Adding Accounts to CyberArk Safes
This section describes how to add accounts to the CyberArk Safes that have been created for use by platform applications.
The two accounts that would typically be added to a CyberArk Safe would be:
An account to store ConfigDB credentials. This would be added to the Policy Manager Safe.
An account to store Token Vault credentials. This would be added to each Safe that has been created for Policy Manager Teams to access a JDBC Token Vault.
For general information about how to add accounts in CyberArk, see CyberArk Account Management Guide.
The following dialog box shows the details that need to be added for an account that is added to a CyberArk Safe:
 |
Note
When adding the account, select the Customize account name button so that you can specify the name of the account that is created in CyberArk.
The following dialog box shows the details of an account that has been added to CyberArk:
 |
The Account name is used when defining the account in the application.properties file to retrieve the credentials from CyberArk.
For example, the following entry would be used to define the above account in the platform:
agrotera.database_password.secret_descriptor=Safe=ManualTestSafe;Object=Database-Local-Config-DB
For more information, see CyberArk Descriptor Format.