ee8ea88fa6
* Intro to Transit Secrets Engine guide * Added the Katacoda scenario link in the Reference Materials section * Referencig this guide in the existing encryption guides
1.6 KiB
layout, page_title, sidebar_current, description
| layout | page_title | sidebar_current | description |
|---|---|---|---|
| guides | Encryption as a Service - Guides | guides-encryption | The transit secrets engine handles cryptographic functions on data in-transit. Vault doesn't store the data sent to the secrets engine. It can also be viewed as "cryptography as a service" or "encryption as a service". |
Encryption as a Service
Vault provides Encryption as a Service (EaaS) to enable security teams to fortify data during transit and at rest. So even if an intrusion occurs, your data is encrypted and the attacker would never get a hold of the raw data.
This guide walks you through Encryption as a Service topics.
-
Encryption as a Service guide walks you through the usage of the
transitsecrets engine in Vault. Read this guide first before proceeding to the Transit Secrets Re-wrapping guide or Java Application Demo guide. -
Java Application Demo guide walks through a sample application which relies on Vault to generate database credentials as well as encrypting sensitive data. This guide is for anyone who wishes to reproduce the demo introduced in the Manage secrets, access, and encryption in the public cloud with Vault webinar.
-
Transit Secrets Re-wrapping guide demonstrates one possible way to re-wrap data after rotating an encryption key in the transit engine in Vault.