vault helm

No introduction found. Create it?

Install

Install with:

helm repo add hashicorp-charts https://helm.releases.hashicorp.com/
helm install vault hashicorp-charts/vault -f values.yaml

Examples

See examples from other people.

Top Repositories (2 out of 8)

NameRepoStarsVersionTimestamp
vaultcoolguy1771/home-ops550.27.05 months ago
vaulth3mmy/bloopySphere500.27.05 months ago

Values

See the most popular values for this chart:

KeyTypes
boolean
string
string
string
boolean
string
string
string
string
string
string
string
string
string
string
string
string
boolean
string
server.ingress.standalone.config (2)
log_format = "json" log_level = "debug" ui = true cluster_name = "behndev-prod" storage "file" { path = "/vault/data" } # HTTPS listener listener "tcp" { address = "[::]:8200" cluster_address = "[::]:8201" tls_disable = 1 } telemetry { prometheus_retention_time = "24h" disable_hostname = true }
string
boolean
string
string
string
boolean
server.ha.raft.config (4)
ui = true listener "tcp" { address = "[::]:8200" cluster_address = "[::]:8201" tls_cert_file = "/vault/userconfig/tls-server/tls-combined.pem" tls_key_file = "/vault/userconfig/tls-server/tls.key" # tls_client_ca_file = "/vault/tls-server/client-auth-ca.pem" # Enable unauthenticated metrics access (necessary for Prometheus Operator) telemetry { unauthenticated_metrics_access = "true" } } seal "awskms" { region = "us-east-1" } storage "raft" { path = "/vault/data" retry_join { leader_api_addr = "https://vault-0.vault-internal:8200" leader_ca_cert_file = "/vault/userconfig/tls-server/ca.crt" leader_client_cert_file = "/vault/userconfig/tls-server/tls.crt" leader_client_key_file = "/vault/userconfig/tls-server/tls.key" } } service_registration "kubernetes" {}
string
boolean
boolean
number
string
string
string
string
boolean
string
string
string
server.extraEnvironmentVars.GOOGLE_APPLICATION_CREDENTIALS (3)
/vault/userconfig/kms-vault-unseal/serviceaccount.json
string
string
server.extraEnvironmentVars.VAULT_CACERT (1)
/vault/userconfig/tls-server/ca.crt
string
string
string
string
boolean
server.readinessProbe.path (3)
/v1/sys/health?standbyok=true&sealedcode=204&uninitcode=204
string
boolean
server.standalone.config (1)
ui = true storage "file" { path = "/vault/data" } #seal "transit" { # disabled = "false" # address = "${SECRET_VAULT_URL}" # token = "${SECRET_VAULT_TOKEN}" # disable_renewal = "false" # key_name = "autounseal" # mount_path = "transit/" # tls_skip_verify = "true" #} seal "gcpckms" { disabled = "false" project = "${SECRET_GCP_PROJECT}" region = "europe-west3" key_ring = "home-infra" crypto_key = "vault-unseal" } listener "tcp" { tls_disable = 1 address = "[::]:8200" cluster_address = "[::]:8201" telemetry { unauthenticated_metrics_access = "true" } } telemetry { prometheus_retention_time = "24h", disable_hostname = true } # service_registration "kubernetes" {}
string
string
boolean
string
boolean
string
server.extraSecretEnvironmentVars[].envName (1)
AWS_SECRET_ACCESS_KEY
AWS_ACCESS_KEY_ID
VAULT_AWSKMS_SEAL_KEY_ID
string
server.extraSecretEnvironmentVars[].secretKey (1)
AWS_SECRET_ACCESS_KEY
AWS_ACCESS_KEY_ID
VAULT_AWSKMS_SEAL_KEY_ID
string
server.extraSecretEnvironmentVars[].secretName (1)
vault-secret
vault-secret
vault-secret
string
server.image.repository (1)
proxy.registry.beryju.org/hashicorp/vault
string
boolean
number
server.livenessProbe.path (1)
/v1/sys/health?standbyok=true
string
string
boolean
boolean
boolean
boolean
boolean
server.tolerations (1)
- key: "arm" operator: "Exists"
string
boolean
string
boolean
number
boolean
number
boolean
boolean
string
string
string
string
string
string
csi.image.repository (1)
hashicorp/vault-csi-provider
string
string
boolean
boolean
boolean
boolean
boolean
ingress.annotations (1)
kubernetes.io/ingress.class: nginx hajimari.io/enable: "true" hajimari.io/icon: "bank"
string
boolean
ingress.hosts[].host (1)
vault.${SECRET_DOMAIN}
string
string
ingress.tls[].hosts[] (1)
- vault.${SECRET_DOMAIN}
string
string
string
boolean
string
string
boolean
number
string
string
string
string
boolean
string
string
number
boolean
serverTelemetry.prometheusRules.rules[].alert (1)
vault-HighResponseTime
vault-HighResponseTime
string
serverTelemetry.prometheusRules.rules[].annotations.message (1)
The response time of Vault is over 500ms on average over the last 5 minutes.
The response time of Vault is over 1s on average over the last 5 minutes.
string
serverTelemetry.prometheusRules.rules[].expr (1)
vault_core_handle_request{quantile="0.5", namespace="vault-system"} > 500
vault_core_handle_request{quantile="0.5", namespace="vault-system"} > 1000
string
string
string
boolean