Vault UI 404 - Helm chart in EKS


I’m testing out Vault in Kubernetes and am installing via the Helm chart. I’ve created an overrides file, it’s an amalgamation of a few different pages from the official docs.

The pods seem to come up OK and into Ready status and I can unseal vault manually using 3 of the keys generated. The API and Vault CLI seem to be working fine. I’m having issues getting 404 when browsing the UI though, the UI is presented externally on a Load Balancer in EKS. Here’s my config:

  enabled: true
  tlsDisable: false

  enabled: false


    enabled: true
    path: "/v1/sys/health?standbyok=true&sealedcode=204&uninitcode=204"
  # livenessProbe:
  #   enabled: true
  #   path: "/v1/sys/health?standbyok=true"
  #   initialDelaySeconds: 60

    VAULT_CACERT: /vault/userconfig/vault-server-tls/

    - type: secret
      name: vault-server-tls # Matches the ${SECRET_NAME} from above

    enabled: true
    config: |
      listener "tcp" {
        address = "[::]:8200"
        cluster_address = "[::]:8201"
        tls_cert_file = "/vault/userconfig/vault-server-tls/vault.crt"
        tls_key_file  = "/vault/userconfig/vault-server-tls/vault.key"
        tls_client_ca_file = "/vault/userconfig/vault-server-tls/"

      storage "file" {
        path = "/vault/data"

# Vault UI
  enabled: true
  serviceType: "LoadBalancer"
  serviceNodePort: null
  externalPort: 443

I’m still trying to get to grips with Vault. My liveness probe is commented out because it was permanently failing and causing the pod to be re-scheduled, even though checking the vault service status it appeared to be healthy and awaiting an unseal. That’s a side issue though compared to the UI, just mentioning in case the failing liveness is related.

If there’s a more suitable place for me to ask this question then my apologies, let me know and I’ll re-post it!