Hello - We are doing an audit on hashicorp system, we would like to know if there are any built in service account that gets created as a vault installation. We are specifically targeting Hashicorp Vault enterprise version.
There are no built-in service accounts in Vault. When a Vault instance is initialized, Vault will generate a root token which is the only authorized method to access Vault initially. The token is used for additional configuration of alternate methods of authentication.
Along with what @christopher.stella said, best-practice guide states that the root token should be revoked after a proper authentication and user is setup to access Vault.