mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-11-06 13:38:01 +00:00
f4f0412b6a
* Convert documentation titles to sentense case * Docker, Google, Foundry, Cloud proper case
53 lines
1.1 KiB
Plaintext
53 lines
1.1 KiB
Plaintext
---
|
|
layout: 'docs'
|
|
page_title: 'Standalone Server with Audit Storage'
|
|
sidebar_current: 'docs-platform-k8s-examples-standalone-audit'
|
|
description: |-
|
|
Describes how to set up a standalone Vault with audit storage
|
|
---
|
|
|
|
# Standalone server with audit storage
|
|
|
|
@include 'helm/version.mdx'
|
|
|
|
The below `values.yaml` can be used to set up a single server Vault cluster with
|
|
auditing enabled.
|
|
|
|
```yaml
|
|
server:
|
|
standalone:
|
|
enabled: true
|
|
config: |
|
|
listener "tcp" {
|
|
tls_disable = true
|
|
address = "[::]:8200"
|
|
cluster_address = "[::]:8201"
|
|
}
|
|
|
|
storage "file" {
|
|
path = "/vault/data"
|
|
}
|
|
|
|
service:
|
|
enabled: true
|
|
|
|
dataStorage:
|
|
enabled: true
|
|
size: 10Gi
|
|
storageClass: null
|
|
accessMode: ReadWriteOnce
|
|
|
|
auditStorage:
|
|
enabled: true
|
|
size: 10Gi
|
|
storageClass: null
|
|
accessMode: ReadWriteOnce
|
|
```
|
|
|
|
After Vault has been deployed, initialized and unsealed, auditing can be enabled
|
|
by running the following command against the Vault pod:
|
|
|
|
```shell-session
|
|
$ kubectl exec -ti <POD NAME> -- vault audit enable file file_path=/vault/audit/vault_audit.log
|
|
```
|