> For the complete documentation index, see [llms.txt](https://docs.enclaive.cloud/enclaive-multi-cloud-platform/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.enclaive.cloud/enclaive-multi-cloud-platform/documentation/features/vault.md). # Vault ### Overview #### Introduction Enclaive Vault is a comprehensive solution for Cross Cloud Secret Management, unlocking the future of multi-cloud security. It centralizes key control outside the cloud, enhances data protection, and streamlines operations across diverse cloud platforms. #### Challenges Enclaive offers Europe's most fortified cloud ecosystem, ensuring unmatched security and confidentiality for applications and data. It provides a cost-effective solution with the best price/performance ratio on the market. #### Benefits * **Confidentiality:** All environments are confidential by design, leveraging cutting-edge hardware-graded security. * **Ease of Use:** Configuring the environment of choice is simplified with just a few clicks. ### Features #### Elasticity Efficiently adjust resource scaling to flexibly accommodate fluctuating demands without excessive allocation. #### Multi Cloud Support Vault is versatile, supporting deployment in various cloud or on-premises environments—ideal for hybrid, confidential, and cross-cloud architectures. #### Hardware-Graded Security Establish trust in the hardware foundation by selecting either the CPU, TPM, HSM as the anchor and source of randomness. #### Crypto Agile Handle PK, EC, and PQ cryptography with adaptability to evolving NIST/BSI/NATO standards and breakthroughs. ### Identity and Access Management #### Authentication Methods Identify users with authentication methods, ranging from username/password to SSO. #### Cloud Platform IAM Integration Integrate with cloud platform IAMs (AWS, Azure, GCP) for seamless user management. #### JSON Web Tokens Instantiate workload and services with JSON web tokens, enabling fine-grained access control based on roles or groups. ### Key Management #### Credential Safeguarding Enhance security by safeguarding credentials, certificates, and keys without impeding development. #### Cryptographic Algorithms Access NIST/BSI standardized cryptographic algorithms for encryption, decryption, digital signatures, and secure key management. #### Certificate Authority Establish a Certificate Authority for issuing, renewing, and revoking digital certificates for various purposes. ### Secret (De-)Provisioning #### Encrypted Disk Volumes Manage the keys that securely encrypt disc volumes for enhanced security. #### SSH Key Management Simplify the management of SSH keys for secure access control. #### User Passwords in Databases Refresh user passwords in SQL, NoSQL, and vector databases, ranging from MariaDB, Postgres, MongoDB to Redis. ### HSM Support #### Linking to HSM Link the security of Vault to a hardware security module for added protection. #### Unsealing Vault Secrets Unseal vault secrets stored in physically protected storage for secure access. #### Entropy Generation Generate entropy from a physical source of randomness to enhance overall security. {% content-ref url="/spaces/ZAOyClhisJhRvjIxLjXP" %} [Vault](https://docs.enclaive.cloud/vault/) {% endcontent-ref %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.enclaive.cloud/enclaive-multi-cloud-platform/documentation/features/vault.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.