diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 9c1fe55..aba8863 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -43,6 +43,7 @@ edc-api-observability = { module = "org.eclipse.edc:api-observability", version.
 edc-fixtures-mgmtapi = { module = "org.eclipse.edc:management-api-test-fixtures", version.ref = "edc" }
 edc-monitor-otel = { module = "org.eclipse.edc:otel-monitor", version.ref = "edc" }
 edc-monitor-console = { module = "org.eclipse.edc:console-monitor", version.ref = "edc" }
+edc-events-nats = { module = "org.eclipse.edc:events-nats", version.ref = "edc" }
 
 # EDC spi dependencies
 edc-spi-web = { module = "org.eclipse.edc:web-spi", version.ref = "edc" }
diff --git a/k8s/apps/controlplane-config.yaml b/k8s/apps/controlplane-config.yaml
index 01dcf70..19a69c2 100644
--- a/k8s/apps/controlplane-config.yaml
+++ b/k8s/apps/controlplane-config.yaml
@@ -74,4 +74,10 @@ data:
   # Trusted Issuers
   edc.iam.trusted-issuer.issuer.id: "did:web:issuerservice.edc-v.svc.cluster.local%3A10016:issuer"
 
+  # NATS config for events
+  edc.events.nats.url: "nats://nats.edc-v.svc.cluster.local:4222"
+  edc.events.nats.stream: "edc-events"
+  edc.events.nats.create: "false"
+  edc.events.nats.create.force: "false"
+
   JAVA_TOOL_OPTIONS: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=1044"
\ No newline at end of file
diff --git a/k8s/apps/dataplane-config.yaml b/k8s/apps/dataplane-config.yaml
index 13970af..8ec6d76 100644
--- a/k8s/apps/dataplane-config.yaml
+++ b/k8s/apps/dataplane-config.yaml
@@ -42,3 +42,8 @@ data:
   edc.iam.siglet.issuer: "siglet-issuer"
   edc.iam.siglet.jwks.url: "http://siglet.edc-v.svc.cluster.local:8080/keys"
 
+  # NATS config for events
+  edc.events.nats.url: "nats://nats.edc-v.svc.cluster.local:4222"
+  edc.events.nats.stream: "edc-events"
+  edc.events.nats.create: "false"
+  edc.events.nats.create.force: "false"
\ No newline at end of file
diff --git a/k8s/apps/identityhub-config.yaml b/k8s/apps/identityhub-config.yaml
index 71086bf..bbb5099 100644
--- a/k8s/apps/identityhub-config.yaml
+++ b/k8s/apps/identityhub-config.yaml
@@ -52,4 +52,10 @@ data:
   #    proxy_set_header Host $host;
   #    proxy_set_header X-Forwarded-Proto $scheme;
   edc.iam.oauth2.issuer: "http://keycloak.edc-v.svc.cluster.local:8080/realms/edcv"
-  edc.iam.oauth2.jwks.url: "http://keycloak.edc-v.svc.cluster.local:8080/realms/edcv/protocol/openid-connect/certs"
\ No newline at end of file
+  edc.iam.oauth2.jwks.url: "http://keycloak.edc-v.svc.cluster.local:8080/realms/edcv/protocol/openid-connect/certs"
+
+  # NATS config for events
+  edc.events.nats.url: "nats://nats.edc-v.svc.cluster.local:4222"
+  edc.events.nats.stream: "edc-events"
+  edc.events.nats.create: "false"
+  edc.events.nats.create.force: "false"
\ No newline at end of file
diff --git a/k8s/apps/issuerservice-config.yaml b/k8s/apps/issuerservice-config.yaml
index 9d5b9a0..6209f82 100644
--- a/k8s/apps/issuerservice-config.yaml
+++ b/k8s/apps/issuerservice-config.yaml
@@ -64,4 +64,10 @@ data:
   # that is configured in the AttestationDefinition
   edc.datasource.membership.url: "jdbc:postgresql://postgres.edc-v.svc.cluster.local:5432/issuerservice"
   edc.datasource.membership.user: "issuer"
-  edc.datasource.membership.password: "issuer"
\ No newline at end of file
+  edc.datasource.membership.password: "issuer"
+
+  # NATS config for events
+  edc.events.nats.url: "nats://nats.edc-v.svc.cluster.local:4222"
+  edc.events.nats.stream: "edc-events"
+  edc.events.nats.create: "false"
+  edc.events.nats.create.force: "false"
\ No newline at end of file
diff --git a/k8s/base/nats.yaml b/k8s/base/nats.yaml
index 47b3df5..b9a9e11 100644
--- a/k8s/base/nats.yaml
+++ b/k8s/base/nats.yaml
@@ -84,6 +84,52 @@ data:
     trace: false
 
