Handling secrets while hosting vault with docker on prem with the same application


I have a unique use case. I have an application that uses secrets.

This application will sometimes not have an internet connection or will have a high latency internet connection. when it does have an internet connection it will replicate data from a local database into a cloud warehouse.

Now, I was thinking of putting the vault using docker in the same machine as where the application will be running to avoid any sort of failure. However, the problem I am running into is that the root token will be required by this application even If I use the AppRole auth method to authenticate with and I don’t want to compromise that.

Any advice on this.