Is Vault the correct tool to store sensitive information about users, eg. theirs pay rate or personal id?
"Normal" employee/user must only have access to his own data but the users with accountancy role must have access to everyone data. Users are authenticated with ldap so I thought Vault would be a good option since it can integrate with ldap and I could use its policies to restrict access.
I cannot encrypt with secret environment variable cause not even DevOps are supposed to have access to the sensitive data of the users.