Following Armon Dadgar’s (Hashicorp CTO) twitter and blog post on why we need dynamic secrets, I wanted to create an experiment and create a web application (Ruby on Rails specifically) running on Kubernetes, backed by Vault to generate database secrets for each pod. I wanted to create an automatic and secure process using both Vault’s Kubernetes authentication backend and database secrete store t