vault secrets enable database
vault write database/config/my-mysql-database
plugin_name=mysql-database-plugin
connection_url="{{username}}:{{password}}@tcp(127.0.0.1:3306)/"
allowed_roles="my-role"
username="root"
password="root-password-here"
vault write database/roles/my-role
db_name=my-mysql-database
creation_statements="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}';GRANT ALL PRIVILEGES ON . TO '{{name}}'@'%';"
default_ttl="1h"
max_ttl="24h"
// get a username & password vault read database/creds/my-role
or
curl
--header "X-Vault-Token: $ROOT_TOKEN"
http://127.0.0.1:8200/v1/database/creds/my-role