UNCLASSIFIED - NO CUI

Skip to content

Vault egress NP update, new VPCCidr value added

Ryan Garcia requested to merge network_policies into main

Vault doesn't need to talk to the kube-api directly, but does need egress access to AWS API for things like KMS, S3, etc.

Adding new section to KMS doc recommending VPC Endpoints be configured for things like KMS & S3 to be able to further lock down Vault egress and traffic doesn't leave the AWS network.

Relates https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/944

Merge request reports