open-vault/website/source/index.html.erb
2017-03-08 11:07:20 -08:00

96 lines
3.5 KiB
Plaintext

<%= partial "layouts/sidebar" %>
<div id="demo-app"></div>
<div id="container" class="col-md-offset-3 col-md-6 col-sm-offset-2 col-sm-8">
<div class="row">
<img src="<%= image_path("logo-text.svg") %>" alt="Vault" height="80">
<span id="tag-line">A tool for managing secrets</span>
<div>
<a class="v-btn blue lrg started" href="/intro">Get Started</a>
<a class="v-btn black lrg terminal" href="/#/demo/0">Launch Interactive Tutorial</a>
</div>
<div id="diagram"></div>
<p>
<strong>Vault</strong> secures, stores, and tightly
controls access to tokens, passwords, certificates, API keys,
and other secrets in modern computing. Vault handles leasing,
key revocation, key rolling, and auditing. Through a unified
API, users can access an encrypted Key/Value store and network
encryption-as-a-service, or generate AWS IAM/STS credentials,
SQL/NoSQL databases, X.509 certificates, SSH credentials, and
more.
</p>
</div>
<div class="row">
<h2 class="features-header">Features</h2>
<div id="crud" class="feature">
<div class="graphic"></div>
<h3 class="feature-header">Secret Storage</h3>
<p>
Vault can store your existing secrets, or it can
dynamically generate new secrets to control access to
third-party resources or provide time-limited credentials
for your infrastructure. All data that Vault stores is
encrypted. Any dynamically-generated secrets are associated
with leases, and Vault will automatically revoke these
secrets after the lease period ends. Access control
policies provide strict control over who can access what
secrets.
</p>
<div class="feature-footer">
<a class="v-btn black sml" href="/intro/use-cases.html">Learn more</a>
</div>
</div>
</div>
<div class="row">
<div id="key" class="feature">
<div class="graphic"></div>
<h3 class="feature-header">Key Rolling</h3>
<p>
Secrets you store within Vault can be updated at any time.
If using Vault's encryption-as-a-service functionality, the
keys used can be rolled to a new key version at any time,
while retaining the ability to decrypt values encrypted
with past key versions. For dynamically-generated secrets,
configurable maximum lease lifetimes ensure that key
rolling is easy to enforce.
</p>
<div class="feature-footer">
<a class="v-btn black sml" href="/docs/concepts/lease.html">Learn more</a>
</div>
</div>
</div>
<div class="row">
<div id="audit" class="feature">
<div class="graphic"></div>
<h3 class="feature-header">Audit Logs</h3>
<p>
Vault stores a detailed audit log of all authenticated
client interaction: authentication, token creation, secret
access, secret revocation, and more. Audit logs can be sent
to multiple backends to ensure redundant copies. Paired
with Vault's strict leasing policies, operators can easily
trace the lifetime and origin of any secret.
</p>
<div class="feature-footer">
<a class="v-btn black sml" href="/docs/audit/index.html">Learn more</a>
</div>
</div>
</div>
<div class="row">
<div id="cta">
<a class="v-btn black sml" href="/intro/index.html">Get Started with Vault</a>
<p class="cta-black">Completely free and open source.</p>
</div>
</div>
</div>