~> **Note:** As of Vault Enterprise 1.8, the license must be specified via HCL configuration or environment variables on startup, unless the Vault cluster was created with an older Vault version and the license was stored. More information is available in the [Vault Enterprise License docs](/docs/enterprise/license).
First create a Kubernetes secret using the contents of your license file. For example, the following commands create a secret with the name `vault-ent-license` and key `license`:
In your chart overrides, set the values of [`server.image`](/docs/platform/k8s/helm/configuration#image-2) to one of the enterprise [release tags](https://hub.docker.com/r/hashicorp/vault-enterprise/tags). Also set the name of the secret you just created in [`server.enterpriseLicense`](/docs/platform/k8s/helm/configuration#enterpriselicense).
- Wait until [`vault license inspect`](/docs/commands/license/inspect) shows the updated license
Since the `inspect` command is reading the license file from the mounted secret, this tells you when the updated secret has been propagated to the mount on the Vault pod.
```shell
kubectl exec vault-0 -- vault license inspect
```
- Reload Vault's license config
You may use the [`sys/config/reload/license` API endpoint](/api-docs/system/config-reload#reload-license-file):
In your chart overrides, set the values of `server.image` to one of the enterprise [release tags](https://hub.docker.com/r/hashicorp/vault-enterprise/tags). Install the chart, and initialize and unseal vault as described in [Running Vault](/docs/platform/k8s/helm/run).
After Vault has been initialized and unsealed, setup a port-forward tunnel to the Vault Enterprise cluster:
```shell
kubectl port-forward vault-0 8200:8200
```
Next, in a separate terminal, create a `payload.json` file that contains the license key like this example:
```json
{
"text": "01ABCDEFG..."
}
```
Finally, using curl, apply the license key to the Vault API:
