Last Updated: November 21, 2025

HashiCorp Vault

Secrets and encryption management

Core Features

Item	Description
`Secret Storage`	Encrypted secret storage
`Dynamic Secrets`	Generate credentials on-demand
`Encryption as Service`	Encrypt data without storage
`Leasing`	Time-limited secrets
`Revocation`	Instantly revoke secrets
`Audit Logging`	Detailed access logs

Common Commands


        vault server -dev

Start dev server


        vault kv put secret/myapp password=abc123

Write secret


        vault kv get secret/myapp

Read secret


        vault kv delete secret/myapp

Delete secret


        vault login

Authenticate


        vault policy write mypolicy policy.hcl

Create policy

Using Vault

# Write secret
vault kv put secret/db/config \
  username="admin" \
  password="supersecret"

# Read secret
vault kv get -field=password secret/db/config

# Dynamic database credentials
vault read database/creds/my-role

# Encryption as a service
vault write transit/encrypt/my-key plaintext=$(base64 <<< "hello")

Best Practices

Never use -dev mode in production
Use least-privilege policies
Rotate secrets regularly
Enable audit logging

💡 Pro Tips

Quick Reference

Use dynamic secrets instead of static credentials

← Back to Data Science & ML | Browse all categories | View all cheat sheets

HashiCorp Vault | Sheetly Cheat Sheet

HashiCorp Vault

Core Features

Common Commands

Using Vault

Best Practices

💡 Pro Tips

Quick Reference

Related Cheat Sheets