How to block temporary account in mysql user table

I have a problem about vault account .
Each call to the vault will generate three temporary account in MYSQL user table.With the operation,the account will become more and more.
I wonder if there are some ways to block the temporary account or delete those account by modifying the configuration file.
image

Hi @meadowhuhu!

Could you elaborate a bit more on what you mean with “vault account”?
Do you mean Vault’s MySQL secrets engine? Or do you mean Vault’s MySQL storage engine?

Also, it would be super helpful to get more information on what you have done (configuration etc.) and what do you exactly mean with “call to vault”.

Cheers,
Michel

Hi Michel,

I’m sorry to disturb you.I made a mistake,in fact,Vault only creates one account.I added another two VaultOperations.read() in my init program, as follows:
(String)vaultOps.read(“database/creds/app1”).getData().get(“username”);
(String)vaultOps.read(“database/creds/app1”).getData().get(“password”);

About the vault account ,I think is the MySQL secret engine,my operation in vault like this:

vault write database/config/my-mysql-database \
plugin_name=mysql-database-plugin \
connection_url="{{username}}:{{password}}@tcp(127.0.0.1:3306)/" \
allowed_roles="app1" \
username="****" \
password="****"

vault write database/roles/app1 \
db_name=my-mysql-database \
creation_statements="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}';GRANT SELECT,INSERT,UPDATE ON *.* TO '{{name}}'@'%';" \
default_ttl="1h" \
max_ttl="24h"

I found “revocation_statements” could solve my problem about the growing account ,like this “revocation_statements drop user ‘{{name}}’@’%’;”

Thank you very much.

Best Reguards,
meadowhuhu