How to Configure a CyberArk Data Source
This article provides detailed steps to set up a CyberArk data source for discovery of CyberArk User, Service, and Vaulted accounts and vaults for that user within the organization.
With the CyberArk integration all credentials needed for the discovery process of any data collection can safely be stored in a safe/vault outside of Hydden and utilized when needed only.
Prerequisites
A CyberArk instance with configured and active Identity Administration Core Services in place. Including a suitable service account with the appropriate permissions configured for the integrations to be used.
Adding the CyberArk Module to a Client
The CyberArk module needs to be added to a configured Client in Hydden to collect data.
- Navigate to Configuration | Discover, select the Clients tab.
- Locate your client for the CyberArk collection, click the Edit button.
- In the Modules field, add the CyberArk Collector module.
- Click Update.
Configure Your Hydden CyberArk Data Source
Login to your Hydden tenant.
To access the data sources page, navigate to Configuration | Discover and select Data Sources or use the data source URL:
https://portal.hydden.com/configuration/data-sources.To add the CyberArk data source, click + Add Data Source.
From the drop-down, under Cloud, select CyberArk.
For Name enter an easy-to-identify name for the data source.
For Hostname use the generic CyberArk URL, usually something like https://yourorganization.privilegecloud.cyberark.cloud.
You may ignore Preset for now.
If you already created your credential via the CyberArk Credential topic, select that credential from the Credential drop-down. If you have not yet created the credential, create it now. Follow the instructions in the linked topic, then come back to this page for the remaining steps.
From the Schedule drop-down, select Every hour or what fits best for your business needs.
Under Site specify the site that your client is installed, it can also be “default” if there is only one client for your organization.
Under the Select Account Mapping Rule Set drop-down, select from the following options:
- Default Rules Only
- Add All Rules
- Add All Default Rules
- Add All Custom Rules
- Manual Selection: Rules need to be selected from a drop-down menu.
Any rules added, can be removed by clicking on the x on the rule name label.
NOTE: Rules need to be set to enabled on the rule add/edit modal to work in your tenant, refer to Account Mapping.
To enable account mapping or owner creation, select the Enable Automatic Account Mapping and Enable Automatic Owner Creation checkboxes respectively. Both options can be enabled at the same time.
In the Automatic Mapping Rules (Match Account to Identity using) field, rules are either automatically populated based on your selection under the Automatic Account Mapping Rules step or you have to manually add rules from the drop-down menu. Any rules added, can be removed by clicking on the x on the rule name label.
From the Automatic Owner Creation Rules (Create New Owner when) drop-down, select which rules you want to use in your environment. Default rules are listed first. Any rules added, can be removed by clicking on the x on the rule name label. Refer to the Owner Creation topic for details.
Example CyberArk Add Data Source modal Click Add to save the data source. You have an option to manually run the data collection via the Run Now button.
At this point, you can run a collection from the Data Sources page and shortly after, you will see your CyberArk accounts listed on the Identity Posture dashboard, in Global Search and the Search Library.