Can you enable audit through config file?

Is it possible to use a config file to enable audit logs?

I’m expecting to be able to add it to my config.hcl and have audit enabled on container startup, but so far it’s not working. I’m not sure if it’s user error or if it’s unsupported.

storage "raft" {
  path    = "/vault/data"
  node_id = "node1"

listener "tcp" {
  address     = ""
  tls_disable = "true"

api_addr = ""
cluster_addr = ""
ui = true

audit "file" {
  enabled = true
  path = "/vault/logs/audit.log"

Why are you expecting this?

I’m afraid you’ve just made up some syntax that doesn’t exist - audit configuration is via the API only.

1 Like