The Credential Vault is the Automation Anywhere secure storage container that is available to Enterprise A2019 users. It should be employed for the secure storage of any sensitive data that is used by a bot. Encryption keys for the vault are automatically generated during control room setup and are presented to the administrator for offline storage.
From within the control room, credentials can be maintained, created, and shared. Lockers and other grouping mechanisms can be used to limit and regulate access to individual users or processes for each individual or group of credentials. Once the credentials have been set up, they will be available to Automation Anywhere client users as variables.
There are many compelling benefits. Credential Vault:
The Credential Vault also ensures credentials are managed securely and never stored in a plaintext manner and not hardcoded into bot source code (for attackers to find and read).
There are a number of steps required to establish proper access control restrictions before you can use the credentials in the Automation Anywhere client.
After these steps are completed, you will be able to access the credentials from the Automation Anywhere client. Here are the steps in more detail:
Step 1 – Creating a new role
As a Control Room administrative user, navigate to the Administration -> Roles -> All roles -> Create Role menu option. Select a name for your new role.Be sure to select the “View and edit ALL credentials attributes value” permission.
Create the new role.
Step 2 – Assign role to bot designer
After creating the role, assign it to the bot designer user by editing the user (Administration -> Users -> Edit User). While you are at it, provide the bot designer user with the AA_Locker_Admin user role
Note: Only users with “AAE_Locker_Admin” role have the ability to create and manage lockers. If the bot designer user will not be responsible for these functions in your organization, assign the role accordingly to the correct user.
Step 3 - Create a locker
Create a locker for the credentials to reside in and share that locker with the users who have the newly created role.
Assign the desired credentials to the locker.
Ensure that your user and any other necessary users are granted access to the locker as owners, managers, or participants.
In the consumers section, ensure that the newly created LockerConsumer role is assigned to this locker. Finish by creating the locker.
Once the credentials have been set up in the Control Room, and the locker with permission has been properly provisioned, they will be available for use in bots. The credentials can be added to the bots by creating a variable within the bot, or by selecting the option to add a credential in the actions when the option is available.
When adding a new bot action, navigate to the action you wish to invoke and pick the “Select a credential” option to add the credential as is.
Now you can manage your credentials securely and minimize the possibility of fraud.
READ ABOUT OUR SECURITY