diff --git a/apps/vault/deployment.yaml b/apps/vault/deployment.yaml
index 67e4db1..01e1785 100644
--- a/apps/vault/deployment.yaml
+++ b/apps/vault/deployment.yaml
@@ -13,21 +13,27 @@ spec:
       labels:
         app: vault
     spec:
+      securityContext:
+        fsGroup: 1000
       containers:
-        - name: vault
-          image: hashicorp/vault:1.17
-          args:
-            - "server"
-          env:
-            - name: VAULT_LOCAL_CONFIG
-              value: |
-                {"backend": {"file": {"path": "/vault/file"}}, "listener": {"tcp": {"address": "0.0.0.0:8200", "tls_disable": 1}}, "ui": true}
-          ports:
-            - containerPort: 8200
-          volumeMounts:
-            - name: vault-data
-              mountPath: /vault/file
+      - name: vault
+        image: hashicorp/vault:1.16
+        args:
+          - "server"
+          - "-config=/vault/config/vault.hcl"
+        securityContext:
+          runAsUser: 0
+          capabilities:
+            add:
+              - IPC_LOCK
+        ports:
+        - containerPort: 8200
+        - containerPort: 8201
+        volumeMounts:
+        - name: config
+          mountPath: /vault/config
       volumes:
-        - name: vault-data
-          persistentVolumeClaim:
-            claimName: vault-data
+      - name: config
+        configMap:
+          name: vault-config
+