Configure Instance Vaults
Instance Vaults provide secure secret management at the Instance level, making secrets available across all Environments within your Ascend Instance. By default, Ascend provides a managed Instance Vault, but you can configure your own cloud provider vault for enhanced control and integration with existing infrastructure.
Supported Instance Vault providers​
AWS Secrets Manager
Configure AWS Secrets Manager as your Instance Vault for secure secret management in Azure environments.
Azure Key Vault
Configure Azure Key Vault as your Instance Vault for enterprise-wide secret management in Azure.
Google Cloud Secret Manager
Configure Google Cloud Secret Manager as your Instance Vault for organization-wide GCP secret management.
Prerequisites​
Before configuring an Instance Vault, ensure you have:
- An Ascend Instance with administrative privileges
- Administrative access to your chosen cloud provider's secret management service
- Proper permissions to configure vault access at the Instance level
Next steps​
- Choose your provider: Select the cloud provider that matches your infrastructure
- Provision the vault: Follow the provisioning guides to set up the vault service
- Configure access: Use the configuration guides above to connect your vault to Ascend
- Migrate secrets: Move existing Instance-level secrets to your new vault
- Test integration: Verify that secrets can be accessed from all Environments
Learn more about Vault concepts and how they work within the Ascend platform.