Vault CLI
35.3k stars
official macOS Linux Cross-platform Actively maintained
The official HashiCorp Vault CLI. Read and write secrets, generate dynamic credentials, manage encryption keys, and control access policies with structured JSON output.
Part of the HashiCorp Vault CLI tools for AI agents
What your agent can do
Your application needs database credentials. You store them in environment variables, rotate them manually every 90 days, and hope nobody forgets. One day someone does forget, and your production database is running on a credential that expired without rotation. Your agent uses `vault read -format=json database/creds/app-role` and gets a dynamically generated credential with automatic expiration. Every credential is unique, time-limited, and audit-logged.Dynamic secrets are Vault's defining feature. Instead of storing static passwords, Vault generates credentials on demand. `vault read aws/creds/deploy-role` creates a temporary AWS IAM user. `vault read database/creds/readonly` generates a database credential that expires in hours. Your agent requests credentials when needed and they self-destruct when the TTL expires. No rotation scripts, no shared passwords, no stale credentials.The `-format=json` flag works on every command. `vault kv get -format=json secret/data/config` returns structured secret data. `vault status -format=json` returns cluster health. `vault token create -format=json` returns the new token with metadata. The `-field=key` flag extracts a single value without jq: `vault kv get -field=password secret/data/db` returns just the password string.Vault's agent sidecar (`vault agent`) is literally an agent. It runs as a daemon alongside your application, automatically authenticating with Vault, fetching secrets, writing them to files or environment templates, and refreshing them before they expire. Your AI agent configures the Vault agent, and the Vault agent handles the runtime secret lifecycle.Access policies define who can read what. `vault policy write deploy-policy policy.hcl` creates a policy that grants access to specific secret paths. Your agent manages policies as code: version-controlled HCL files that define exactly which secrets each role can access. Principle of least privilege, enforced programmatically.
Limitations
BSL 1.1 license (source-available, not open-source). Cannot be used to build a competing hosted secrets service. Complex to operate — requires careful unsealing, HA configuration, and storage backend management. Significant learning curve compared to simpler secrets managers like 1Password CLI. No official MCP server. Requires a running Vault server (self-hosted or HashiCorp Cloud Platform).
Key Commands
vault kv get Read a secret from the key-value store
vault kv put Write a secret to the key-value store
vault token create Create a new authentication token with specific policies
vault status Check the seal status and cluster health
vault secrets list List all mounted secret engines
vault audit list List active audit devices for compliance tracking
vault read Read data from any path including dynamic credentials
GitHub Stats
repo hashicorp/vault
stars 35.3k
language Go
license BSL-1.1
last commit Mar 24, 2026
FAQ
- Is Vault CLI free?
- Yes for most uses. Vault CLI is free under BSL 1.1 — you can use it for any purpose except building a competing hosted Vault service. Self-hosted Vault is free. HashiCorp Cloud Platform (HCP) Vault offers a managed option with a free tier. Install with `brew tap hashicorp/tap && brew install hashicorp/tap/vault`.
- Can AI agents use Vault CLI?
- Yes. Vault runs fully non-interactive with token-based or AppRole authentication via `VAULT_TOKEN` and `VAULT_ADDR` environment variables. Every command supports `-format=json` for structured output and `-field=key` for single-value extraction. The Vault Agent sidecar automates credential refresh. Your agent manages secrets, policies, and dynamic credentials without interactive prompts.
- What is the difference between Vault and 1Password CLI?
- Different scale and purpose. 1Password CLI is SaaS-based secrets management for teams — store and inject API keys, passwords, and tokens. Vault is infrastructure-grade — dynamic credential generation, encryption as a service, certificate management, and database credential rotation. 1Password is simpler and team-friendly. Vault is more powerful for infrastructure automation. Your agent uses 1Password for application secrets and Vault for infrastructure-level credential management.
- What are dynamic secrets in Vault?
- Instead of storing static passwords, Vault generates credentials on demand. `vault read aws/creds/deploy-role` creates a temporary AWS IAM user that expires after a configured TTL. `vault read database/creds/readonly` generates a unique database credential. Every request gets a fresh credential. Expired credentials are automatically revoked. No rotation scripts, no shared passwords.
- How does Vault authentication work for agents?
- Multiple auth methods for headless operation. AppRole (`VAULT_ROLE_ID` + `VAULT_SECRET_ID`) for applications. AWS IAM auth for workloads running on AWS. Kubernetes auth for pods. Token auth (`VAULT_TOKEN`) for simple setups. The Vault Agent sidecar handles automatic token renewal. Your agent authenticates once and Vault manages the session lifecycle.
Related tools in Security
Snyk CLI official
brew install snyk
category Security
The official Snyk CLI. Scan dependencies for vulnerabilities, audit container images, test infrastructure-as-code, and run static analysis with structured JSON and SARIF output.
5.5k
1Password CLI official
brew install 1password-cli
category Security
The official 1Password CLI. Read secrets, inject credentials into processes, and manage vaults without exposing sensitive values in scripts or environment files.
206
Last verified: Mar 25, 2026