found kubernetes vaultauth resources never picking up new policies, because they would infinitely renew their token. - set default max token length for roles to 1 day - changed all existing role token_max_ttl to match their token_ttl
- annotations as alias metadata does not work with openbao (idempotency issue) - set token_ttl to be 600 for all auth roles for kubernetes (min)
- add kubernetes auth role for identity namespace - add policy to access openldap bootstrap credentials
