Login
    Contents x
    CyberArk Privilege Cloud Vault
    • 18 Jan 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    CyberArk Privilege Cloud Vault

    • Updated on 18 Jan 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    The CyberArk Privilege Cloud Vault integration enables Axonius to securely pull privileged credentials from CyberArk Privilege Cloud Vault. The integration helps to ensure that privileged credentials are secured in CyberArk Privilege Cloud Vault, rotated to meet company guidelines, and meet complexity requirements.

    Description of Product Integration

    Axonius uses the CyberArk Privilege Cloud API to fetch credentials from CyberArk Privilege Cloud Vault.

    The credentials are only fetched by Axonius when:

    • Creating a new adapter connection
    • Updating an existing adapter connection
    • Running an enforcement set
    • Fetching asset information for adapters during discovery cycles

    Axonius does not store the credentials anywhere and deletes any trace of credentials.


    To enable fetching credentials from your CyberArk Privilege Cloud Vault, you need to:

    1. Install and configure CyberArk Privilege Cloud Vault
    2. Configure login using CyberArk
    3. Have 'read' permissions for the passwords.
    4. Enable and configure the External Password Managers - Enterprise Password Management Settings in Axonius.
    5. Configure adapter connection credentials to fetch passwords from CyberArk Privilege Cloud Vault.

    Enable CyberArk Privilege Cloud Vault Integration

    Follow the guidelines in External Password Managers - Enterprise Password Management Settings to enable CyberArk Privilege Cloud Vault integration and allow Axonius to securely pull privileged credentials from CyberArk Privilege Cloud Vault.

    Working with CyberArk Privilege Cloud Vault

    Once the CyberArk Privilege Cloud Vault integration is enabled in Axonius, a new CyberArk Privilege Cloud Vault icon will appear in all password fields when configuring adapters or configuring Enforcement sets, allowing you to enter a password manually or to fetch the secret from CyberArk Privilege Cloud Vault.

    CyberArk%20PrivCloud

    To fetch the password from CyberArk Privilege Cloud Vault:

    1. In a password field, click the CyberArk Privilege Cloud Vault icon. If you have configured more than one password manager, click the vault icon Vaulticon.png and select Click CyberArk Privilege Cloud Vault from the drop-down. A CyberArk Privilege Cloud Vault dialog opens.

    CyberArkValut2

    1. In the dialog, specify the following parameters:

      1. Account ID (required) - The account the password belongs to. It uses the endpoints login and get password.

    2. Click Fetch.

      • If the fetch is successful, a green indication is displayed next to the CyberArk Privilege Cloud Vault icon. Hovering over the CyberArk Privilege Cloud Vault icon shows the credentials that you input.
    • If the fetch is unsuccessful, a red indication is displayed next to the CyberArk Privilege Cloud Vault icon. Hovering over the Click CyberArk Privilege Cloud Vault icon shows the error.

    CyberArkOnlineValut3

    Note:
    Typing or deleting any character in the textbox will change the password field back to a manual password input.
    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout