Secrets Management as a Service
A dedicated OpenBao namespace for every tenant — secrets isolated, policies enforced, provisioned automatically with each environment.
OpenBao as a Service gives every tenant a dedicated OpenBao namespace — an open-source Vault — provisioned automatically with their environment. Secrets are isolated, policies are enforced, and there is no shared access between tenants. Engines, auth methods, and policies are all managed from the portal.
What you get
Key-value, database, PKI, and more — enabled per namespace.
Short-lived credentials generated on demand and auto-revoked.
Fine-grained access control over every secret path.
Every secret access recorded to an immutable trail.
Encrypt and decrypt data without ever exposing keys.
Namespaces unseal automatically — no manual key ceremony.
A dedicated namespace per tenant. No shared paths.
Manage secrets from the OpenBao UI, CLI, or API.
Service tiers
Tiers are example service levels you define for your tenants. Configure as many as you need — what is shown here is a sensible starting point.
| Capability | Standard | Premium |
|---|---|---|
| Dedicated namespace | ✓ | ✓ |
| Dynamic secrets | ✓ | ✓ |
| Audit log retention | 30 days | 1 year |
| High availability | — | ✓ |
| Availability SLA | 99.5% | 99.95% |
| Support response | Next business day | 1 hour |
Tiers are operator-defined. Map them to your own pricing, quotas, and target tenants.
Support & metering
OpenBao as a Service is metered per manageable item — the namespace and each engine or auth method the tenant enables count as one MRU.
More from the catalog
View all services →Start with a complimentary 2-hour design workshop. We design your service catalog, tenant model, and 90-day pilot scope — with your team, on your infrastructure.