96 lines
3.5 KiB
Plaintext
96 lines
3.5 KiB
Plaintext
<%= partial "layouts/sidebar" %>
|
|
|
|
<div id="demo-app"></div>
|
|
|
|
<div id="container" class="col-md-offset-3 col-md-6 col-sm-offset-2 col-sm-8">
|
|
<div class="row">
|
|
<img src="<%= image_path("logo-text.svg") %>" alt="Vault" height="80">
|
|
<span id="tag-line">A tool for managing secrets</span>
|
|
|
|
<div>
|
|
<a class="v-btn blue lrg started" href="/intro">Get Started</a>
|
|
<a class="v-btn black lrg terminal" href="/#/demo/0">Launch Interactive Tutorial</a>
|
|
</div>
|
|
|
|
<div id="diagram"></div>
|
|
|
|
<p>
|
|
<strong>Vault</strong> secures, stores, and tightly
|
|
controls access to tokens, passwords, certificates, API keys,
|
|
and other secrets in modern computing. Vault handles leasing,
|
|
key revocation, key rolling, and auditing. Through a unified
|
|
API, users can access an encrypted Key/Value store and network
|
|
encryption-as-a-service, or generate AWS IAM/STS credentials,
|
|
SQL/NoSQL databases, X.509 certificates, SSH credentials, and
|
|
more.
|
|
</p>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<h2 class="features-header">Features</h2>
|
|
|
|
<div id="crud" class="feature">
|
|
<div class="graphic"></div>
|
|
<h3 class="feature-header">Secret Storage</h3>
|
|
<p>
|
|
Vault can store your existing secrets, or it can
|
|
dynamically generate new secrets to control access to
|
|
third-party resources or provide time-limited credentials
|
|
for your infrastructure. All data that Vault stores is
|
|
encrypted. Any dynamically-generated secrets are associated
|
|
with leases, and Vault will automatically revoke these
|
|
secrets after the lease period ends. Access control
|
|
policies provide strict control over who can access what
|
|
secrets.
|
|
</p>
|
|
<div class="feature-footer">
|
|
<a class="v-btn black sml" href="/intro/use-cases.html">Learn more</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<div id="key" class="feature">
|
|
<div class="graphic"></div>
|
|
<h3 class="feature-header">Key Rolling</h3>
|
|
<p>
|
|
Secrets you store within Vault can be updated at any time.
|
|
If using Vault's encryption-as-a-service functionality, the
|
|
keys used can be rolled to a new key version at any time,
|
|
while retaining the ability to decrypt values encrypted
|
|
with past key versions. For dynamically-generated secrets,
|
|
configurable maximum lease lifetimes ensure that key
|
|
rolling is easy to enforce.
|
|
</p>
|
|
<div class="feature-footer">
|
|
<a class="v-btn black sml" href="/docs/concepts/lease.html">Learn more</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<div id="audit" class="feature">
|
|
<div class="graphic"></div>
|
|
<h3 class="feature-header">Audit Logs</h3>
|
|
<p>
|
|
Vault stores a detailed audit log of all authenticated
|
|
client interaction: authentication, token creation, secret
|
|
access, secret revocation, and more. Audit logs can be sent
|
|
to multiple backends to ensure redundant copies. Paired
|
|
with Vault's strict leasing policies, operators can easily
|
|
trace the lifetime and origin of any secret.
|
|
</p>
|
|
<div class="feature-footer">
|
|
<a class="v-btn black sml" href="/docs/audit/index.html">Learn more</a>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row">
|
|
<div id="cta">
|
|
<a class="v-btn black sml" href="/intro/index.html">Get Started with Vault</a>
|
|
<p class="cta-black">Completely free and open source.</p>
|
|
</div>
|
|
</div>
|
|
</div>
|