Vault

• Hashicorp Vault
• Manages(generates, stores, revokes) static & dynamic secrets 
• Provides encryption service
• Auditing
• Server start
• vault server start
• create secret
• vault write secret/cookie receipe=sugar
• vault read secret/cookie
• 
  
• Platform to secure, store and tightly control access to tokens, passwords, certificates and encryption keys for protecting sensitive data and other secrets in dynamic infrastructure.
• Protects sensitive data like
• user/passwd
• api keys
• certificates
• tokens
• encryption keys
• Benefits of Vault
• Centralize secrets across organization
• eliminates long lives secrets
• Provides encryption as service
• automate generation of certificates for authentication
• Features

How does Vault protect data

• Vault creates an encryption key
• The encryption key is used to encrypt the data stored on vault
• Encryption key is stored along side of the data
• Vault needs a master key to protect encrypted key
• master key is not stored on any persistence storage
• Master key is generated when Vault is initialized

Vault Seal & Unseal

• Vault starts in a sealed status