and more in a single search tool across platforms. Read the announcement here. |
01/23/2024 10:43 PM
Hi,
We have use case, we onboarded 20 on-prem servers to CPAM and these on-prem servers is to access through JIT.
Now our query is how to restrict end users to view only specific instance ID when requesting the PAM access through On-Prem Privilege Session. Currently all users are able to see all on-prem instance id which we onboarded to CPAM.
Thanks,
Diwakar.
01/25/2024 07:20 AM
01/29/2024 01:40 AM
Hi @Diwakar,
Could you please provide more context or specifics about your business use case? This will help me tailor the detailed information to your specific needs and requirements.
01/29/2024 01:51 AM
Hi @DixshantValecha Main context is lets say we onboarded 10 servers to CPAM. Now these 10 servers are showing under Privilege session to request for PAM access. Now our requirement is not all users should see these 10 servers under their Privilege Session list when requesting for PAM session.
Currently in my case, whoever end users logging to IGA they can request and see all 10 servers which were onboarded to CPAM.
Hope that clarifies! Please suggest.
Thanks,
Diwakar,
01/31/2024 12:00 AM
Hi @Diwakar,
01/31/2024 12:04 AM
Hi @Diwakar,
Please refer the below mentioned documents for detailed information on Accesss Query.
We have created a sample query for your reference as well
SELECT
ep.endpointkey AS ENDPOINTS__PRIMARYKEY,
'FIREFIGHTERID,Service Account' AS ENDPOINTS__ACCOUNTTYPEFORSERVICEACCOUNT
FROM
Endpoints ep
WHERE
ep.ENDPOINTNAME = 'Cred_Vault_App_Admins'
AND ep.endpointkey NOT IN (
SELECT
endpointkey
FROM
PrivilegeSessionList
WHERE
UserID IN (
SELECT
UserID
FROM
Users
WHERE
-- Add conditions to filter out users who should not see the servers
-- For example, you can use user roles or groups here
-- Example condition: role != 'Restricted Role'
)
);
Please validate and let me know if further details are needed on this.