HashiCorp Vault and MariaDB

You are viewing an old version of this article. View the current version here.

Vault is open source software for secret management provided by HashiCorp. It is designed to avoid sharing secrets of various types, like passwords and private keys. When building automation, Vault is a good solution to avoid storing secrets in plain text in a repository.

MariaDB and Vault may relate each other in two ways. MariaDB secrets can be stored in vault. Typically this includes users passwords and private keys for SSH access. MariaDB can also be used as a secret engine, meaning that it can store secrets managed by Vault.

Vault Concepts

Vault is identity-based. Users login and Vault sends them a token that is valid for a certain amount of time, or until certain conditions occur. Users with a valid token may request to obtain secrets for which they have proper permissions.

Vault encrypts the secrets it stores.

Vault can optionally audit changes to secrets and secrets requests by the users.

Content initially contributed by Vettabase Ltd.


Comments loading...
Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.