Vault supports features like dynamic secrets generation, where you could create AWS keys that were only good for a limited time. Instead of long-lived creds stored as environment variables, you can update them every day, or every CI/CD run.
This would be great coupled with private HashiCorp Vault backend integration.
This would be brilliant.
You won't be notified about changes to this idea.