How to use Vault dynamic secretes and inject them as ENV to k8s?

Hi Everyone,

I have a question about dynamic secrets with MongoDB Atlas.

  • We run a Vault cluster (Deployed by helm) and some microservices all on k8s.

  • Our MongoDB atlas connection string configured as ENV on microservices deployment.

We want to continue using ENV without changing the code to read the vault config file.
So, we tried the examples from here:

The injection to ENV works but when the vault rotates the credentials we need to recreate the pod that it will inject again to the ENV.

I would like to know what the best solution to use dynamic secrets with ENV on k8.