Vault Radar extension for VS Code

This Visual Studio Code extension uses Vault Radar CLI to highlight secrets detected and help with the remediation.

Features

• Real-time Secret Detection: Get immediate feedback on hardcoded secrets.
• Intelligent Highlighting: Easily identify secrets with clear severity indicators for quick assessment.
• Detailed Secret Information: Hover or click on detected secrets to view crucial details like secret type, severity, and activeness.
• Actionable Remediation: Connect to a Hashicorp Vault instance to correlate known risks or copy discovered secrets.
• AI-Powered Remediation: Use GitHub Copilot to automatically replace Radar-detected secrets with code that retrieves those secrets from Vault. Works best with modern Sonnet and GPT models.

Available Commands

• Vault Radar: Scan content in active editor - Scan the currently active file
• Vault Radar: Scan entire workspace - Scan all files in the workspace with a progress indicator
• Vault Radar: Set License Key - Configure your Vault Radar license key
• Vault Radar: Clear License Key - Remove the configured license key
• Vault Radar: Set License File - Configure a license file path
• Vault Radar: Clear License File - Remove the configured license file path
• Vault Radar: Index Vault - Index KV v2 secrets in a connected Vault server

Installation steps

• Acquire a Vault Radar license
• Set up your Vault Radar License with one of the following commands:
  • Vault Radar: Set License File command to configure your license file
  • Vault Radar: Set License Key command to configure your license key

For more information, see the official HashiCorp installation instructions here.

Telemetry

We collect anonymous telemetry to understand and improve extension performance and usability. This telemetry is in line with the VS Code guidelines, and can be disabled. See the VS Code extension telemetry documentation for more details.