implementing-hashicorp-vault-dynamic-secrets

Installation
SKILL.md

Implementing HashiCorp Vault Dynamic Secrets

When to Use

  • Applications use static database credentials stored in configuration files or environment variables
  • AWS IAM access keys are long-lived and shared across services
  • Need to eliminate credential sprawl by generating short-lived, per-request secrets
  • Compliance requirements mandate credential rotation (PCI-DSS Requirement 8, NIST 800-53 IA-5)
  • Implementing zero-trust secret management where credentials are never stored at rest
  • Migrating from manual credential management to automated secrets lifecycle

Do not use for storing static secrets that cannot be dynamically generated (use Vault's KV secrets engine instead); dynamic secrets are for credentials that can be programmatically created and revoked on target systems.

Prerequisites

Installs
32
GitHub Stars
24.9K
First Seen
Apr 11, 2026
implementing-hashicorp-vault-dynamic-secrets — mukul975/anthropic-cybersecurity-skills