Practise the standard verbs for issuing and managing Vault dynamic secrets.
0 / 5 completed
1 / 5
Fill in: 'We ___ short-lived database credentials dynamically through Vault for each application instance, rather than sharing one long-lived password across the whole fleet.'
We 'generate credentials' — the standard, established Vault collocation for producing a fresh secret per request via a dynamic engine. The other options aren't the recognised term here.
2 / 5
Fill in: 'Using a static shared database password instead of dynamic secrets can ___ a single leaked credential valid for every instance until someone manually rotates it.'
We say a static shared password will 'leave' a leak valid everywhere — the standard, natural collocation for the resulting exposure. The other options aren't idiomatic here.
3 / 5
Fill in: 'We ___ the lease duration on dynamic secrets to match how long an instance actually needs access, so a credential doesn't outlive the task it was issued for.'
We 'set a duration' — the standard, simple collocation for configuring how long an issued secret remains valid. The other options are less idiomatic here.
4 / 5
Fill in: 'We ___ a lease automatically before it expires for a still-running process, rather than letting the underlying database connection drop mid-task.'
We 'renew a lease' — the standard, established Vault collocation for extending a dynamic secret's validity before it expires. The other options aren't the recognised term here.
5 / 5
Fill in: 'We ___ every active lease across the fleet periodically, so a secret issued for a task that finished long ago isn't still sitting valid and unused.'
We 'audit' leases — the standard, simple collocation for periodically reviewing outstanding dynamic secrets. The other options are less idiomatic here.