# bank-vaults
**Repository Path**: mirrors_DataDog/bank-vaults
## Basic Information
- **Project Name**: bank-vaults
- **Description**: A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret engines).
- **Primary Language**: Unknown
- **License**: Apache-2.0
- **Default Branch**: main
- **Homepage**: None
- **GVP Project**: No
## Statistics
- **Stars**: 0
- **Forks**: 0
- **Created**: 2025-04-18
- **Last Updated**: 2026-05-16
## Categories & Tags
**Categories**: Uncategorized
**Tags**: None
## README
Bank-Vaults
Bank-Vaults is now a [CNCF Sandbox](https://www.cncf.io/sandbox-projects/) project.
[](https://gitpod.io/#https://github.com/bank-vaults/bank-vaults)
[](https://github.com/bank-vaults/bank-vaults/actions/workflows/ci.yaml?query=workflow%3ACI)
[](https://api.securityscorecards.dev/projects/github.com/bank-vaults/bank-vaults)
[](https://www.bestpractices.dev/projects/7871)
*Bank Vaults is a thick, tricky, shifty right with a fast and intense tube for experienced surfers only, located on Mentawai.
Think heavy steel doors, secret unlocking combinations and burly guards with smack-down attitude. Watch out for clean-up sets.*
---
Bank-Vaults is an umbrella project which provides various tools for Cloud Native secret management, including:
- Bank-Vaults CLI to make configuring Hashicorp Vault easier
- [Vault Operator](https://github.com/bank-vaults/vault-operator/) to make operating Hashicorp Vault on top of Kubernetes easier
- [Secrets Webhook](https://github.com/bank-vaults/secrets-webhook) to inject secrets directly into Kubernetes pods
- [Vault SDK](https://github.com/bank-vaults/vault-sdk) to make working with Vault easier in Go
- and others
## Usage
Some of the usage patterns are highlighted through these blog posts:
- [Authentication and authorization of Pipeline users with OAuth2 and Vault](https://outshift.cisco.com/blog/oauth2-vault/)
- [Dynamic credentials with Vault using Kubernetes Service Accounts](https://outshift.cisco.com/blog/vault-dynamic-secrets/)
- [Dynamic SSH with Vault and Pipeline](https://outshift.cisco.com/blog/vault-dynamic-ssh/)
- [Secure Kubernetes Deployments with Vault and Pipeline](https://outshift.cisco.com/blog/hashicorp-guest-post/)
- [Vault Operator](https://outshift.cisco.com/blog/vault-operator/)
- [Vault unseal flow with KMS](https://outshift.cisco.com/blog/vault-unsealing/)
- [Monitoring Vault on Kubernetes using Cloud Native technologies](https://web.archive.org/web/20231014000501/https://banzaicloud.com/blog/monitoring-vault-grafana/)
- [Inject secrets directly into pods from Vault](https://outshift.cisco.com/blog/inject-secrets-into-pods-vault-revisited/)
- [Backing up Vault with Velero](https://outshift.cisco.com/blog/vault-backup-velero/)
- [Vault replication across multiple datacenters on Kubernetes](https://outshift.cisco.com/blog/vault-multi-datacenter/)
- [Bank Vaults Configuration Helm Chart](https://github.com/rljohnsn/bank-vault-config/tree/main)
## Documentation
The official documentation is available at [https://bank-vaults.dev](https://bank-vaults.dev/).
## Development
**For an optimal developer experience, it is recommended to install [Nix](https://nixos.org/download.html) and [direnv](https://direnv.net/docs/installation.html).**
_Alternatively, install [Go](https://go.dev/dl/) on your computer then run `make deps` to install the rest of the dependencies._
Make sure Docker is installed with Compose and Buildx.
Fetch required tools:
```shell
make deps
```
Run project dependencies:
```shell
make up
```
Run the test suite:
```shell
make test
make test-integration
```
Run linters:
```shell
make lint # pass -j option to run them in parallel
```
Some linter violations can automatically be fixed:
```shell
make fmt
```
Build artifacts locally:
```shell
make artifacts
```
Once you are done either stop or tear down dependencies:
```shell
make stop
# OR
make down
```
## Credits
Kudos to HashiCorp for open sourcing Vault and making secret management easier and more secure.
## License
The project is licensed under the [Apache 2.0 License](LICENSE).