Following the backend reference docs to configure PostgreSQL backend/audit logs (or Athena audit logs) causes Teleport to emit an error when using the reference configs:
We should add a callout and links in these sections of the docs explaining how to configure HA session recording storage as well.
Merely telling people to use local file storage is not a good solution; although it will make the error go away in the short term, there will be inconsistencies in true HA setups where logs are written to one of the configured auth servers and are thus unavailable for playback on demand.
For reference, though, if anyone does want to work around this for testing on single-node clusters, you can set this in the config and restart:
auth_service:
storage:
# for local testing on single-node clusters ONLY
audit_sessions_uri: "file:///var/lib/teleport/log/records"
How will we know this is resolved?
Follow the docs and ensure that Teleport starts after implementing the reference config and following the notes.
Applies To
https://goteleport.com/docs/reference/backends/#postgresql https://goteleport.com/docs/reference/backends/#athena
Details
Following the backend reference docs to configure PostgreSQL backend/audit logs (or Athena audit logs) causes Teleport to emit an error when using the reference configs:
We should add a callout and links in these sections of the docs explaining how to configure HA session recording storage as well.
Merely telling people to use local file storage is not a good solution; although it will make the error go away in the short term, there will be inconsistencies in true HA setups where logs are written to one of the configured auth servers and are thus unavailable for playback on demand.
For reference, though, if anyone does want to work around this for testing on single-node clusters, you can set this in the config and restart:
How will we know this is resolved?
Follow the docs and ensure that Teleport starts after implementing the reference config and following the notes.
Related Issues