Need to manage IBM Cloud secrets within your own on-premises enterprise HashiCorp Vault service? We’re excited to announce the delivery of two foundational plugins to support this need. 

The first is an authentication plugin that will allow your on-premises vault to interact with the IBM Cloud platform’s IAM service, and the second will allow you to generate IBM Cloud API keys from your on-prem Vaults.

The release

IBM Cloud Authentication plugin for HashiCorp Vault

Before you can interact with your on-premises Vault, the Vault must authenticate against an auth method. In this model, once authentication is established, a token is generated. This token is similar to a session ID on a website and may have attached policies, which can be mapped at authentication time. This plugin follows the design of other open-source Vault plugins. Vault supports auth methods by which user- or machine-supplied information is verified against external system.

What does this enable?

Your Vault instance can now be authenticated so that it can interact with platform services and their secrets:

Get started using this plugin in our public GitHub repo. 

IBM Cloud API Key Secret Engine plugin for HashiCorp Vault

The IBM Cloud IAM secrets engine dynamically generates IBM Cloud IAM Service IDs and API keys along with assigning those service IDs to IAM access groups. Vault roles can be mapped to one or more IAM access groups (and, optionally, group assignments), providing a simple, flexible way to manage the permissions granted to generated service IDs and API keys.

What does this enable?

Once authenticated, your Vault can now generate API keys and use IAM to assign the right access to these keys:

Get started using this plugin in our public GitHub repo. 

More from Announcements

IBM Hybrid Cloud Mesh and Red Hat Service Interconnect: A new era of app-centric connectivity 

2 min read - To meet customer demands, applications are expected to be performing at their best at all times. Simultaneously, applications need to be flexible and cost effective, and therefore supported by an underlying infrastructure that is equally reliant, performant and secure as the applications themselves.   Easier said than done. According to EMA's 2024 Network Management Megatrends report only 42% of responding IT professionals would rate their network operations as successful.   In this era of hyper-distributed infrastructure where our users, apps, and data…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters