Best practice for enterprise data management is to use data-at-rest encryption for storing highly sensitive data on storage media, with encryption keys safely stored in an external key management system. HashiCorp Vault has become an increasingly popular tool for this purpose, so we are excited to announce that MariaDB Platform X5 can integrate directly with HashiCorp Vault.
The HashiCorp Vault Encryption Plugin (
hashicorp_key_management) enables using HashiCorp Vault to manage MariaDB’s data-at-rest encryption keys.
hashicorp_key_management supports both the open source and enterprise version of HashiCorp Vault. HashiCorp Vault can be used as the key management system (KMS) for MariaDB Enterprise Server data-at-rest encryption covering:
HashiCorp Vault is an open source management system for secrets and sensitive data. It provides many advanced features:
- API-driven encryption
- Key rotation
- Data-in-transit encryption between Vault and server using TLS
- FIPS 140-2 compliance
- Detailed auditing
- Plugins to extend functionality
For More Information
The HashiCorp Vault Encryption Plugin from MariaDB is currently available as part of MariaDB Enterprise Server 10.5, a core component of MariaDB Platform X5.
Customers can download MariaDB Platform X5 including MariaDB Enterprise Server 10.5