Red Hat OpenShift enhances Vault integrations

Last week, IBM finalized the acquisition of HashiCorp, including HashiCorp Vault Enterprise, offered as part of IBM’s software portfolio. An industry leader in security management, Vault manages secrets and protects sensitive data across hybrid cloud environments.

As we look at the industry, customers are increasingly moving away from large, monolithic applications and instead choosing to build cloud-native applications. This results in complexity across where applications run, how they are managed and how they are kept secure. Cloud-native solutions are often deployed on environments that span on-premises and multi-cloud infrastructure. The reality is that secrets – credentials that provide access to or within a system – are becoming increasingly distributed and organizations are at increased risk of secrets sprawl. Secrets such as usernames and passwords, TLS certificates, API tokens, database credentials and more are often managed inconsistently, and rotated manually and stored insecurely. This creates risk for data breaches, compliance issues and identity theft. In fact, according to the recent State of Kubernetes Security report, 67% of companies were forced to delay or slow down application deployment for these and other reasons. Plus nearly 90% had at least one container or Kubernetes security incident in the last 12 months.

This secrets management challenge becomes more complex for hybrid and multi-cloud workloads. Enterprises are seeking solutions for a central, consistent and scalable secrets management with strong security. More importantly, enterprises require a solution that is complementary with how they are already managing their hybrid cloud applications. 

HashiCorp Vault naturally complements Red Hat OpenShift 

Red Hat OpenShift provides a consistent cloud-native application platform for the hybrid cloud. It is trusted by thousands of customers for building, modernizing, and scaling traditional and cloud-native applications across any infrastructure at scale. By leveraging Red Hat OpenShift with Vault, our customers will have centralized and encrypted secret storage, secret rotation policy, with comprehensive auditing, rich access control lists, support for multiple authentication methods across different cloud vendors and dynamic tracking. Furthermore, Vault with Red Hat OpenShift enables stronger security automation in application delivery through automated secret management in CI/CD pipelines and GitOps workflows, allowing them to maintain security without hindering agility. 

In short, the combined functionality of Red Hat OpenShift and IBM Vault provides a security-focused application platform optimized to help prevent credential breaches across the most distributed environments. 

Looking forward: Vault and Red Hat OpenShift

With IBM’s acquisition of HashiCorp, Red Hat and IBM are committed to bringing Vault and Red Hat OpenShift even closer together—deepening integration points and simplifying deployment to create a seamless experience for our customers.

Today, multiple integration points between Red Hat OpenShift and HashiCorp Vault require manual configuration by end-users. We recognize the opportunity to enhance automation, improve ease of use, and deliver tighter integrations across Red Hat’s solutions. Our vision includes:

• Automating the deployment of those integrations and to ensure they are tested with every release.
• Exploring support for KubeKMS and Vault to manage OpenShift’s etcd encryption key for enhanced security.
• Improving deployment and security lifecycle management by exploring a Vault Enterprise Operator and deepening automation with Red Hat Advanced Cluster Management for Kubernetes, Red Hat Ansible Automation Platform and Terraform.
• And finally, looking long-term, we’ll be expanding Vault integrations with OpenShift Service Mesh, Red Hat Quay, Red Hat Advanced Cluster Management and Red Hat Advanced Cluster Security.

We are thrilled to usher in a new partnership that will make securing applications and workloads easier. Red Hat OpenShift and Vault will enable our customers to better secure workloads so they can focus on the work that matters: creating products and features that benefit their customers—IBM’s acquisition of HashiCorp and Vault further cement this promise. 

Where can I get more information about this news?

• IBM Press release
• Red Hat Partner Catalog