Customize the secret naming convention (optional)

Secrets Hub uses the secret name as a unique identifier when performing a sync process. As such, the secret name is a crucial element in the sync process, as it maps the secrets between CyberArk PAM to AWS Secrets Manager or Azure Key Vault.

By default, the name of the secret in AWS Secrets Manager or Azure Key Vault is made up of the PAM Safe and CyberArk account names. This convention can be inconvenient if you already have secrets defined in AWS Secrets Manager or Azure Key Vault and you do not wish to change their name. Retaining the secrets' original name makes it easier for the DevOps who use these secrets.

To retain the original secret name as defined in AWS Secrets Manager or Azure Key Vault you need to import a custom Secrets Hub platform into PAM .

You must have CPM to use this capability.

Required permissions in Privilege Cloud

You need the following permissions to perform this task:

Task	Required permission
Create a custom name for the secret	Admin permissions to import and edit platforms

Step 1: Import the Secrets Hub platform

Download the platform from Marketplace, and follow the instructions in Import a platform.

Step 2: Add the secret name property to the relevant platforms

The Secrets Hub platform that you imported includes a property named SecretNameInSecretStore. Now that the property is in PAM, you can add it to all the platforms that are associated with the CyberArk accounts that will hold your secrets.

Edit the relevant platform as described in Edit a platform, and add the SecretNameInSecretStore property to the platform. Enter the following display name for the property: Secret Name In Target Secret Store.

when creating the new account in Privilege Cloud, make sure that the value in Secret Name In Target Secret Store is identical to the secret name in the target secret store. This name replaces the default naming convention.