Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat/vault audit otlp #24

Merged
merged 7 commits into from
May 10, 2024
Merged

Feat/vault audit otlp #24

merged 7 commits into from
May 10, 2024

Conversation

in0rdr
Copy link
Contributor

@in0rdr in0rdr commented Dec 6, 2023
edited
Loading

Adds:

  • OpenTelemetry Collector to read audit logs from Vault tcp audit backend and push the logs to Grafana Loki
  • Promtail configuration to push Kubernetes Pod/container logs to Grafana Loki
  • Network policies for tcp communication among the audit components (Vault/Promtail/OTLP/Loki/Grafana), Cilium policies can be added later

Changes:

  • Vault deployment with 3 nodes, replaced with 1 node, added a comment that it can be scaled
  • Ingress config done in Helm/yaml not in Terraform
  • Only one Vault API endpoint vault.playground.lab, don't know why we would need two

@in0rdr in0rdr requested a review from a team as a code owner December 6, 2023 16:15
in0rdr
in0rdr commented Dec 6, 2023
View reviewed changes
USAGE.md Show resolved Hide resolved
@in0rdr
feat(vso): move files to dir
23923a7
@in0rdr
feat: configure ingress w/ yaml
afd4081 
Configure ingress with Helm/yaml instead of using Terraform. Also
simplify the yaml file for the Vault deployment a bit to have less
configuration code.
@in0rdr
feat: add network policies
f0803a6
in0rdr
in0rdr commented Dec 8, 2023
View reviewed changes
SETUP.md Show resolved Hide resolved
in0rdr
in0rdr commented Dec 8, 2023
View reviewed changes
USAGE.md Show resolved Hide resolved
in0rdr
in0rdr commented Dec 8, 2023
View reviewed changes
USAGE.md Show resolved Hide resolved
in0rdr
in0rdr commented Dec 8, 2023
View reviewed changes
Vault-Deployment/ingress.tf Outdated Show resolved Hide resolved
@in0rdr in0rdr mentioned this pull request Dec 8, 2023
Open
@in0rdr in0rdr requested review from eyenx and pree May 10, 2024 07:26
@in0rdr
Copy link
Contributor Author

in0rdr commented May 10, 2024

what do you think, should we merge the changes?

pree
pree approved these changes May 10, 2024
View reviewed changes
Copy link
Member

@pree pree left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's get this merged!

@in0rdr in0rdr merged commit 1ff11d7 into main May 10, 2024
@in0rdr in0rdr deleted the feat/vault-audit-otlp branch May 10, 2024 12:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Xelef2000 Xelef2000 Xelef2000 approved these changes

@pree pree pree approved these changes

@norbertgruszka norbertgruszka Awaiting requested review from norbertgruszka

@eyenx eyenx Awaiting requested review from eyenx

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@in0rdr @eyenx @pree @Xelef2000