 ---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: nats-bootstrap
+  namespace: edc-v
+spec:
+  backoffLimit: 10
+  template:
+    metadata:
+      labels:
+        type: edcv-job
+    spec:
+      containers:
+        - name: nats-cli
+          image: natsio/nats-box:latest
+          env:
+            - name: NATS_URL
+              value: "nats://nats.edc-v.svc.cluster.local:4222"
+          command: [ "sh", "-ec" ]
+          args:
+            - |
+              echo "Waiting for NATS to be ready..."
+              until curl -sf http://nats.edc-v.svc.cluster.local:8222/healthz > /dev/null 2>&1; do
+                echo "NATS not ready yet, retrying in 2 seconds..."
+                sleep 2
+              done
+              echo "NATS is ready!"
+
+              nats stream add edc-events \
+                --server "$NATS_URL" \
+                --subjects "events.>" \
+                --storage file \
+                --replicas 1 \
+                --retention interest \
+                --discard old \
+                --max-msgs -1 \
+                --max-bytes -1 \
+                --max-age 0 \
+                --dupe-window 2m \
+                --defaults 2>/dev/null \
+              && echo "Stream 'edc-events' created" \
+              || echo "Stream 'edc-events' already exists, skipping"
+
+              echo "NATS bootstrap completed successfully!"
+      restartPolicy: OnFailure
+---
 apiVersion: v1
 kind: Service
 metadata:
diff --git a/launchers/controlplane/build.gradle.kts b/launchers/controlplane/build.gradle.kts
index 6d4e32f..b1f2c93 100644
--- a/launchers/controlplane/build.gradle.kts
+++ b/launchers/controlplane/build.gradle.kts
@@ -27,6 +27,7 @@ dependencies {
     runtimeOnly(libs.edc.spi.jwt)
     runtimeOnly(libs.edc.monitor.console)
     runtimeOnly(libs.edc.monitor.otel)
+    runtimeOnly(libs.edc.events.nats)
 
     runtimeOnly(libs.edc.vault.hashicorp)
     runtimeOnly(libs.bouncyCastle.bcprovJdk18on)
diff --git a/launchers/dataplane/build.gradle.kts b/launchers/dataplane/build.gradle.kts
index 91533dc..09836f2 100644
--- a/launchers/dataplane/build.gradle.kts
+++ b/launchers/dataplane/build.gradle.kts
@@ -26,6 +26,8 @@ dependencies {
     runtimeOnly(libs.edc.monitor.console)
     runtimeOnly(libs.edc.monitor.otel)
     runtimeOnly(libs.opentelemetry.exporter.otlp)
+    runtimeOnly(libs.edc.events.nats)
+
 }
 
 tasks.shadowJar {
diff --git a/launchers/identity-hub/build.gradle.kts b/launchers/identity-hub/build.gradle.kts
index 9b24dcf..059106f 100644
--- a/launchers/identity-hub/build.gradle.kts
+++ b/launchers/identity-hub/build.gradle.kts
@@ -27,6 +27,7 @@ dependencies {
     runtimeOnly(libs.edc.store.participantcontext.config.sql)
     runtimeOnly(libs.edc.monitor.console)
     runtimeOnly(libs.edc.monitor.otel)
+    runtimeOnly(libs.edc.events.nats)
 
     runtimeOnly(libs.opentelemetry.exporter.otlp)
 }
diff --git a/launchers/issuerservice/build.gradle.kts b/launchers/issuerservice/build.gradle.kts
index 51ef346..54f05ab 100644
--- a/launchers/issuerservice/build.gradle.kts
+++ b/launchers/issuerservice/build.gradle.kts
@@ -30,6 +30,7 @@ dependencies {
     runtimeOnly(libs.edc.store.participantcontext.config.sql)
     runtimeOnly(libs.edc.monitor.console)
     runtimeOnly(libs.edc.monitor.otel)
+    runtimeOnly(libs.edc.events.nats)
 
     runtimeOnly(libs.opentelemetry.exporter.otlp)
 }