For Cloud integrations, you can configure the Control Room and external key vault integration using the Automation 360 Control Room user interface.

The Agent auto-login and Agent automation use cases are only supported on Automation 360 Cloud Control Room instances. Neither of these use cases affect the Control Room boot sequence or Control Room functionality.

Ensure that you understand the key vault naming convention requirements before you integrate the AWS Secrets Manager. See External key vault naming conventions.

Note: Bootstrap and service account credential retrieval use cases are not supported on Cloud Control Room instances because the database and services are managed internally by Automation Anywhere. There is no compliance use case (requirement) for these credentials to be stored in the customer external key vault.
  1. The AWS account used to connect to AWS does not require an IAM role. Instead, you need the specific AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY for the AWS account in order to configure the external key vault connector through Automation 360 Control Room.
    Item Description
    AWS_ACCESS_KEY_ID The AWS environment variable that specifies an AWS access key associated with an IAM user or role.
    AWS_SECRET_ACCESS_KEY The AWS environment variable that specifies the secret key associated with the access key.
    Region A separate geographic area that AWS uses to house its infrastructure.
  2. Log in to the Automation 360 Control Room as the Administrator.
  3. From the Control Room, navigate to Administration > Settings > External key vault .
  4. Click the Edit icon to open the Configuration settings pane.
  5. Click AWS and then enter the specific AWS information described in the preceding table.
  6. Click Save changes to connect the external key vault.
Next steps