I have a vault agent that renders out a secret based on an LDAP dynamic role.
The agent is retrieving a new secret every 5 minutes. This appears like the template considers it a non-renewable secret as per the template docs.
Why doesn’t the vault agent consider this a non-renewable leased secret, and leave it for as long as it is configured to live?
Presumably, because the agent loses that context when it restarts?