diff --git a/chart/templates/monitoring/values.yaml b/chart/templates/monitoring/values.yaml
index 1f068dd3ef274054daefbb67e39aca4d8b185f64..1566787f49a0bdfb0dc82637d0cc2682606d7519 100644
--- a/chart/templates/monitoring/values.yaml
+++ b/chart/templates/monitoring/values.yaml
@@ -133,6 +133,9 @@ redis:
 
 vault:
   enabled: {{ .Values.addons.vault.enabled }}
+vault:
+  enabled: {{ .Values.addons.vault.enabled }}
+  tlsDisable: {{ dig "global" "tlsDisable" true .Values.addons.vault.values }}
 
 global:
   imagePullSecrets:
diff --git a/chart/values.yaml b/chart/values.yaml
index 0a36443aa305b9f57919f40cabacfbd1d65e60ed..3c4bc207f612bcbe10c70fe639edf13fd9f5b76b 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -578,7 +578,7 @@ monitoring:
   git:
     repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git
     path: "./chart"
-    tag: "35.5.1-bb.1"
+    tag: "35.5.1-bb.2"
 
   # -- Flux reconciliation overrides specifically for the Monitoring Package
   flux:
@@ -1343,7 +1343,7 @@ addons:
     git:
       repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/vault.git
       path: "./chart"
-      tag: "0.20.1-bb.0"
+      tag: "0.20.1-bb.1"
 
     # -- Flux reconciliation overrides specifically for the Vault Package
     flux: {}
diff --git a/docs/production.md b/docs/production.md
index 9d7a3086259f09138b5635965226bf91fdd83e67..9c572784b4717e49cc2cae1f72955eec2a872eb2 100644
--- a/docs/production.md
+++ b/docs/production.md
@@ -237,7 +237,6 @@ addons:
         extraEnvironmentVars:
           # the istio gateway domain
           VAULT_API_ADDR: https://vault.bigbang.dev
-          VAULT_ADDR:  https://127.0.0.1:8200
           VAULT_SKIP_VERIFY: "true"
           VAULT_LOG_FORMAT: "json"
           VAULT_LICENSE: "your-license-key-goes-here"
@@ -257,11 +256,14 @@ addons:
               ui = true
 
               listener "tcp" {
-                tls_disable = 0
+                tls_disable = false
                 address = "[::]:8200"
                 cluster_address = "[::]:8201"
                 tls_cert_file = "/vault/tls/tls.crt"
                 tls_key_file  = "/vault/tls/tls.key"
+                telemetry {
+                  unauthenticated_metrics_access = true
+                }
               }
 
               storage "raft" {
@@ -298,7 +300,6 @@ addons:
               telemetry {
                 prometheus_retention_time = "24h"
                 disable_hostname = true
-                unauthenticated_metrics_access = true
               }
 
               service_registration "kubernetes" {}
diff --git a/tests/test-values.yaml b/tests/test-values.yaml
index 52db91e07c28fbe4f2b5c887c30ac4a11d56babd..faf80739934fda09baa6020fb9b381995d4dc5d7 100644
--- a/tests/test-values.yaml
+++ b/tests/test-values.yaml
@@ -1362,11 +1362,14 @@ addons:
               ui = true
 
               listener "tcp" {
-                tls_disable = 0
+                tls_disable = false
                 address = "[::]:8200"
                 cluster_address = "[::]:8201"
                 tls_cert_file = "/vault/tls/tls.crt"
                 tls_key_file  = "/vault/tls/tls.key"
+                telemetry {
+                  unauthenticated_metrics_access = true
+                }
               }
 
               storage "raft" {
@@ -1389,7 +1392,6 @@ addons:
               telemetry {
                 prometheus_retention_time = "24h"
                 disable_hostname = true
-                unauthenticated_metrics_access = true
               }
 
               service_registration "kubernetes" {}