diff --git a/000-scripts/vault-k8s-auth-endpoint.sh b/000-scripts/vault-k8s-auth-endpoint.sh
new file mode 100755
index 0000000..e74778a
--- /dev/null
+++ b/000-scripts/vault-k8s-auth-endpoint.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+HOST_IP=$(ip addr show eth0 | grep -Po 'inet \K[\d.]+')
+
+kubectl config view --raw --minify --flatten --output='jsonpath={.clusters[].cluster.certificate-authority-data}' | base64 --decode > ca.crt
+
+vault write auth/kubernetes/config \
+    kubernetes_host=https://${HOST_IP}:6443 \
+    kubernetes_ca_cert=@ca.crt
+rm ca.crt