Your secrets, in safe hands
A secrets vault powered by Vault, installed and maintained by DINAO. Centralize and encrypt your passwords, API keys, and certificates, with strictly controlled and audited access—all hosted in France.
What is Vault?
Vault is the reference solution for secret management and sensitive data protection. Instead of scattering passwords, API keys, certificates, and tokens across your code repositories and configuration files, Vault centralizes them in a encrypted vault, with strictly controlled, authenticated, and audited access.
Its key strength lies in dynamic secrets: rather than storing static credentials, Vault can generate on-the-fly temporary access (to a database, a cloud provider, etc.), automatically revoked after use. It also includes a PKI engine for issuing certificates and an on-demand encryption service that your applications can call without ever handling the keys directly.
Vault offers fine-grained access policies by path and role, multiple authentication methods (token, LDAP, OIDC, etc.), comprehensive audit logging, and an API that integrates naturally into your CI/CD pipelines. Managed by DINAO and hosted in France, it becomes the sovereign security foundation for your entire infrastructure.
Host Vault at DINAO
Resource tiers compatible with Vault prerequisites (minimum 1 cœur / 512 Mo / 5 Go). Hosted in France, fully managed.
- 1 dedicated vCPU
- 2 Go RAM
- 20 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 2 dedicated vCPU
- 4 Go RAM
- 40 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 4 dedicated vCPU
- 8 Go RAM
- 80 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 8 dedicated vCPU
- 16 Go RAM
- 160 GB NVMe
- Daily backups
- Managed & monitored by DINAO
Technical details
You might be wondering…
What is Vault used for?
To centralize and protect all your secrets—passwords, API keys, certificates, tokens—in an encrypted vault, with strictly controlled and tracked access, rather than scattering them across code and configuration files.
What is a dynamic secret?
A credential generated on demand, valid for a limited time, then automatically revoked (e.g., temporary access to a database). This significantly reduces the risk associated with lingering static secrets.
Who can access the secrets?
You define fine-grained access policies by path and role, associated with various authentication methods (token, LDAP, OIDC, etc.). Every access is logged for auditing.
Are my secrets well protected and hosted in France?
Yes. Vault encrypts data at rest and in transit, with a sealing mechanism, and the entire setup is hosted on your dedicated instance in France.
Can I integrate it into my CI/CD?
Yes. Vault exposes an API and numerous integrations to inject secrets into your CI/CD pipelines and applications, without hardcoding them.