Company Description:
At HashiCorp, we believe infrastructure enables innovation. Our suite of multi-cloud infrastructure automation products — all with open source projects at their core — underpin the most important applications for some of the largest enterprises in the world. As part of the once-in-a-generation shift to the cloud, organizations of all sizes, from well-known brands to ambitious start-ups, rely on our solutions to provision, secure, connect, and run their business-critical applications so they can deliver essential services, communications tools, and entertainment platforms worldwide.
We’re building a unique software infrastructure company with a different approach: rather than focusing solely on technologies, we build the workflows designed to solve real-world problems of IT operators working with multi-cloud environments. HashiCorp’s portfolio of products includes Vagrant™, Packer™, Terraform®, Vault™, Consul®, Nomad™, Boundary™, and Waypoint™, available as open source, enterprise, and as managed cloud services The HashiCorp software suite enables organizations to adopt consistent workflows and create a system of record for automating the cloud: infrastructure provisioning, security, networking, and application deployment.
Integration Description:
HashiCorp Vault:
HashiCorp Vault is a key management solution in the security space that will work with EDB Postgres Advanced Server and EDB Postgres Extended Server's Transparent Data Encryption (TDE) feature being offered on Version 15.2 and later. It allows customers to secure, store, and manage access to tokens and passwords that protect secret company information.
Hashicorp Vault Enterprise offers users a consistent workflow to distribute and manage the lifecycle of keys as a key management provider. Vault Enterprise allows you to secure, store and control the access to sensitive information such as tokens, passwords, certificates, encryption keys and any other sensitive data using a UI, CLI or HTTP API. When you implement TDE with EDB Postgres Advanced Server and EDB Postgres Extended Server's Transparent Data Encryption and HashiCorp Vault Enterprise you help keep your data safe through encryption with a scalable system for your external key management requirements
HashiCorp Transit Secrets Engine:
Hashicorp Vault is an identity-based secrets and encryption management system. Used in conjunction with EDB Postgres Advanced Server versions 15.2 and above or EDB Postgres Extended Server versions 15.2 and above, it allows users to control access to encryption keys and certificates, as well as perform key management. Using Hashicorp Vaults Transit secrets engine allows Vault to handle cryptographic functions on data in-transit. Hashicorp Vault Transit secrets engine can be referred to as "encryption as a service".
Hashicorp Vault’s primary use case for the Transit secrets engine is to encrypt data from applications while simultaneously storing encrypted data in some primary data store. Hashicorp Vault Transit Secrets Engine can also generate hashes, sign and verify data and generate HMACs of data. Hashicorp Vault Transit Secrets Engine can work with EDB Postgres Advanced Server and EDB Postgres Extended Server by securely storing the data key that is generated by initdb. Normally the key, that lives in pg_encryption/key.bin, is stored in plaintext format, but using Hashicorp Vault Transit Secrets Engine as an external key store manages the data encryption key and provides further security to the key itself.