Cloud infrastructure automation provider HashiCorp is strengthening identity-based cloud security with the latest release of HashiCorp Vault. Vault is the company’s tool for securing, storing, and controlling access to tokens, passwords, certificates, API keys and other secrets. The latest release, version 0.10, features the ability to leverage any trusted source of identity to enforce access to systems, secrets and applications.
“The traditional data center had ‘four walls and a pipe’ and a clear network perimeter. Anyone inside the network is assumed to be authorized to access the infrastructure,” said Armon Dadgar, founder and co-CTO of HashiCorp. “However, a cloud doesn’t have a distinct perimeter, and with multi-cloud, that surface area expands exponentially. Instead, security teams must utilize a different trust model to enforce systems and application access, and identity is the logical choice. With HashiCorp Vault 0.10, organizations now have the ability to leverage any trusted source of identity to enforce system or application access, providing the approach to security that’s needed in a multi-cloud world.”
Vault 0.10 deepens support for Microsoft and Google identity models, and introduces open source UI, versioned secrets, and rotating credentials. It features the Azure Active Directory authentication method, as well as the new Google Cloud Platform IAM secrets engine.
In addition, it features a graphical user interface in Vault open source that was originally including with Vault Enterprise; enhances the Vault UI for managing request auditing as well as creating and managing identities across different platforms; enables the Combined DB secrets engine for root credential rotation; and allows multiple versions of a secret to be retained for compliance and disaster recovery purposes.
“Vault is an identity-based security product that provides secrets management, encryption as a service, and identity and access management, leveraging any trusted source of identity to enforce access to systems, secrets, and applications,” Andy Manoske, product manager at HashiCorp, wrote in a blog post. “The 0.10 release of Vault delivers new features to help with automating secrets management and enhancing Vault’s ability to operate natively in multi-cloud environments.”