What is HashiCorp Vault?
HashiCorp Vault addresses the technical complexity of securing, storing and tightly controling access to secrets across distributed cloud infrastructure (within dynamic cloud-native environments). Lately, Vault has been hugely popular, alongside other open source projects from HashiCorp.
Why we Integrated Skycap with HashiCorp Vault?
A big part of our product philosophy is to enable self-service deployments for developers, and that means, for example, that developers may know where a private key for their service lies, but might not need to spend time/bandwidth on knowing what that key is.
We wanted to acheive secure, scalable secrets management in the container deployment pipeline. That can support the injection of application configuration and secrets into Kubernetes. HashiCorp Vault was an obvious choice for the job.
How does it work?
Adding your Vault servers in the Settings part of Skycap allows for a seamless flow from configuration file creation, through the build, and down to creating a multi-environment deployment pipeline.
This is all defined by Operations with fine-grained user access controls, so that developers only input if it is in their scope to do so, for example, developers may know where a private key lies, but might not be responsible for knowing what that key is. This ensure that every developer action stays within setup policy by Operation.
To add HashiCorp Vault to your container deployment pipeline go to 'Accounts Settings', in the left-hand side 'Settings' bar click on the 'External Services'. In the 'External Services' dashboard click on the 'HashiCorp Vault' and add your Vault details.