Direct Application Integration](/guides/secret-mgmt/app-integration.html)
guide demonstrates the usage of _Consul Template_ and _Envconsul_ tool to
retrieve secrets from Vault with no or minimum code change to your applications.