Merge pull request #5 from DataDog/ianferguson/enable_audit_logs_inde…

…mo_vault Enable vault audit logs during demo runs
DataDog · Jun 16, 2024 · 73424c0 · 73424c0
2 parents ef546db + 6404f87
commit 73424c0
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -23,4 +23,5 @@ go.work.sum
 
 /attache
 /demo-runner
+/demo/vault-audit.log
 bin/
diff --git a/demo/vault.sh b/demo/vault.sh
@@ -23,6 +23,8 @@ if [[ -z "$V_GCP_SERVICE_ACCOUNT_JSON" ]]; then
   exit 1
 fi
 
+vault audit enable file file_path="./demo/vault-audit.log"
+
 vault secrets enable -path cloud-iam/aws/601427279990 aws
 vault write cloud-iam/aws/601427279990/config/root access_key="$V_AWS_ACCESS_KEY" secret_key="$V_AWS_SECRET_KEY"
 vault write cloud-iam/aws/601427279990/roles/frostbite-falls_bullwinkle credential_type=assumed_role role_arns="arn:aws:iam::601427279990:role/dd.frostbiteFalls_bullwinkle"