We recently released a new feature that allows users to create passwords with granular roles for their database access. This feature was implemented using Vitess Access Control Lists and VTTablet, but faced several challenges such as the need for a static configuration file that could be updated periodically, issues with user authorization state on the vttablet pods, and potential race conditions when updating the ACL configuration. To address these issues, we introduced a dynamic user credential store that allows for instant creation and deletion of user mappings to roles, without the need for a refresh interval. This approach enables seamless password role management for our customers, while avoiding common pitfalls associated with static ACL configuration files.