Vault A Game Changer In Secret Management
What do you like best?
Simple installation in a single binary. Adapt tokanization concept in whole process of the product. Support IaC approach to deploy the whole product and service. Robust plugin architecture enable integrate with other solutions too. In build integration of most famous cloud make vault a perfect match to manage cloud as well as onprems . On other hand vault work on standard set of API which can manipulate easily without any dependency. This will make the product highly customization and put change management on a automated workflow. Hashicorp do a nice job by making the vault OSS version and free of charge learning materials with ongoing community developments.
What do you dislike?
Inconsistency of command and it is parameters make us confuse. They should have a standard on this. The documentation is there but not up to date. Most of the configuration example are missing. It is not cut and clear how we integrate the vault in day to day work for immature user. Hashicorp should think about this and improve the lack of up to date documentation.
Recommendations to others considering the product:
Your first impression will make think you it is a simple tool. But it's UI just tip of the iceberg. Explore more in API and CLI, think more in automation & secure manner to see the correct picture
What problems are you solving with the product? What benefits have you realized?
Securing the identity, access levels, manage rotatable secrets in devops workflow and implement encryption too in a single trusted authority. The dynamic secrets in the vault is a top graded feature in terms of securing sensitive data in SCM and logs. The automated token rotation is very helpful. Vault solve very common and critical problems like encryption, data masking, token validation and least privileges in one place without any additional tolls.
