I have created a database type dynamic storage and connected it to one of the micro services in my platform. But I have several other services which need to access the same database. In that case, do I have create separate roles under same connection and assign them to each different service? Or can I use the same role for all the other services plus other python clients?
According to my understanding the dynamic storage concept is it creates new root accounts with the permission we have mentioned in the role. Spring boot service also keeps checking with the vault for the expiration time. So, if the lease expiry time met and a new account is created, does all the services that use the same role gets the new credentials without any interruption?
This may be a dumb questions, I just find it hard to wrap my head around this lease expiry and dynamic storage concept.
Additionally, appreciate if you can help me to figure out how to connect this kind of dynamic credential with a python service as well. Because, this code segment is pretty much fetches whatever the secret value available. It doesn’t cover dynamic credentials.
read_response = client.secrets.kv.read_secret_version(path='my-secret-password')
password = read_response['data']['data']['password']