tacker2000

I use both and am very satisfied, especially by Hetzner.

candiddevmike

Only complaint with Hetzner is they don't have some kind of OAuth setup for machines or scoped API tokens, just read/write. I'd like to use the former for doing Vault authentication from instances, and the latter for writing a dynamic Vault secret provider.

victor106

Can’t you use a third party IAM solution for this? Like Okta or keycloak?

mffap
zitadel supports service users with rbac. maybe give it a look/try: https://github.com/zitadel/zitadel