Batch tokens are designed for specific, transient use cases. The HashiCorp Vault documentation states: " Batch tokens are lightweight and scalable and include just enough information to be used with Vault. They are generally used for ephemeral, high-performance workloads, such as encrypting data. " This makes them ideal for short-lived, high-volume, or ‘ephemeral’ tasks (D) .
The docs contrast: " Unlike service tokens, which are renewable and suited for long-lived processes, batch tokens have a fixed TTL and cannot be renewed. " Options like generating dynamic credentials (A) and daily batch jobs (C) align more with service tokens, while renewing tokens (B) isn’t a batch token function. Thus, D is correct.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit