Setting up the CyberArk vault system
The CyberArk administrator must set up and configure the CyberArk vault server. For detailed information, see the CyberArk documentation.
Use this workflow to set up theCyberArk vault system.
- Verify that your databases are supported by CyberArk for automatic password provisioning. If your database is not supported, you can continue to store your credentials on CyberArk. However, the passwords are not automatically provisioned.
- Set up a vault in the CyberArk vault server.
- Set up one or multiple safes within the CyberArk vault.
- Populate the safe with the CyberArk objectnames (Guardium® datasource names) and their respective passwords.
- Create a group and make it the owner of the safe. All safes inherit the group's permissions automatically.
- Create a CyberArk application ID by using the CyberArk web console and grant the necessary permissions. For more information, see Creating an application ID on CyberArk. This application ID is used to configure CyberArk on your Guardium system.
- Provide the following information to the Guardium system administrator:
- Vault host name or IP address
- Vault user name
- Vault password
- Standby vault server IP address list, if any
- Group name, Application IDs, corresponding safe names, and folder names
- CyberArk objectnames