TrustRadius Insights for HashiCorp Vault are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Recommendations
Users have made a few common recommendations based on their experiences with Vault.
Firstly, they recommend defining roles and policies at the beginning of the setup process. This helps save time and ensures cost-effectiveness by clearly establishing access levels and permissions.
Secondly, users advise investing time in careful planning before going into production with Vault. This includes defining paths, naming conventions, and policies to streamline the implementation process and prevent potential issues.
Lastly, users emphasize the importance of exploring learning resources such as documentation, user groups, and other knowledge-sharing platforms. These resources offer valuable insights into best practices, troubleshooting tips, and real-world use cases.
Overall, users believe that while Vault is a comprehensive and powerful tool, it may require some initial effort in terms of setup and planning. They also mention that additional user features could further improve its competitiveness. However, users encourage others to research and evaluate Vault for its affordability and data security benefits, as they believe it won't disappoint.
We leverage HashiCorp Vault capabilities for storing and managing our secrets and company passwords. HashiCorp Vault integrates with applications and tools to enable transparent secure sensitive information retrieval programmatically. By leveraging HashiCorp Vault we can go with IAC/CAC on almost everything we build. HashiCorp Vault also makes it easy to share secrets between team members and the organization.
Pros
Store secrets
Store configurations
Integrate with kubernetes
Audit log of changes
Team secret sharing
Real time in transit encryption
Cons
Session Management is terrible to manage
Monitoring is hard and not enough information
User management
Configuration is too complex
More user friendly UI
Likelihood to Recommend
When you need to store secure information (secrets or configuration) for your kubernetes applications or just general secrets in a central place where team members can access. HashiCorp Vault enables granular access control and has terraform which makes it easy to manage it using IAC. It integrates really well in any cloud-native environment you are building your application. I would not use it for small POC or companies due to the overhead of management and setup requirements. You could use another approach such as encrypted k8s secrets in git directly.
HashiCorp Vault is our go-to for secrets management in our cloud implementation. Having used many other HashiCorp products, it was easy enough for us to translate that into the use of Vault. We also use it in a limited capacity with Chef, used in conjunction with encrypted data bags. HashiCorp Vault has allowed us to securely use secrets across applications without the need to expose those secrets. It has also made it easier to implement sane key rotation and achieve automation.
Pros
HashiCorp Vault manages secrets extremely well.
It works well as a cloud-agnostic or multi-cloud solution.
HashiCorp Vault works extremely well with other HashiCorp products.
Vault integrates with other systems very well because everything is API driven.
Cons
It doesn't have an interface. This isn't entirely bad because of the purpose it serves, but it does make the barrier to entry a little difficult.
Unlike many other HashiCorp products, the documentation feels like it leaves some steps out. Step by step documentation lowers the barriers to entry a little bit, and going through even the installation documentation and setup leaves a little bit of the caveats out.
It needs a fair bit of supporting infrastructure. You cannot just have a Vault instance. Having a HashiCorp Vault instance means also having a consul cluster for the backend.
Likelihood to Recommend
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
VU
Verified User
Engineer in Engineering (Information Services company, 501-1000 employees)