2019-05-23T17:02:00Z

What needs improvement with HashiCorp Vault?

Miriam Tover - PeerSpot reviewer
  • 0
  • 23
PeerSpot user
11

11 Answers

B
Real User
Top 5
2023-12-18T10:25:22Z
Dec 18, 2023

The onboarding is a challenge. It should be more self-service, but it involves reviews and approvals.

Search for a product comparison
Oleksandr Tymoshyk - PeerSpot reviewer
Real User
Top 5
2023-10-27T15:45:30Z
Oct 27, 2023

There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security.

Roman Starikov - PeerSpot reviewer
Real User
Top 5
2023-08-25T12:18:28Z
Aug 25, 2023

The product is complicated to install. It could be easier. Additionally, its pricing model needs improvement.

AKASHGUPTA3 - PeerSpot reviewer
Real User
Top 10
2023-07-27T10:34:32Z
Jul 27, 2023

There is room for improvement in stability.

SU
Real User
Top 10
2023-05-23T09:24:00Z
May 23, 2023

They should include automation features for the solution's implementation process. It will make the deployment simple.

NM
Real User
Top 20
2022-03-30T11:55:40Z
Mar 30, 2022

Its cost can be improved. It is really pricey, but to be fair, it did everything that we wanted it to do. Because of our requirements for high availability, redundancy, and resiliency, we needed a lot of clusters and a lot of nodes. We needed a massive architecture and the price of it was so inhibitive. It was going to cost us over a quarter of a million a year. In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it.

Find out what your peers are saying about HashiCorp, Microsoft, Amazon Web Services (AWS) and others in Enterprise Password Managers. Updated: March 2024.
765,386 professionals have used our research since 2012.
MA
Real User
2021-12-16T09:39:00Z
Dec 16, 2021

I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube.

MK
Real User
2021-07-23T12:42:55Z
Jul 23, 2021

We found that Microsoft Azure Vault is better due to the fact that it has integration with all of the Azure services. It would be better if it integrated more broadly with cloud API such as Amazon Web services, et cetera. The error handling could be a bit better. The technical support was hard to get a hold of and lacking in service. The initial setup could be simplified.

RB
Real User
2021-03-16T23:00:21Z
Mar 16, 2021

We could use more documentation, primarily to do with integrations. Anybody who uses HashiCorp integrates with a public cloud, like Azure or AWS. Azure and AWS have their own secret management; how does this collaboration work between the key vault of HashiCorp to the key vault of Azure? Some of this documentation is not up to mark.

SN
Real User
2020-03-30T07:58:00Z
Mar 30, 2020

The documentation is very general; it should have more examples and more use cases. Basically, they just tell you the syntax without a better explanation of how to do things. We learned all of the Vault Commands (CLI) and they work fine, except when we are running on an EKS cluster then the syntax changes. Most of the commands are not working.

SD
Real User
2019-05-23T17:02:00Z
May 23, 2019

A Service Mesh workflow connected within Vault workflow would be difficult to integrate, depending on the SI complexity and security compliance. A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution. Compliance: www.pcicomplianceguide.org

Enterprise Password Managers
Enterprise password management solutions store and administer sensitive data such as passwords, records, and identity credentials for organizations. Since most cyber-attacks use legitimate credentials to enter an organization, password security is an essential part of an organization’s security posture.
Download Enterprise Password Managers ReportRead more

Related articles