https://layer5io.github.io/exoscale-academy/pr-preview/pr-378/learning-paths/1e2a8e46-937c-47ea-ab43-5716e3bcab2e/workshop-cka-preparation/10.operations/exercises/audit/Recent content in Audit on Exoscale AcademyHugoenhttps://layer5io.github.io/exoscale-academy/pr-preview/pr-378/learning-paths/1e2a8e46-937c-47ea-ab43-5716e3bcab2e/workshop-cka-preparation/10.operations/exercises/audit/solution/Mon, 01 Jan 0001 00:00:00 +0000https://layer5io.github.io/exoscale-academy/pr-preview/pr-378/learning-paths/1e2a8e46-937c-47ea-ab43-5716e3bcab2e/workshop-cka-preparation/10.operations/exercises/audit/solution/<ol> <li> <p>On the <em>controlplane</em> node, create the file <em>/etc/kubernetes/audit-policy.yaml</em> with the following content:</p> <pre tabindex="0"><code>apiVersion: audit.k8s.io/v1 kind: Policy rules: - level: Metadata </code></pre></li> <li> <p>Edit the API Server Pod specification (in the file <em>/etc/kubernetes/manifests/kube-apiserver.yaml</em>) by adding the following two volume definitions:</p> <pre tabindex="0"><code>- name: audit hostPath: path: /etc/kubernetes/audit-policy.yaml type: File - name: audit-log hostPath: path: /var/log/kubernetes/audit/ type: DirectoryOrCreate </code></pre><p>and also add the following entries to the <em>volumeMounts</em> field of the container:</p> <pre tabindex="0"><code>- mountPath: /etc/kubernetes/audit-policy.yaml name: audit readOnly: true - mountPath: /var/log/kubernetes/audit/ name: audit-log readOnly: false </code></pre></li> <li> <p>Start a simple Pod:</p>