For those of us for the removed can someone explain the difference between Vault Secrets and Vault Dedicated? (very naively I would have thought that Vault itself os specifically about secrets so I must be missing the nuance)
firesteelrain•2h ago
HCP Vault Secrets aka Easy Vault aka Vault Lite is only for secrets. It’s also Cloud hosted.
Vault Community is more full featured. Vault Enterprise has HSM support (for auto unseal and seal wrapping) and FIPS 140-2 for those type of customers.
We use Vault Enterprise on prem solely for its particular HSM integration.
stackskipton•1h ago
For anyone pondering a migration to something on premise, there is also Vault Fork called OpenBao(https://openbao.org/) similar to fork OpenToFu is of terraform.
tekla•1h ago
You can run Vault on prem
zorgmonkey•53m ago
I haven't tried it out, but it looks they recently added PKCS#11 which should make it possible to use it with devices like HSMs and cloud KMS solutions.
redwood•2h ago
firesteelrain•2h ago
Vault Community is more full featured. Vault Enterprise has HSM support (for auto unseal and seal wrapping) and FIPS 140-2 for those type of customers.
We use Vault Enterprise on prem solely for its particular HSM integration.