Configure HashiCorp Vault

This page outlines the configuration values for the HashiCorp Vault deployed via Axual Governance Helm chart.

About HashiCorp Vault

HashiCorp Vault is an identity-based secrets and encryption management system.

HashiCorp Vault Configuration

Since we are using the official vault helm charts, we suggest looking at the HashiCorp public documentation to have a complete list of configurations.

HashiCorp Vault Repository Configuration

You can also override the imagePullSecrets; if not specify the Vault pod will use the global.imagePullSecrets

values.yaml

platform-manager-vault:
  global:
    imagePullSecrets:
      - name: axualdockercred

HashiCorp Vault Server Configuration

You can configure the HashiCorp Vault Server to use an ingress to be exposed outside the k8s cluster, like the following

values.yaml

platform-manager-vault:
  server:
    ingress:
      enabled: true
      activeService: false
      ingressClassName: ""
      hosts:
        - host: "chart-example.local"
          paths:
            - "/"

HashiCorp Vault DataStorage Configuration

You can configure the HashiCorp Vault DataStore like the following

values.yaml

platform-manager-vault:
  server:
    dataStorage:
      storageClass: "hostpath"