What is the application flow to use vault to manage credentials and env values?

What is the application flow when use vault?

Each request in vault retrieve values or information is collected in start-up? Or infrastructure collected the values for application?

When to use to create database secret, what the behavior when the ttl expires?
Is necessary the re-launch my application? Or my application create the state of my secret to manage the ttl?

What the Best practice or reference implementation?


Hi, really depends on your architecture. Are you running your application in K8s?

Hi @mirkop-mattr, thank’s for your answer.

I not running in K8S.
I using EC2 and ECS clusters for application in container.

I already have a Consul cluster for my environment variable.
But each modification in Consul, I restart my application.