IBM Cloud Secrets Manager is a single-tenant, dedicated secrets management service powered by HashiCorp Vault that centralizes creation, storage, leasing, and lifecycle management of secrets. Designed for organizations that require data isolation and enterprise-grade controls, Secrets Manager enables teams to create dynamic and static secrets, lease them to applications, and enforce fine-grained access policies from a single location. The service supports automatic rotation and access control, audit logging and monitoring, and integrates with IBM Cloud services to protect secrets at rest using Key Protect (including BYOK scenarios). Secrets Manager also provides built-in certificate management (SSL/TLS/PKI), HSM-backed key protection, high availability across three regional data centers, and features such as secrets groups, locks to prevent accidental modification or deletion, and customizable credential providers implemented with Code Engine jobs. Typical use cases include enforcing separation of secrets in regulated industries, centralizing multiple secret types for enterprise scale, and securely enabling automated microservice communication. Compliance attestations and integrations with IBM Cloud tooling make it suitable for financial, healthcare, and large enterprise environments that need single-tenant isolation and traceable audit trails.
Secrets Manager integrates with IBM Cloud Toolchains and DevOps tooling for secure secret delivery, Event Notifications Service for lifecycle alerts, Key Protect for encryption key management (BYOK), Code Engine for custom credential workflows, IBM Cloud IAM for access control, and supports standard CAs such as Let’s Encrypt for certificates.
IBM (International Business Machines Corporation) is a global technology and consulting company known for its innovations in computing, artificial intelligence, and enterprise solutions. IBM has a long history of pioneering technology advancements and providing IT services and products to businesses around the world.
