# 5. HI GIO KMS Service

## <mark style="color:green;">**Overview**</mark> <a href="#overview" id="overview"></a>

**HI GIO KMS** is powered by the HashiCorp Vault solution, which is fully managed by HI GIO teams. Thus, the customer can focus on key management itself.

{% hint style="info" %}
**HashiCorp Vault** is an identity-based secrets and encryption management system. A *secret* is anything you want to control access to tightly, such as API encryption keys, passwords, and certificates. Vault provides encryption services that are gated by authentication and authorization methods. Access to secrets and other sensitive data can be securely stored and managed, tightly controlled (restricted), and auditable using Vault's UI, CLI, or HTTP API.
{% endhint %}

HI GIO KMS has two kinds of deployment models.

* Internet mode
* Private mode (Only can access from customer’s HI GIO VPC system)

<figure><img src="https://3953927389-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fbvay7AR0CH8vZKgD3dSy%2Fuploads%2FL1ptRDJS5IZHow7ySIRw%2Fimage.png?alt=media&#x26;token=67a1e94e-fe45-4505-b037-ed6e5fb213e2" alt=""><figcaption></figcaption></figure>

&#x20;

Reference:

[![](https://developer.hashicorp.com/favicon.ico)Tutorials | Vault | HashiCorp Developer](https://developer.hashicorp.com/vault/tutorials)