quickstart-hashicorp-vault
HashiCorp Vault on the AWS Cloud
Vault version: 1.4
HashiCorp Vault is a product that centrally secures, stores and controls access to tokens, passwords, certificates, and encryption keys through a UI, CLI, or an HTTP API. Vault’s core use cases include:
- Secrets management: Securely manage and deploy secrets across different environments, applications, and services.
- Encryption and data protection: Manage encryption and keys for developers and operators across different environments, applications, and services.
- Privileged-access management: Secure workloads for application-to-application and user-to-application credential management across different environments and services.
HashiCorp Vault is designed for DevOps professionals and application developers who want to manage their secrets, data, and key-value stores. It’s built using the open-source version of Vault, but it’s also compatible with Vault Enterprise. Supplemental details, with instructions and screenshots, are available on the HashiCorp Vault and Vault Enterprise websites.
Each stack in this deployment takes approximately 20 minutes to create. For more information and step-by-step deployment instructions, see the deployment guide.
Deployment options
- Deployment of HashiCorp Vault into a new VPC (end-to-end deployment) builds a new VPC with public and private subnets, and then deploys HashiCorp Vault into that infrastructure.
- Deployment of HashiCorp Vault into an existing VPC provisions HashiCorp Vault into your existing infrastructure.
Architecture
Change log (June 2020)
- Upgraded to HashiCorp Vault 1.4 using best practices
- Updated AWS architecture
- Updated templates:
For architectural details, best practices, step-by-step instructions, and customization options, see the deployment guide.
To post feedback, submit feature ideas, or report bugs, use the Issues section of this GitHub repo. If you'd like to submit code for this Quick Start, please review the AWS Quick Start Contributor's Kit.