The latest cloud infrastructure announcements, technical solutions, and enterprise cloud insights.

Announcing Oracle Cloud Infrastructure Plugins for HashiCorp Vault

Customers need to secure, store, and tightly control access to tokens, passwords, certificates, and other arbitrary secrets in the cloud. HashiCorp Vault is a popular multicloud solution that provides this capability.

We’re pleased to announce the general availability of Oracle Cloud Infrastructure plugins for HashiCorp Vault. These plugins are an Oracle open source contribution to the HashiCorp codebase that provide tighter integration with core Oracle Cloud services and a better user experience for customers who run HashiCorp Vault on our cloud.

The following plugins are now available:

  • Oracle Cloud Infrastructure Identity plugin for Auth for authenticating to HashiCorp Vault by using Oracle Cloud Infrastructure principals
  • Oracle Cloud Infrastructure Object Storage plugin for Storage for storing secrets by using the Object Storage service as a high availability (HA) enabled storage backend
  • Oracle Cloud Infrastructure Key Management service plugin for automatically unsealing HashiCorp Vault by using keys stored in the Key Management service

These plugins are available in the HashiCorp Vault Open Source and Enterprise distributions, starting with version 1.2.3. By leveraging the Oracle Cloud platform services with HashiCorp Vault, customers can secure secrets by using a tool that they already use while benefiting from the high availability, durability, and performance of Oracle Cloud.

How the Plugins Work

To start, you either download the Open Source Vault distribution or obtain a license and the executables for Vault Enterprise from HashiCorp. Then, developers, users, and administrators can perform the following action:

  1. Developers build HashiCorp Vault with the plugins enabled in their Vault configurations.
  2. Users launch Oracle Cloud Infrastructure Compute instances in which these plugins can communicate with Oracle Cloud Infrastructure Identity and Access Management (IAM), Object Storage, and Key Management by using the Oracle Cloud Infrastructure Go SDK.
  3. Administrators manage the compute instances, Object Storage buckets, Key Management keys, and virtual cloud network (VCN) by using the Oracle Cloud console. Additionally, they can reference Oracle Identity principals when defining authorization policies in HashiCorp Vault.

The following image shows a reference architecture of HashiCorp Vault on Oracle Cloud Infrastructure using the plugins.

OCI Plugins for HashiCorp Vault


For more information about Oracle Cloud Infrastructure (OCI) plugins for HashiCorp Vault, see the following HashiCorp Vault documentation topics:

Join the discussion

Comments ( 1 )
  • Tech S Wednesday, April 22, 2020
    Looking for support of these plugins in clusters on OKE (when vault is running in kubernetes
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha