diff --git a/infra/vault.md b/infra/vault.md
index de5d03e..07f0ef3 100644
--- a/infra/vault.md
+++ b/infra/vault.md
@@ -1,6 +1,6 @@
 ---
 title: Vault 시크릿 관리
-updated: 2026-04-13
+updated: 2026-04-14
 tags: [infra, vault, security]
 ---
 
@@ -28,21 +28,21 @@ Vault root token은 만료 없음 (TTL: 0s)
 ⚠️ **KV v1** — 버전 관리 없음. 덮어쓰기 주의.
 ⚠️ **시크릿 읽을 때 모든 키를 확인할 것** — 한 경로에 여러 키가 있음 (예: cloudflare에 api_token과 global_api_key 둘 다 있음)
 
-### 전수 목록 (2026-04-13 실측)
+### 전수 목록 (2026-04-14 실측)
 
 | 카테고리 | 경로 | 내용 |
-|----------|------|------|
-| ai/ | brave, context7, deepseek, google/drive-mcp, openai, openrouter, pinecone, testsprite, vertex | AI/LLM API |
-| apps/ | anomaly-detect, cf-multisite, discord, figma, gitea, gitea/registry, k3s, myapp, n8n, nocodb, ops-agents-ssh, outline, portainer, postgres, sftpgo, telegram-ai-support, trader, twilio, waf-saas | 자체 앱/서비스 |
-| auth/ | api-keys/openai, api-keys/stripe, google/ca/ | 인증 |
-| cloud/ | alibaba, aws, backblaze, backblaze/restic, bunnycdn, cloudflare, cloudflare-netbis, cloudflare/r2, cloudflare/turnstile-crowdsec-captcha, cloudflare/turnstile-inouter-bunny, latitude, lightsail, linode, r2-gitea, r2-multisite, r2-sftpgo, supabase, vultr, zenlayer | 클라우드 프로바이더 |
-| company/ | bank, info, ironclad, korbit, koreaexim, popbill | 회사/비즈니스 |
-| database/ | bunnydb/cs-blocklist, postgres, redis | DB |
-| domain/ | globalping, maxmind, namecheap, namecheap/api, namecheap/api-server, namecheap/deposit-api, namecheap/registrant | 도메인/DNS |
-| infra/ | apisix, argocd, cert-manager, cf-tunnel-manager, crowdsec-bunny-bouncer, google/eab, k8s/infra-tool, mariadb, safeline, ssh, ssh/id_ed25519, tailscale | 인프라 서비스 |
-| messaging/ | discord-brokkr, discord-claude-code, discord/bot, discord/claudechannel, discord/nocodb-webhook, discord/webhook-heimdall, discord/webhook-relay, mailgun/api-key, mailgun/smtp, telegram | 메시징/알림 |
-| openclaw/ | discord/, gateway/, gitea/, integrations/, oauth/, runtime/, test, tools/ | OpenClaw 에이전트 시스템 |
-| product/ | irondesk/ | 제품 관련 |
+|----------| ai/ | brave, context7, deepseek, google/drive-mcp, openai, openrouter, pinecone, testsprite, vertex |
+| apps/ | anomaly-detect, cfb-manager, cf-multisite, discord, figma, gitea, gitea/registry, k3s, myapp, n8n, nocodb, ops-agents-ssh, outline, portainer, postgres, sftpgo, telegram-ai-support, trader, twilio, waf-saas |
+| auth/ | api-keys/openai, api-keys/stripe, github/oauth-gitea, google/ca/external-account-key, google/ca/service-account, google/oauth-gitea |
+| cloud/ | alibaba, aws, backblaze, backblaze/restic, bunnycdn, cloudflare, cloudflare-netbis, cloudflare/r2, cloudflare/turnstile-crowdsec-captcha, cloudflare/turnstile-inouter-bunny, latitude, lightsail, linode, r2-gitea, r2-multisite, r2-sftpgo, supabase, vultr, zenlayer |
+| company/ | bank, info, ironclad, korbit, koreaexim, popbill |
+| database/ | bunnydb/cs-blocklist, postgres, redis |
+| domain/ | globalping, maxmind, namecheap, namecheap/api, namecheap/api-server, namecheap/deposit-api, namecheap/registrant |
+| infra/ | apisix, argocd, cert-manager, cf-tunnel-manager, crowdsec-bunny-bouncer, google/eab, k8s/infra-tool, mariadb, safeline, ssh, ssh/id_ed25519, tailscale, vault-sync |
+| messaging/ | discord/bot, discord-brokkr, discord/claudechannel, discord-claude-code, discord/nocodb-webhook, discord/webhook-heimdall, discord/webhook-relay, mailgun/api-key, mailgun/smtp, telegram |
+| openclaw/ | discord/main-bot, gateway/local, gitea/main, integrations/discord, oauth/gmail, runtime/test, test, tools/brave |
+| product/ | irondesk/ton-wallet, irondesk/tron |
+
 
 ### 자주 사용하는 시크릿 (빠른 참조)