What is our primary use case?
We are currently conducting a PoC with HashiCorp vault to see if it meets our requirements. I have ten different use cases for the evaluation.
We are integrating it into our Key Management Service. In my previous company, we were using it to store all of our keys and secret certificates.
How has it helped my organization?
In my previous organization, all of the requirements and use cases worked well.
What is most valuable?
The most valuable feature is the hub cluster in Consul.
This solution is easy to use and to integrate.
What needs improvement?
The documentation is very general; it should have more examples and more use cases. Basically, they just tell you the syntax without a better explanation of how to do things.
We learned all of the Vault Commands (CLI) and they work fine, except when we are running on an EKS cluster then the syntax changes. Most of the commands are not working.
For how long have I used the solution?
I have been using HashiCorp Vault for less than a year.
What do I think about the stability of the solution?
Vault, so far, has been stable for me. I have had some trouble with Terraform, which I find is not very stable.
What do I think about the scalability of the solution?
It is easy to scale this solution. I spin up a cluster and on top of that, I install Vault. On the backend, I use Consul for my wallet.
How are customer service and technical support?
Because I am using the open-source version, I have not contacted technical support.
Which solution did I use previously and why did I switch?
We did not use another solution before beginning our PoC.
How was the initial setup?
The initial setup is easy and it is not complex or difficult to configure. You just have to understand the basic concepts of authentication.
Downloading vault and installing it, including Consul, will only take 15 or 20 minutes. The configuration depends on the use cases and depending on them, the length of time it takes will vary. It should take no longer than a day.
What's my experience with pricing, setup cost, and licensing?
I am using the open-source version of Vault and I would have to buy a license if I want to get support.
Which other solutions did I evaluate?
This is the first solution that we are evaluating. If the PoC does not go well then we will be looking into other solutions. We did not consider other options because we felt that Vault would do what we wanted.
What other advice do I have?
One of the questions that I have been trying to solve is whether it is possible to update the cloud AWS keys from the on-premises solution. I have been through the documentation and the blogs and still do not know whether it is possible. Definitely, they can be managed once they have been deployed into the cloud, but I want to know the other way around. Our intention is ultimately to deploy on-premises, which is why this is important.
My advice for anybody who is implementing this solution is to fully go through the documentation and understand all of the use cases before implementing it.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?