Automation Anywhere 설명서 읽기 및 검토

Automation 360

콘텐츠 닫기

콘텐츠

콘텐츠 열기

Utility for key vault and database authentication configuration

  • 업데이트: 2021/11/30
    • Automation 360 v.x
    • 탐색
    • RPA Workspace

Utility for key vault and database authentication configuration

Change your database and key vault configuration settings by downloading and deploying this interactive utility to edit the JRE that is used by the Automation Anywhere Control Room to authenticate users.

This utility can be used to configure key vault integration post-installation or to reconfigure the key vault integration in response to some failure related key vault connection details, database authentication method, and/or database credential identifier within external key vault. Use during network downtime as to not interfere with existing RPA processes that may be underway.

To run this utility, you will need to access to the Automation Anywhere Control Room installation directory that was created during the installationAutomation 360. For example, C:\Program Files\Automation Anywhere\Enterprise and have downloaded the latest version of the utility.

주: To download the jar file that will be used to update the directory, open a browser and proceed to A-People Downloads page (Login required).

Configuration directory options

You can update your authentication settings (external key vault or DB) within the accessible configuration directory.

  • If you are deploying an external key vault, the following options are used to map credentials between the Automation Anywhere Control Room and the chosen authentication server.

    UPDATE_KEY_VAULT_CONFIGURATION
    • AWS

      Connect to AWS Secret Manager.

    • CYBERARK

      Connect to CyberArk authentication server.

    • AZURE

      Connect to the Azure authentication server.

    • NONE

      Disable external key vault.

  • If you are using DB for authentication, you can configure these SQL authentication settings:

    UPDATE_DB_AUTHENTICATION_CONFIGURATION
    • WINDOWS

      Change to Windows authentication.

    • SQL

      To change to SQL authentication where user provides username and password.

    • KEY_VAULT

      To change to SQL authentication using external key vault.

주: The client certificate issued to the Control Room for authenticating to CyberArk needs to be in .p12 (pkcs#12) format with the private key.
주: The imported CyberArk server certificate needs to be imported to Java trust store before invoking dbutility commands. The certificate can be in .cer (PEM) format and does NOT contain a private key.

Metrics for UPDATE_KEY_VAULT_CONFIGURATION

The metrics used by the UPDATE_KEY_VAULT_CONFIGURATION action are as follows:

표 1. Key vault configuration metrics
Source→ Destination AWS CYBERARK AZURE NONE
AWS YES NO NO YES
CYBERARK NO YES NO YES
AZURE NO NO YES YES
NONE YES YES YES YES
주:
  • To change KEY_VAULT from one type of vault to another or to NONE, you must first manually set database and service account credentials that are currently being retrieved from the external key vault.
  • To change AWS to CYBERARK or the other way around, you must first change the Source→ Destination setting to NONE.

  • To change NONE from AWS/CYBERARK, database should not be connected on KEY_VAULT.

This utility will prompt the you to provide specific input information based on the options selected above.

For steps to update your key vault settings, see Update key vault configuration.

UPDATE_DB_AUTHENTICATION_CONFIGURATION

WINDOWS
To connect to the DB provided during installation, the utility uses the credentials of the user currently logged in:
SQL
  • Username
  • Password
KEY VAULT
The utility asks the user to provide input based on the key vault and the connected control room.
  1. AWS

    Secret name → Name of the secret created on AWS secret manager of type database credentials or Plain Text with username and password as keys.

  2. CYBERARK

    Safe name → Name of the safe which has the credential.

    Object name → Name of the credential.

  3. AZURE

    Vault URL → The address for the Azure server.

    Client ID → The Azure Client ID.

    Client Secret → Key supplied by Azure to be paired with the Tenant ID and Client ID.

    Tenant ID → The Azure Tenant ID.

  4. NONE
    The utility sends the following exception and exit:
    Key Vault configuration not found
피드백을 보내주십시오