Hashicorp Vault Signer

General purpose secure storage for any sensitive information, such as keys, password or certificates.
Use on Kaleido
Coming Soon

HashiCorp Vault is a software based general purpose secure storage for any sensitive information, such as keys, password or certificates. It has both opensource and commercial editions. The underlying architecture is extensible with plugins. Kaleido has taken advantage of the extensibility feature and provided a vault plugin that can be mounted as a secret engine and only supports using secret keys to sign transactions, without ever giving away the secret keys themselves.

HashiCorp Vault is a software based general purpose secure storage for any sensitive information, such as keys, password or certificates. It has both opensource and commercial editions. The underlying architecture is extensible with plugins. Kaleido has taken advantage of the extensibility feature and provided a vault plugin that can be mounted as a secret engine and only supports using secret keys to sign transactions, without ever giving away the secret keys themselves.

Features

Secure Storage

Secure storage for any sensitive information, such as keys, password or certificates.


Vault Plugin

Kaleido has taken advantage of the extensibility feature and provided a vault plugin that can be mounted as a secret engine and only supports using secret keys to sign transactions, without ever giving away the secret keys themselves.


Flexible Installment

The vault can be installed by the customers themselves either under their own cloud accounts, or on-premise.

How it works

The vault can be installed by the customers themselves either under their own cloud accounts, or on-premise. This allows customers to deploy key management that meets all but the most stringent security criteria.

Set Up Access Policies

HashiCorp Vault supports flexible management of policy-based access control and attaching policies to user credentials. Here we want to create a user for Kaleido to use as the transaction signer. It must have the ability to list signing accounts and sign transactions. It does not need the ability to create and delete keys, as the Kaleido service does not perform those functions.

The privilege to create and delete keys can be reserved to a separate administrator user under the customer control. The credentials with administrative privileges do not need to be shared with Kaleido.


No items found.

The vault can be installed by the customers themselves either under their own cloud accounts, or on-premise. This allows customers to deploy key management that meets all but the most stringent security criteria.

Set Up Access Policies

HashiCorp Vault supports flexible management of policy-based access control and attaching policies to user credentials. Here we want to create a user for Kaleido to use as the transaction signer. It must have the ability to list signing accounts and sign transactions. It does not need the ability to create and delete keys, as the Kaleido service does not perform those functions.

The privilege to create and delete keys can be reserved to a separate administrator user under the customer control. The credentials with administrative privileges do not need to be shared with Kaleido.


No items found.

Additional Resources

Helpful Links

Accelerate your Digital Transformation

We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience. Learn about our Privacy Policy here.