Banzai Cloud is now part of Cisco

Banzai Cloud Logo Close
Home Products Benefits Blog Company Contact


The Vault Swiss Army knife, which makes enterprise-grade security attainable on Kubernetes. It has many 'blades' that cut through the security problem: the Bank-Vaults operator provides automation; a Go client with automatic token renewal that provides dynamic secret generation, multiple unseal options and more; a CLI tool to initialize, unseal and configure Vault with authentication methods and secret engines; and direct secret injection into Pods to reduce the attack surface.


Automates the entire Vault lifecycle in your Kubernetes clusters.


Provides seamless integration with non-Vault-aware applications without storing the decrypted secret anywhere.


Vault is the de-facto standard for secret management in cloud native environments.


Bank-Vaults provides various tools for Hashicorp Vault to make its use easier:

A wrapper for the official Vault client with automatic token renewal, built in Kubernetes support, and a dynamic database credential provider.

A CLI tool to automatically initialize, unseal and configure Vault.

A Kubernetes operator for provisioning, and a mutating webhook for injecting secrets.

Bank-Vaults can be used as a CLI tool or accessed from code through a Golang library (supporting OAuth2 tokens, K8s auth, Vault operator, dynamic secrets, cloud credential storage, etc.). The package also includes a Helm chart for a HA cluster, operator, mutating webhook and a collection of scripts to support advanced features (dynamic SSH, etc.).

  • Automation
  • Flexibility
  • Security
Support packages for Bank-Vaults
For learning
and experimenting
  • All features
  • Community support
  • Community Slack
For those who need help
in case of issues
  • All features
  • 8 hrs/month support
  • SLA: 4 hours / 8×5
  • Support portal, Slack
For business-critical
  • All features + integration
  • 16 hrs/month support
  • SLA: 1 hour / 24×7
  • Support portal, Slack
  • Proactive monitoring
Dig deeper in our Blog
Bank-Vaults on ARM and recent features

We had quite a few Bank-Vaults releases recently where new features arrived in the webhook and operator. This is no …

Read more
Multi-cluster testing with kind and MetalLB

Distributed applications Distributed applications have many definitions, but typically they are defined as …

Read more
OIDC issuer discovery for Kubernetes service accounts

Applications running in Kubernetes Pods are authenticated against the Kubernetes API with their corresponding …

Read more
Ready to get started?
We are happy to introduce you the product and our support and consulting services.