What is HCP Vault Secrets?
HashiCorp Cloud Platform (HCP) Vault Secrets is a secrets lifecycle management solution to centralize your secrets and enable your applications to access them from their workflow. The clients (systems or users) can interact with HCP Vault Secrets using command-line interface (CLI), HCP Portal, or API.
HCP Vault vs. HCP Vault Secrets
HCP Vault provides HashiCorp managed dedicated Vault clusters. It quickly spins up a Vault Enterprise cluster ready for an operation, but an organization needs to set up the environment before start managing secrets using Vault (create policies, enable auth methods, enable secrets engines, etc.).
HCP Vault Secrets does not require provisioning a cluster. If you are building cloud-native applications with SaaS products as their toolchain (micro-services, containers, CI/CD pipelines, hosted datastore, etc.), HCP Vault Secrets can easily be integrated in the workflow as a secrets management tool.
Key terms and concepts
Here are brief definitions of terms used in the documentation for HCP Vault Secrets.
Applications (apps)
An HCP Vault Secrets application represents a set of sensitive data (secrets) to isolate in a secure environment until they are needed by the clients (systems or users).
Secrets
Secrets are name and value pairs which contain confidential or cryptographic material (e.g. API key, password, or any type of credentials) and they are scoped to an application. Within an application, the secret name must be unique.
The secrets stored and managed by HCP Vault Secrets can be accessed using the command-line interface (CLI), HCP Portal, or API.
Secret versions
Secret versions are specific versions of a secret allowing you to track the changes of a secret. When you update a secret, it creates a new version of the secret.
Activity logs
Activity logs provide visibility into the various activities taking place within your application, as well as the source (who, when, where) of the activity.