HashiCorp Vault is a tool for securely accessing secrets, such as API keys, passwords, or certificates, and provides a unified interface to access any secret while providing tight access control and recording an audit log. The Couchbase Secrets Engine for HashiCorp Vault supports root credential rotation, dynamic and static roles, and setting default password policies to meet organizational requirements. The engine packages the secrets engine as part of the general database secrets engine and is packaged as a Database Secrets Engine Plugin, available with all versions of Vault. It provides a secure way to manage credentials for Couchbase databases, reducing the blast radius in case of credential leakage by leveraging just-in-time ephemeral credentials.