Simplifying Zero Trust Security for AWS with Teleport
Jan 23
Virtual
Register Now
Teleport logoTry For Free
Fork me on GitHub

Teleport

teleport-plugin-event-handler Chart Reference

The teleport-plugin-event-handler Helm chart is used to configure the Event Handler Teleport plugin which allows users to send events and session logs to a Fluentd instance for further processing or storage.

You can browse the source on GitHub.

This reference details available values for the teleport-plugin-event-handler chart.

Warning

Backing up production instances, environments, and/or settings before making permanent modifications is encouraged as a best practice. Doing so allows you to roll back to an existing state if needed.

teleport.address

TypeDefault valueRequired?
string""Yes

This parameter contains the host/port combination of the Teleport Auth Service.

values.yaml example:

teleport:
  address: "teleport.example.com:3025"

teleport.identitySecretName

TypeDefault valueRequired?
string""Yes

Name of the Kubernetes secret that contains the credentials for the connection.

The secret should be in the following format:

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: teleport-plugin-event-handler-identity
data:
  auth_id: ...

values.yaml example:

teleport:
  identitySecretName: "teleport-plugin-event-handler-identity"

teleport.identitySecretPath

TypeDefault valueRequired?
string"auth_id"No

Name of the key in the Kubernetes secret that holds the credentials for the connection. If the secret follows the format above, it can be omitted.

values.yaml example:

teleport:
  identitySecretPath: "auth_id"

fluentd.url

TypeDefault valueRequired?
string""Yes

Fluentd URL where the events will be sent.

values.yaml example:

fluentd:
  url: "https://fluentd:24224/events.log"

fluentd.sessionUrl

TypeDefault valueRequired?
string""Yes

Fluentd URL where the session logs will be sent.

values.yaml example:

fluentd:
  sessionUrl: "https://fluentd:24224/session.log"

fluentd.certificate.secretName

TypeDefault valueRequired?
string""Yes

Secret containing the credentials to connect to Fluentd. It must to contain the CA certificate, the client key and the client certificate.

values.yaml example:

fluentd:
  secretName: "teleport-plugin-event-handler-fluentd"

fluentd.certificate.caPath

TypeDefault valueRequired?
string"ca.crt"No

Name of the key which contains the CA certificate inside the secret.

values.yaml example:

fluentd:
  caPath: "ca.crt"

fluentd.certificate.keyPath

TypeDefault valueRequired?
string"client.key"No

Name of the key which contains the client's private key inside the secret.

values.yaml example:

fluentd:
  keyPath: "client.key"

fluentd.certificate.certPath

TypeDefault valueRequired?
string"client.crt"No

Name of the key which contains the client's certificate inside the secret.

values.yaml example:

fluentd:
  certPath: "client.crt"

log.output

TypeDefault valueRequired?
stringstdoutNo

Logger output. Can be stdout, stderr or a file name, eg. /var/log/teleport/fluentd.log.

values.yaml example:

log:
  output: /var/log/teleport/fluentd.log

log.severity

TypeDefault valueRequired?
stringstdoutNo

Logger severity. Possible values are INFO, ERROR, DEBUG or WARN.

values.yaml example:

log:
  severity: DEBUG