Provision optional configuration
The following configurations are optional:
- Audit binding: Optional - Configure connection to the audit logging collector
- Vault: Optional - Configures the properties to access a HashiCorp Vault
Audit Binding
This configuration is necessary to connect to your audit logging collector (e.g. Fluentd). By default, the audit logging is disabled since it is not meant to be used without a connection to an audit logging collector. If you do not wish Audit Logging, you can skip this configuration.
Configuration description:
| Parameter | Description |
|---|---|
| auditEnabled | Enables or disables the Audit logging. |
| connectionString | The Fluentd connectionString for Audit logging. |
Apply Configuration:
kind: Secret
apiVersion: v1
metadata:
name: k5-auditlog-settings
namespace: <k5-tools>
labels:
k5-configuration: 'true'
stringData:
auditEnabled: "boolean"
connectionString: "string"
Adjust metadata.namespace and stringData and then create this secret via UI or save it as a file and apply it with
the following command:
oc apply -f secret.yaml
Vault
Configures properties to access a HashiCorp Vault. This configuration is not mandatory!
Configuration description:
| Parameter | Description |
|---|---|
| url | The url of the HashiCorp Vault |
| role | The name of the role you configured in your vault. You can find information how to do that here. |
Losing/changing the vault configuration can cause errors and secrets need to be recreated.
Apply Configuration:
kind: Secret
apiVersion: v1
metadata:
name: k5-vault-binding
namespace: <k5-tools>
labels:
k5-configuration: 'true'
stringData:
url: "string"
role: "string"
Adjust metadata.namespace and stringData and then create this secret via UI or save it as a file and apply it with
the following command:
oc apply -f secret.yaml