Vaults Overview

Your access structure defines the vault structure. Whether you separate access by projects, clients, environments, departments, or any other criteria — vaults can be flexibly set up for that use case.
Create as many vaults as you need. For example, you can create a vault for each client and add the people who work with these clients. If you need to share a single host with just one person, like a contractor, create a new vault just for that. Remove it when the work is done and access is no longer required. It keeps things secure and simple.
Check this article if you need help with defining your vault structure.
Managing Access

Once you have defined the vault structure, you need to create vaults accordingly, add members to the vault they need access to, and set their permissions in this vault.
Each vault, except the Personal one which is not shared, has its access permissions for members:
Editors: Can create, update, and remove data. Can manage members in this vault.
Viewers: Can view data, connect to hosts, and use snippets but cannot make changes.
For detailed instructions on how to create, share, and set access to the vaults, read this article.
Moving Data Between Vaults

Vaults are designed to provide a consistent experience to all members with access to this vault. To guarantee this consistent experience, all linked entities must be stored in the same vault. This means all the hosts from the host chain, startup snippets, port forwarding rules, etc., should be moved along with the host. The only exception is credentials, which you can choose not to share.
Credential location is set on the host level. Depending on your use case, you can share credentials or require your teammates to provide their own.
Save credentials in the Personal vault when you don't want to share them with the team. Team members will connect with one click using credentials from their Personal vaults.
Save credentials in a selected vault to share them with team members. Team members will connect with one click using the same credentials shared with them.
For detailed instructions on moving data between vault, read this article.
Security

Vaults are the most secure way to share sensitive information across the team. Each vault is encrypted with a unique encryption key so only you and your team can access its content.
New members can't access vaults until the owner approves their access and sets their permissions.
For more information about encryption and security, read this article.