Recently I have been looking at the Vault project as a means to manage secrets for applications and end-users. One of the use cases that immediately drew my attention was the ability to create dynamic role-based MySQL credentials.
Why Dynamic MySQL Credentials?
There are a few reasons why dynamic credentials would be beneficial, all of which can be handled by Vault, including:
- The database environment is too large to manage individual users.
- A need to authenticate on an external service, such as LDAP or GitHub organization.
- Provide credentials to external …