Cloud integration using Azure Key Vault

For Cloud integrations, you can configure the Control Room and external key vault integration using the Automation 360 Control Room user interface.

The Agent auto-login and Agent automation use cases are only supported on Automation 360 Cloud Control Room instances. Neither of these use cases affect the Control Room boot sequence or Control Room functionality.

Note: Bootstrap and service account credential retrieval use cases are not supported on Cloud Control Room instances because the database and services are managed internally by Automation Anywhere. There is no compliance use case (requirement) for these credentials to be stored in the customer external key vault.

Prerequisites

Ensure that you add your regional outbound Cloud IP addresses to the trusted or allowed list in your Azure Key Vault network settings.

See: Control Room IP addresses for external integrations.

  1. Gather the specific Azure information required to configure the external key vault connector using the Automation 360 Control Room.
    Item Description
    Vault URL The Azure Key Vault URL of the resource group (for example: https://user-db-vault.vault.azure.net/).
    Client ID The client (application) ID of an App Registration in the tenant.
    Client Secret A client secret that was generated for the App Registration.
    Tenant ID The Azure Active Directory tenant (directory) ID.
  2. Log in to the Automation 360 Control Room as the Administrator.
  3. From the Control Room, navigate to Administration > Settings > External key vault.
  4. Click the Edit icon to open the Configuration settings pane.
  5. Click Azure and then enter the specific Azure information described in the preceding table.
  6. Click Save changes to connect the external key vault.