We have installed vault with integrated storage(raft enabled) in kubernetes.
We are primarily using secret engine kv-2 to keep our secrets and have kubernetes auth enabled.
We have sidecar injector as vault agent to get secrets for the pod.
vault auth enable kubernetes vault write auth/kubernetes/config \ kubernetes_host=https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT
the only place we have add the ttl is the role
vault write auth/kubernetes/role/internal \ bound_service_account_names=internal \ bound_service_account_namespaces=default \ policies=internal \ ttl=96h
even though the whole setup is working fine, lately we are seeing a lot of logs of
[INFO] expiration: revoked lease: lease_id=auth/kubernetes/login/h56ceaa43f672e5a2e66ef55f705b751f94dfdc8084bc5ab5a001e5a45d426e48
and we are not sure how to make sense of this(we are very new to vault). should we be worried or this are common logs or shall we increase the ttl to higher numbers.
Any suggestion will be of great help to us.