I Spent 4 Years Running HashiCorp Vault in Banks. Here's What It Can't Do.

I've deployed and operated HashiCorp Vault in financial institutions across Europe for more than four years. Vault is an incredible piece of software. I've built my career around it. But after watching the same pattern play out at every organization, I realized Vault solves only half the problem — and the other half is about to get much worse. Vault solves the secrets problem. It doesn't solve the access problem. Vault is brilliant at what it does: store secrets, rotate credentials, issue short-lived tokens, manage encryption keys. It's the foundation of secrets management for good reason. But here's what I kept seeing in every deployment, from mid-size fintechs to major European banks: Teams would spend months setting up Vault. Secrets engines configured. Policies written. AppRole or Kubernetes auth wired up. Audit logs enabled. Everything by the book. And then a service would authenticate to Vault, receive AWS credentials, and... that was it. The service walked away with real credent

I Spent 4 Years Running HashiCorp Vault in Banks. Here's What It Can't Do.

Related Articles

References: The Alias You Didn’t Know You Needed

Pointers: The Concept Everyone Says Is Hard

Learning a Recurrent Visual Representation for Image Caption Generation

# 5 JSON Mistakes Developers Make (And How to Fix Them Fast)

10 subtle go mistakes that only show up in production

Related Articles

How-To
References: The Alias You Didn’t Know You Needed
Medium Programming • 16h ago

How-To
Pointers: The Concept Everyone Says Is Hard
Medium Programming • 16h ago

How-To
Learning a Recurrent Visual Representation for Image Caption Generation
Dev.to • 18h ago

How-To
# 5 JSON Mistakes Developers Make (And How to Fix Them Fast)
Medium Programming • 19h ago

How-To
10 subtle go mistakes that only show up in production
Medium Programming • 20h ago