Last Updated: November 21, 2025
Focus Areas
| Focus |
|---|
Define roles that bind policies to secrets backends
|
Rotate leases and revoke leases on incidents
|
Commands & Queries
vault secrets enable database
Enable the database secrets backend
vault write database/roles/app db_name=mydb ...
Create a role with TTL
vault lease revoke
Revoke a compromised lease
Summary
Replace static secrets with leased credentials and revoke quickly.
💡 Pro Tip:
Set short TTLs and tune lease renewal retries for reliability.