130 lines
4.4 KiB
Plaintext
130 lines
4.4 KiB
Plaintext
---
|
|
description: |-
|
|
Vault secures, stores, and tightly controls access to tokens, passwords,
|
|
certificates, API keys, and other secrets in modern computing. Vault handles
|
|
leasing, key revocation, key rolling, auditing, and provides secrets as a
|
|
service through a unified API.
|
|
---
|
|
|
|
<%= partial "layouts/sidebar" %>
|
|
|
|
<div id="demo-app"></div>
|
|
|
|
<div id="container" class="col-md-offset-3 col-md-6 col-sm-offset-2 col-sm-8">
|
|
<div class="row">
|
|
<%= inline_svg "logo-hashicorp.svg", height: 120, class: "logo" %>
|
|
<span id="tag-line">A Tool for Managing Secrets</span>
|
|
|
|
<div>
|
|
<a class="button primary started" href="/intro">Get Started</a>
|
|
<a class="button terminal" href="/#/demo/0" data-turbolinks="false">Launch Interactive Tutorial</a>
|
|
</div>
|
|
|
|
<div id="diagram"></div>
|
|
|
|
<p>
|
|
<strong>HashiCorp Vault</strong> secures, stores, and tightly
|
|
controls access to tokens, passwords, certificates, API keys,
|
|
and other secrets in modern computing. Vault handles leasing,
|
|
key revocation, key rolling, and auditing. Through a unified
|
|
API, users can access an encrypted Key/Value store and network
|
|
encryption-as-a-service, or generate AWS IAM/STS credentials,
|
|
SQL/NoSQL databases, X.509 certificates, SSH credentials, and
|
|
more.
|
|
</p>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<h2 class="features-header">Features</h2>
|
|
|
|
<div id="crud" class="feature">
|
|
<div class="graphic"></div>
|
|
<h3 class="feature-header">Secret Storage</h3>
|
|
<p>
|
|
Vault can store your existing secrets, or it can
|
|
dynamically generate new secrets to control access to
|
|
third-party resources or provide time-limited credentials
|
|
for your infrastructure. All data that Vault stores is
|
|
encrypted. Any dynamically-generated secrets are associated
|
|
with leases, and Vault will automatically revoke these
|
|
secrets after the lease period ends. Access control
|
|
policies provide strict control over who can access what
|
|
secrets.
|
|
</p>
|
|
<div class="feature-footer">
|
|
<a class="button" href="/intro/use-cases.html">Learn more</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<div id="key" class="feature">
|
|
<div class="graphic"></div>
|
|
<h3 class="feature-header">Key Rolling</h3>
|
|
<p>
|
|
Secrets you store within Vault can be updated at any time.
|
|
If using Vault's encryption-as-a-service functionality, the
|
|
keys used can be rolled to a new key version at any time,
|
|
while retaining the ability to decrypt values encrypted
|
|
with past key versions. For dynamically-generated secrets,
|
|
configurable maximum lease lifetimes ensure that key
|
|
rolling is easy to enforce.
|
|
</p>
|
|
<div class="feature-footer">
|
|
<a class="button" href="/docs/concepts/lease.html">Learn more</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<div id="audit" class="feature">
|
|
<div class="graphic"></div>
|
|
<h3 class="feature-header">Audit Logs</h3>
|
|
<p>
|
|
Vault stores a detailed audit log of all authenticated
|
|
client interaction: authentication, token creation, secret
|
|
access, secret revocation, and more. Audit logs can be sent
|
|
to multiple backends to ensure redundant copies. Paired
|
|
with Vault's strict leasing policies, operators can easily
|
|
trace the lifetime and origin of any secret.
|
|
</p>
|
|
<div class="feature-footer">
|
|
<a class="button" href="/docs/audit/index.html">Learn more</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<div id="cta">
|
|
<a class="button" href="/intro/index.html">Get Started with Vault</a>
|
|
<p class="cta-black">Completely free and open source.</p>
|
|
</div>
|
|
</div>
|
|
|
|
<div id="latest-announcement" class="row">
|
|
<div class="col-sm-12">
|
|
<h2>Latest Vault News</h2>
|
|
</div>
|
|
|
|
<div class="col-sm-12">
|
|
<% data.news.posts.each do |post| %>
|
|
<div class="latest-item">
|
|
<%= post.media_html %>
|
|
<h3><%= post.title %></h3>
|
|
<%= simple_format post.body %>
|
|
<% if post.link_url %>
|
|
<div class="latest-footer">
|
|
<a class="button" href="<%= post.link_url %>" target="_blank"><%= post.link_text || data.news.default_link_text %></a>
|
|
</div>
|
|
<% end %>
|
|
</div>
|
|
<% end %>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<% content_for(:scripts) do %>
|
|
<%= javascript_include_tag "demo-app" %>
|
|
<% end %>
|