bikram20/gist:dab23fcb5d88f2b465c2d8f37705a22c Secret

## gistfile1.txt
ubuntu@ip-10-0-0-10:/etc/ssl/certs$ cat audit-policy.yaml
apiVersion: audit.k8s.io/v1beta1
kind: Policy
rules:
  - level: RequestResponse
    users:
    - system:serviceaccount:calico-system:calico-typha
    - system:serviceaccount:calico-system:calico-node

ubuntu@ip-10-0-0-10:/etc/ssl/certs$

# Note that API server pod MUST be able to reach the audit policy configuration file (hence I copied it under a mounted folder), and log file (added a mount)
ubuntu@ip-10-0-0-10:/etc/ssl/certs$ kubectl get po -n kube-system kube-apiserver-ip-10-0-0-10  -o yaml | grep audit
    - --audit-policy-file=/etc/ssl/certs/audit-policy.yaml
    - --audit-log-path=/var/log/calico/audit/kube-audit.log
    - --audit-log-maxage=30
    - --audit-log-maxsize=200
    - mountPath: /var/log/calico/audit
      path: /var/log/calico/audit
ubuntu@ip-10-0-0-10:/etc/ssl/certs$
	ubuntu@ip-10-0-0-10:/etc/ssl/certs$ cat audit-policy.yaml
	apiVersion: audit.k8s.io/v1beta1
	kind: Policy
	rules:
	- level: RequestResponse
	users:
	- system:serviceaccount:calico-system:calico-typha
	- system:serviceaccount:calico-system:calico-node

	ubuntu@ip-10-0-0-10:/etc/ssl/certs$

	# Note that API server pod MUST be able to reach the audit policy configuration file (hence I copied it under a mounted folder), and log file (added a mount)
	ubuntu@ip-10-0-0-10:/etc/ssl/certs$ kubectl get po -n kube-system kube-apiserver-ip-10-0-0-10 -o yaml \| grep audit
	- --audit-policy-file=/etc/ssl/certs/audit-policy.yaml
	- --audit-log-path=/var/log/calico/audit/kube-audit.log
	- --audit-log-maxage=30
	- --audit-log-maxsize=200
	- mountPath: /var/log/calico/audit
	path: /var/log/calico/audit
	ubuntu@ip-10-0-0-10:/etc/ssl/certs$